Release Notes for the Cisco SIP Proxy Server (SPS) Version 2.2.1.11
February 24, 2005
Cisco SIP Proxy Server Version 2.2.1.11
OL-5875-01 Rev. A2
This document lists the known problems in the Cisco SIP Proxy Server (SPS) Version 2.2.1.11 and contains information about the Cisco SPS that was not included in the Cisco SIP Proxy Server Administrator Guide. These release notes contain updated information from Cisco SIP Proxy Server (SPS) Version 2.2.1.10.
Contents
These release notes describe the following topics:
A cumulative list of all new and existing features supported in this release, including platform and software image support, can be found in Cisco Feature Navigator at the following link:
To access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL: http://www.cisco.com/register.
Open Caveats—Cisco SIP Proxy Server, Version 2.2.1.11
This section documents possible unexpected behavior by the Cisco SIP Proxy Server, Version 2.2.1.11
Table 3 Open Caveats for the Cisco SIP Proxy Server, Version 2.2
DDTS ID Number
Description
CSCdr26023
Comments not supported in header value
Problem Description: SPS does not support comments embedded in sip header. However, from SIP RFC:
Comments can be included in some SIP header fields by surrounding the comment text with parentheses. Comments are only allowed in fields containing "comment" as part of their field value definition. In all other fields, parentheses are considered part of the field value.
ctext includes all chars except left and right parentheses and backslash. A string of text is parsed as a single word if it is quoted using double-quote marks. In quoted strings, quotation marks (") and backslashes (\) need to be escaped.
Problem Description: SPS doesn't support headers in sip URL. From RFC 3261, headers are an option component of a SIP URI.:
•Headers: Header fields to be included in a request constructed from the URI.
•Headers fields in the SIP request can be specified with the "?" mechanism within a URI. The header names and values are encoded in ampersand separated hname = hvalue pairs. The special hname "body" indicates that the associated hvalue is the message-body of the SIP request.
Problem Description: Each time the server is started a file named "fileXXXXX.sem", where XXXXX is a random string is created in the "/tmp" directory. This causes no operational problems but the administrator may want to occasionally delete them to eliminate clutter.
Recommended Action: There is no workaround.
CSCds52504
Misleading syntax error message when sipd.conf is wrong
Problem Description: When there is a syntax error in the sipd.conf config file, the line number is reported incorrectly. It always shows the last line of the config file instead of the line number where the error actually occurred. An example of such a config error would be an illegal value given for a valid directive.
A related problem is that only the first syntax error in the configuration file is reported.
Recommended Action: There is no workaround other than correcting the misconfiguration.
CSCds53849
CSPS: sipdctl configtest does not detect all syntax errors
Problem Description: The "sipdctl configtest" command does not accurately detect all syntax errors. Also an incorrect line number is reported when a syntax error is detected. Possible errors that are not detected include illegal values given in non-boolean directives.
Conditions: Run "./sipdctl configtest" with an invalid sipd.conf file.
Recommended Action: The sipd.conf configuration file can only be verified by successfully loading the server.
CSCds56981
CSPS: Start Sip_Services after a Farm DBs Old entries are deleted
Problem Description: If the proxy server has been down for more than the Cisco_Routing_Max_DB_Age_on_Boot or Cisco_Registry_Max_DB_Age_On_Boot, the ServerRoot/logs/*.db files will be removed/cleaned. Otherwise, these values might actually get re-used if a farm member tries to sync.
Recommended Action: There is no workaround.
CSCds75715
CSPS: sipdctl start: sipd started message is misleading
Problem Description: When starting SPS from the graphical user interface (GUI) or command line, it is possible to see "sipdctl start: sipd started" when in reality sipd was not able to start correctly.
Conditions: This can happen for a number of reasons, including a failure to allocate enough shared memory or corrupted databases.
Recommended Action: Manually check that sipd started successfully by looking at the error_log file and/or running the command "ps -ef | grep sps" to make sure there are the correct number of sipd processes running (the default is 7).
Description: Server child processes have no means to communicate failures of external entities to the other child processes.
Conditions: A failure of an external entity (e.g., RADIUS, DNS, subscriber db), is not communicated to all child processes.
Problem Description: Server performance can drop significantly, depending on the number of child processes executing.
Recommended Action: Reducing the number of child processes is the only was to alleviate this problem.
CSCdt35294
Add Registry/Routing Code changes to support TEL URL
Problem Description: Proxy parses tel Urls completely based on the rules specified in RFC 2806. At this point, there are no routing changes based on tel: URL additional fields.
Conditions: For example, in "tel:1111;phone-context=919;phone-context=456", only 1111 is used for routing the call like in sip: URL, not the additional fields. And tel URL is transformed to a sip: Url as follows:
sip:1111@whatever-proxy.com SIP/2.0
RecordRoute:<sip:1111@whatever-proxy.com;parameters including phone-context>
Recommended Action: At this point, there is no intelligence to change the number from "tel:555XXXX;phone-context=919" to "tel:+1-919-555-XXXX".
CSCdt50814
CSPS: Log file check and verification needed for proxy server
Problem Description: When the CSPS is started, it writes the logs to the error_log and access_log files in the logs subdirectory by default. The log files can be deleted manually while the server is still running, the CSPS will continue to run but no logs will be logged due to the deletion of the log files.
Recommended Action: After the deletion of the log files, one can (graceful) restart the server so new log files can be created and server can then continue the logging process.
CSCdt87934
CSPS: Proxy will crash if SharedMemorySize too little for call rate
Problem Description: The CSPS proxy can crash if it is not configured with enough shared memory to handle the call rate.
Recommended Action: This problem can be resolved by increasing the value of SharedMemorySize directive in sipd.conf file. To configure the total usable shared memory segment size on Linux or Solaris platform, please follow the instructions in the README.cisco file.
CSCdu00398
User agents on same box/different port disallowed
Problem Description: Proxy will not terminate calls to a user agent running on the same box but different port.
Conditions: Setup a testcase when there is another SIP entity running on same box where SIP proxy is running (on different port), and try to make a call that has that SIP entity in the call path.
Recommended Action: User agents should be running on a different machine than the proxy.
CSCdu69703
CSPS: Accounting with XACCT Radius not working properly
Problem Description: If accounting is enabled on CSPS, the session-id for START and STOP records is populated with SIP Call-Id, which is needed so that it is possible for the Radius/billing server to correlate the STOP with the appropriate START. For accounting to work correctly, the back end Radius/billing server must be able to accept and correlate START/STOP records with duplicate session-id values. In the case of the XACCT Radius server, XACCT does not respond at all to records with duplicate session-ids. As a result, CSPS blocks waiting for a response. Eventually, CSPS times out and continues processing the call; however, if enough concurrent calls are placed, it is possible that all of CSPS's processes will be blocked waiting for Radius responses and call processing will effectively stop.
Conditions: Accounting is enabled and the backend Radius server does not respond to RADIUS request records with duplicate session-ids.
Recommended Action: Disable accounting or use a backend Radius server, such as Livingston, which supports the reception of multiple Radius records with the same session-id.
CSCdu82119
CFLAGS does not cover all include directories
CSCdv34778
CSPS: CFNA timers not reset if BYE sent instead of CANCEL
Problem Description: When a call is made to a IP phone registered to CSPS which has a Call
Forward No Answer (CFNA) entry in MySQL, if the caller hangs up on the call during the ringing phase before it is answered, the behavior of CSPS is dependent on the IP phone sending a CANCEL before/instead of sending a BYE.
1. If CANCEL is sent when the caller hangs up, the call is terminated without any problems.
2. If BYE is sent instead of CANCEL, CSPS keeps the CFNA timer running and this leads to an INVITE being sent by CSPS to wherever the user has CFNA configured after the timer expires. This may lead to a phone ringing suddenly out of the blue when no call is being made.
Conditions: This is an issue only in the following circumstances:
1. CFNA is being used
2. The SIP client originating the call does not send a CANCEL when aborting an attempted call, but sends only a BYE instead.
Recommended Action: There is no workaround.
CSCdv54154
CSPS: Proxy returns 400 Req-URL is bad when rec tel url w/cic parm
Problem Description: When handling a SIP INVITE with a tel URL containing the cic parameter, the proxy returns "SIP/2.0 400 Request-URI is bad". If should convert the tel URL to its equivalent sip URL.
For example, the following INVITE:
INVITE tel:+19195550001;cic=1234 SIP/2.0
results in a 400 response from the proxy.
Conditions: This problem occurs whenever the proxy receives a tel URL containing a parameter it does not explicitly support.
Recommended Action: There is no workaround.
CSCdw94123
CSPS: Cannot rename MySQL db fields if using provisioning
Problem Description: In sipd.conf, it is possible to re-map the MySQL subscriber database field names from the default names used by the MySQL installation script to new values which may be preferred. One reason to do this is perhaps because the customer already has an existing MySQL subscriber database and wants CSPS to use it. In this case, CSPS will read and use the new field names specified in sipd.conf.
The problem is that if the customer is using provisioning, the provisioning graphical user interface (GUI) will not read sipd.conf, nor will it use the new field names. Rather, it will ignore any new field names and use the default names which match those used by the MySQL install script.
Conditions: This is an issue only if the customer is using CSPS with Provisioning and has an existing MySQL database which they wish to use rather than using the MySQL installation script to create a new database. If the existing database has different names for the MySQL table fields than those used by the Provisioning system, new subscriber information entered using the provisioning GUI may not be accessible by CSPS.
Recommended Action: There is no workaround.
CSCdx61275
CSPS: SNMP: Error message in csps_ciagent_install
Problem Description: When installing ciagent, error messages are displayed
setany $Version $Agent $User \ smLaunchControl.$LOwner.$LName abort Error code set in
packet - INCONSISTENT_VALUE_ERROR: 1. setany $Version $Agent $User \
smScriptAdminStatus.$SOwner.$SName disabled Error code set in packet -
INCONSISTENT_VALUE_ERROR: 1. setany $Version $Agent $User \
smScriptRowStatus.$SOwner.$SName destroy smScriptRowStatus.1.65.1.66 = destroy(6)
These error messages logged from running the script "smPopScript" when installing CIAgent for the first time on a system are benign and are due to the fact that it is trying to remove an item that does not exist in the script MIB table. As far as all the other subsequent "setany" commands are executed successfully, the "smPopScript" is considered to finish its job well.
Recommended Action: There is no workaround.
CSCdx66179
CSPS: SNMP: sappagt is taking 100% cpu for a few minutes at startup
Problem Description: sappagt is taking 100% CPU when starting ciagent. This is fine, since we don't plan to restart ciagent frequently. Response from vendor: "Both the sappagt subagent and the hostagt subagent show high CPU utilization upon startup because they both must retrieve a large amount of information from the system, to initialize the tables they support. Once these tables are initialized, the utilization will go down. This is not abnormal behavior."
Recommended Action: On a Linux machine that has a lot of packages or software installed, the System Applications Monitor (sappagt) may take 100% CPU for a few minutes at startup. If you think this is not acceptable, you can disable this subagent from being invoked by removing its name, sappagt, from the "ciagent" script file under /usr/local/ciagent directory on your Linux machine and restart ciagent.
CSCdx67593
CSPS: MySQL Subscriber table needs to be CASE SENSITIVE to USER info
Problem Description: MySQL sees "tdeleon" and "TDELEON" as the same. As a result, CSPS accesses MySQL for Authentication & Call Forwarding info for a single entry which is incorrect. And MySQL will not allow another entry.
Conditions: I was testing our SIP products for CASE Sensitivity to the USER portion of the SIP URI and I have noticed that the CSPS, Phones, and Gateways recognize the differences between "tdeleon" and "TDELEON". One issue that I did see was with MySQL.
Recommended Action: There is no workaround.
CSCdx78228
CSPS: TCP on solaris using too many fds for reuse=off
Problem Description: Transmission Control Protocol (TCP) calls are not accepted/connected by proxy
Conditions: When TCP services are not configured to reuse the TCP connections, the proxy can run out of file decriptors because OS may not free the file descriptors immediately. this happens when proxy is connected with other SIP entity on Solaris or Linux, however with Cisco gateways the connections are closed immediately.
Recommended Action: When configuring the system, if proxy is expected to connect with Solaris or Linux based SIP entities, it should be configured to reuse the TCP connections.
CSCdx83047
SNMP critagt sends trap with sipds child process id
Problem Description: The Solaris version of the critagt (Critical Applications Monitor) subagent sometimes reports critAppUp traps with one of sipd children's process id. The vendor explained that is because the critagt always try to get and monitor the first process id in the process table that matches the specified application name. However, since on Solaris the first process id that matches sipd is not always the master/parent sipd, but rather likely one of the child sipd's. We really want to monitor master sipd's status, so we want the vendor to fix/improve their handling of process ids in critagt. This doesn't seem to be a problem on Linux, since the first process id seems always to be the master sipd's, and the traps correctly report that.
Recommended Action: There is no workaround.
CSCdx88304
CSPS: GUI does not allow input of &, >, < in any field
Problem Description: Data entered into any field through the graphical user interface (GUI) may not not contain any of the characters &, < or >. The GUI will reject any data with these characters and prompt for it to be re-input.
Recommended Action: There is no workaround.
CSCdx91876
CSPS does not convert a tel: url to a sip: url correctly
Problem Description: CSPS provides only limited support for the tel URL. Essentially, it translates the tel: URL into a sip: URL, then handles the message based on the sip: URL. The translation performed is as follows:
Conditions: The tel to sip URL conversion will be a problem if the URL contains additional parameters other than a global phone number.
Recommended Action: There is no workaround.
CSCdx95989
CSPS: sysadmin_csps_regroute takes 97% CPU when window closed
Problem Description: Closing the window in which the sysadmin_sps_regroute is running, rather than exiting cleanly using the 'Q', 'q', or 'Ctrl-C' command, will cause the sysadmin_sps_regroute to take 97% CPU time.
Recommended Action: The workaround is to not close the window prior to exiting the tool, however, once in this state, you can stop the process with either SIGINT or SIGQUIT signal.
CSCdy01790
CSPS: CIAgent: Dr-Web on Linux Make Changes button not working
Problem Description: On Linux, when using dr-web to make changes to the critical application monitor and clicking on "Make Changes" button, sometimes the change does not take place until the user clicks on the "Reload" button on the web browser.
Recommended Action: Click on the "Reload" button on the web browser to make the changes reflected in CIAgent.
CSCdy02296
CSPS: when recovering from a split netwrok, some registrations lost
Problem Description: In the event of a split network, it is possible that each farm member will separately accept new registrations. When the networks join, a sync is performed; however, the sync is performed based which member accepted the most registrations rather than as a merge. As a result, some registrations may be lost. For example, if there are farm members P1 and P2: The registration database prior to let split contains entries for a,b,c. A network split occurs. P1 accepts new registrations for d,e,f P2 accepts new registrations for g,h The networks join. P1's view of the world is inherited by P2, so the registry is: a,b,c,d,e,f; and g,h are lost.
Conditions:
1. 1) There must be a farm of 2 or more servers with registration farming enabled.
2. Clients must be configured to load balance or failover between the servers.
3. A split network must exist for a period of time, and during that time more than one server must accept one of more registrations.
Recommended Action: Configure the servers as primary and secondary such that all clients register with the same server at any point in time. This requires that the clients do not experience the split with some seeing only the primary and some seeing only the secondary. This may or may not be possible.
CSCdy05591
CSPS: Too many open files with persistent TCP connection
Problem Description: Transmission Control Protocol (TCP) calls may fail with error message "socket: Too many open files".
Conditions: When proxy is connecting with other Solaris or Linux based SIP entities, it may run out of file descriptor even with the persistent connections. 1000 concurrent TCP connections is the supported limit.
Recommended Action: There is no workaround.
CSCdy05850
CSPS: MySQL wont install if SNMP just started
Problem Description: MySQL installation fails with the error message:
"cannot get exclusive lock on /var/lib/rpm/Packages"
Conditions: This happens when MySQL installation is started just after starting ciagent. The problem is that when ciagent starts, it gets an exclusive lock on /var/lib/rpm/Packages. MySQL installation also needs this lock, therefore MySQL installation will fail.
Recommended Action: When starting ciagent, wait for about 30s before installing MySQL.
CSCdy07416
CSPS: escaped characters in URIs are not handled
Problem Description: A customer ran into a problem with this specifically when dealing with tech prefixes. The problem was that the '#' character was inserted in the Request URI and To headers by the GW in the INVITE is sends to SPS. SPS can strip the '#' from the Request URI, but not from the To. SPS also includes the '#' in its Record-Route header. The fix is to have the GW escape the '#' as "%23" wherever it appears. Now SPS needs to be able to translate from escaped to non-escaped for the LRQ.
Currently SPS treats escaped characters within URIs no differently than any other character. It parses them fine, and is able to store them (e.g. in the registry db) and pass them along, but it doesn't convert them from escaped to non escaped when it should.
At a minimum to solve this problem, a solution is to have the GW makes code changes to escape the '#' character in all urls before sending the INVITE to the proxy. SPS will need to modify the remote access server (RAS) module to unescape the %23 before constructing the LRQ.
As for fixing this in general, it is legal for URLs to escape any characters it likes, meaning that SPS could receive %31%32%33%34 in the username which should be interpreted as "1234" for number expansion, accounting, routing, etc.
Recommended Action: There is no workaround.
CSCdy29642
CSPS: Regroute cannot parse DOS formatted sipd.conf file
Problem Description: Open a valid sipd.conf file using Wordpad and save it. This will reformat it into DOS format. Try to use sysadmin_csps_regroute tool and you will get the following error:
: No such file or directory
Recommended Action: Convert sipd.conf back to UNIX format, or use the graphical user interface (GUI) to create a new sipd.conf.
CSCdz20402
CSPS: tcp to udp translation is not 99.999
Problem Description: The call success rate for Transmission Control Protocol (TCP) to UDP translation calls is not 99.999%
Conditions: When proxy is doing translation of transport between TCP and UDP, some of the calls may fail.
Recommended Action: There is no workaround.
CSCdz23707
CSPS: proxy retransmits non-local non-2xx over TCP
Problem Description: SPS retransmits non-local non-2xx responses over Transmission Control Protocol (TCP). According to the standards, this retransmission is not supposed to happen; however, it will not cause any problems.
Conditions: If the client on the TCP connection does not send an ACK for non-200 response, then SPS starts to retransmit the final response, similar to UDP behavior.
Recommended Action: There is no workaround., but the retransmission may be safely ignored.
CSCea25188
CSPS: Add/upgrade w/ GUI resets farm member specific data
Problem Description:
1. CSPSConfConvertor does not push the original member specific data for each farm member into MySQL, because CSPSConfConvertor reads from only one sipd.conf file and does not have access to the member specific data in the other sipd.conf files. So all member specific data is reverted back to their default values.
2. csps_setup always writes the per farm member specific data with defaults. Therefore any original member specific data will be replaced with defaults.
Conditions:
1. When adding the GUI to configure sipd.conf.
2. When upgrading to SPS 2.1 and currently using the GUI to configure sipd.conf.
Conditions: The farm data is an xml blob that contains a list of Farm members plus the member specific data such as "host", "port" (default 5060), "ip in path headers" (default <empty>), "in registry farm" (default On), and "in routing farm" (default On).
Recommended Action: Write down the old farm member specific data before adding a GUI or upgrading to SPS 2.1. After adding the GUI or upgrading to SPS 2.1, manually reset the farm member specific data accordingly.
CSCea30173
CSPS: /etc/init.d/mysql: @HOSTNAME@: not found
Problem Description: When using "/etc/init.d/mysql stop|start", the following error appears:
/etc/init.d/mysql: @HOSTNAME@: not found
This occurs when directly running this command, or indirectly running this comand via csps_setup (and install_mysql_db), uninstall_mysql_db, and after a reboot.
Recommended Action: None. However, you can simply ignore this error message, since it does not affect anything.
CSCea58230
Static routes do not support . in middle of dest pattern
Problem Description: SPS allows wildcarded digits in the destination pattern of static routes in the form of a '.' character. For example, 5... as a destination pattern means any 4-digit number beginning with a 5. However, SPS does not support wildcarded digits followed by non-wildcarded digits. For example, the following are not supported:
5..5
.555
55.5
...5
Recommended Action: There are two options:
1. Use a less restrictive destination pattern which does not require embedded wildcard digits. For example, each of the problematic destination patterns above could be made less restrictive as follows:
5..5 -> 5...
.555 -> ....
55.5 -> 55..
...5 -> ....
2. Use multiple more restrictive destination patterns which do not require embedded wildcarded digits. For example: .555 -> 0555, 1555, 2555, etc.
CSCea62799
SPS: error handling after receiving data from DNS request
Problem Description: SPS receives an INVITE for a number for which it is configured with a static route:
next-hop: sip-gateway.foo.bar port : 0
So SPS appropriately performs an SRV query for sip-gateway.foo.bar. Then, the SPS performs an A query as expected and gets information back from the DNS Server, but fails to forward the message:
[Mon Mar 31 15:49:28 2003] sip_sm.c(2001) "SRV" Query for sip-gateway.foo.bar
successful,Got 1 records.
[Mon Mar 31 15:49:28 2003] sip_sm.c(2030) "A" Query for sip-gateway.foo.bar successful,
Got 192.168.2.2
But then SPS does not send forward INVITE, and instead prints the following error in the error log:
[Mon Mar 31 15:49:28 2003] PID(32608) apr_socket_write() failed,
Error string Invalid argument
The problem is the SRV query returns the hostname of the gateway with the port of 0, rather than 5060 or some other valid port. As a result, the sender of the INVITE is left waiting until the request times out. Rather, SPS should return a 503 for the transport error.
Recommended Action: None, however, if DNS is configured correctly, this issue can be avoided altogether.
CSCea66342
RFC 3261 compliance, do not send CANCEL if no provisional response
Problem Description: A proxy should not send a CANCEL for an INVITE for which it has not received a provisional response, but SPS sends CANCEL for all branches associated with the INVITE regardless of whether or not a provisional response has been received.
Conditions: SPS received an INVITE and forwarded it to one or more downstream entities. It then receives a CANCEL and forwards the CANCEL to any downstream entities from which it has not received a final response, including those from which it has not received any provisional response. According to RFC 3261, the CANCEL should not be sent unless a provisional response has been sent.
Recommended Action: There is no workaround. This bug does not effect the functionality of SPS. This was allowed in RFC 2543 but leads to potential race conditions.
CSCea82993
Cannot redirect output of sysadmin_csps_regroute to a file
Problem Description: Attempts to redirect the output to a file fail. Example:
Recommended Action: Use expect scripts rather than redirecting the output.
CSCea91984
ControlCSPS on 2 servers checked only unchecks one
Problem Description: In certain situations in the Proxy Control screen, only one of two servers becomes unchecked after a Graceful Restart.
Conditions: This has only been observed on Windows. In the ProxyControl screen check both servers in the farm and make sure the bottom one is highlighted. Click the Graceful button. Only one of the servers becomes unchecked. The other one stays checked. Note that if the top server is highlighted, both servers become unchecked. Also note that the Graceful Restart will have been performed.
Recommended Action: Make sure that the top server in the table is highlighted instead of the bottom one to prevent the situation. Should the scenario occur, the checkmark will be cleared if the window is redrawn. Simply minimize and reopen the window or the user can click on the affected row.
CSCeb05010
SIP client diverts not working properly (double diverts not working)
Problem Description: Multiple redirects not working properly. When inserting Diversion headers SPS does not order them properly. New Diversion headers are always added last rather than first. This may cause undesired or unexpected results with respect to call completion, voice mail, and/or billing for calls involving multiple diversions.
Conditions: Using SPS with the following feature set:
SPS configured as a stateful, recursive proxy CFNA, CFB, CFUNV features enabled AddDiversionHeader enabled
A call flow involving multiple call forward invocations by SPS on the same call.
Recommended Action: There is no workaround.
CSCeb05745
SPS: pserverctl needs to stop Sip_Services
Problem Description: If using pserverctl rather than the sip script to stop or restart the pserver, the Sip_Services process will not be restarted or stopped, but will continue to run.
Conditions: For custom setups where pserver is the only Cisco SPS process running on the farm member, and pserver is being restarted in order to change the farming configuration.
If the farm configuration is changed, and Sip_Services continues to run without itself being restarted, then that Sip_Services can seriously degrade the performance of the farm, either by trying to connect to a missing farm member, or by causing unnecessary data synchronization between farm members.
Recommended Action: If possible, use the /etc/init.d/sip script to restart and stop SPS. Otherwise, when you need to restart the pserver via pserverctl, do a pserverctl stop first, then kill the Sip_Services process, the issue a pserverctl start.
CSCeb21352
With reuse off and record route on, run out of tcp connections
Problem Description: Under high Transmission Control Protocol (TCP) traffic SPS may run out of TCP connection limit of 1000 soon.
Conditions: When AddRecordRoute flag is On, and the SipTcpReuseConnection flag is Off, then some of the TCP connections take longer to get freed.
Recommended Action: Decrease the value of SipMaxT3InMs, which is used to detect timeouts for idle connections.
CSCeb27053
CSPS: Wait Timer remains after edit multiple entries
Problem Description: After performing an Edit or Add within a table in the Cisco SPS graphical user interface (GUI), the wait cursor does not change back to the default cursor.
Conditions: Can occur when editing multiple records at once.
Recommended Action: The user need only move the mouse cursor to the top menu bar of the GUI or off of the GUI completely and back on to restore the default cursor.
CSCeb27117
SPS: proxy does not handle failover for ACK messages
Problem Description: When the next hop in the ACK's route list is not reachable, proxy is not able to failover to the alternate DNS records, unlike other SIP requests.
Conditions: This happens when the next hop is not reachable from the default n/w interface, but it uses the alternate n/w interface to retransmit the 200 OK, which result in the upstream user retransmitting the ACK.
Recommended Action: There is no workaround.
CSCeb38768
Error seen when exiting CiscoSPS GUI on Windows OS
Problem Description: When closing the graphical user interface (GUI) installed on a Windows 2000 PC, the following log is generated in ./logs/pserver_log:
# tail -f ./logs/pserver_log
ERR : transport/Connection.cxx:257 Failed to read data, reason:Connection reset by peer
This error is not seen when using the GUI installed on Linux or Solaris.
Recommended Action: The error message is non service affecting and can be ignored
CSCeb44311
Client side STOP not generated if no 487 is received
Problem Description: When a 200 to CANCEL is received on a branch but no 487 ever comes back from the downstream, SPS will not be able to generate a client side STOP record for that branch.
Recommended Action: If the canceled branch is the only branch or the best branch to return response upstream, a 408 response will be returned upstream when the original INVITE request finally times out in SPS, and the user can gather some information from the server side STOP record instead.
CSCeb49412
CSPS: Toggling Virtual Proxy Host on/off can cause duplicate records
Problem Description: Cisco SPS has virtual proxy host enabled, and two registrations with the same user id but different domains have been entered, i.e. user id: 3000, domain: foo.com and user id: 3000, domain: bar.com.
If virtual proxy host is then disabled in SPS, it appears as if there are duplicate records for the 3000 user. If one of these records is then changed, the database starts behaving badly.
Recommended Action: Once virtual proxy host is enabled, do not disable it.
CSCeb61814
GUI dynamic column resize sometimes fails
Problem Description: One column of a table can stretch across the entire viewable area of the graphical user interface (GUI). The user must move the slider bar to see the other columns.
Conditions: Sporadically, after performing an action in the GUI, a column may fill up the viewable area of the GUI and cause the other columns to be pushed to the side.
Recommended Action: Click on the Refresh button or click on the column header to resize the columns.
CSCeb71070
CSPS: Changing UseVirtualProxyHost from Off to On causes conflicts
Problem Description: Turning the 'Use Virtual Proxy Host' directive from On to Off can cause several problems.
1. Phones using entries with a Domain Name previously set to a Virtual Proxy Host before the 'Use Virtual Proxy Host' directive was turned Off can no longer be called.
2. Entries with a Domain Name previously set to a Virtual Proxy Host before the 'Use Virtual Proxy Host' directive was turned Off can no longer be edited or deleted via the graphical user interface (GUI).
3. Entries which were unique before the directive was turned Off may no longer be unique.
4. The Domain Name column is empty.
Conditions: The database uses the Registry entry's 'Domain Name' as one of the key fields for identifying unique registry records. When the directive is On, the database stores the value of each Registry record's domain name and retrieves it when requested. When the directive is turned off the database no longer uses the stored value, but instead, uses the current value of the 'Proxy Domain' directive.
When attempting to access records, the Proxy Domain is used. Since this does not match what is stored in the database, the records which have domains which do not match the Proxy Domain can not be accessed.
Recommended Action: Recommendation is that you leave 'Use Virtual Proxy Host' set to On. If you no longer wish to have any Virtual Proxy Hosts, delete all of them from the table, but leave 'Use Virtual Proxy Host' set to On. If you must turn it Off for some reason, follow the steps below.
Before turning 'Use Virtual Proxy Host' Off, the user should prepare the existing Registry records. Manually change the Domain Name for each Registry Record to match the Proxy Domain. Verify that this does not cause two records to become the same. If so, assign a new user ID to one of them or change one of the other values such that the records remain unique. If a record is no longer needed, delete it.
If the database is large, this can be done more quickly using the export/import functions under the GUI's Operations menu. Export the Registry database into a comma separated value (CSV) file using the GUI's export command. Open the saved file in Microsoft Excel and modify the Domain Name column so that all entries are set to the Proxy Domain. Import the modified CSV file back into Cisco SPS using the GUI's import command.
If these steps were not followed before turning 'Use Virtual Proxy Host' from On to Off, simply turn it back on and follow the steps above before turning it off again.
CSCec03170
Support multiple Proxy-Authorization headers in INVITE
Problem Description: When multiple Proxy-Authorization headers are present in an INVITE and authentication is turned on, SPS can't handle these Proxy-Authorization headers and sends back 407.
Recommended Action: Only configure one SPS do authentication so that only one Proxy-Authorization header is present and necessary to pass authentication check.
CSCec24660
SPS: Timestamps in error_log do not correspond to servers date & time
Problem Description: The timestamps in the log files are always in GMT rather than in the time format configured on the machine.
Recommended Action: There is no workaround.
CSCec24701
SPS: Registry Cleanup Interval does not remove expired registration
Problem Description: The Registration database is not periodically purged of expired registrations regardless of the value set in the Registry Cleanup Interval directive.
Conditions: Allow a registration to expire or manually change a registered entry's registration time so that it is expired. It will not be removed from the database unless it is called or manually removed.
Recommended Action:
1. Calling a registered user who's registration has expired will cause the registration to be aged out and removed from the database.
2. Manually run the sip/bin/sysadmin_sps_regroute tool. Follow the menus and list all of the registry entries. This will cause the expired registrations to be removed from the database. This can also be done on the command line by typing ./sysadmin_sps_regroute -l -m registry To have this be performed automatically, set up a cron job on the machine the proxy is running on to run the following command: ./sysadmin_sps_regroute -l -m registry
3. Using the provisioning graphical user interface (GUI), display all of the registrations. The expired registrations will have their Expiration time shown in the color red. Click on the column header to sort on the expiration time. Manually delete the expired entries. Note, make sure the time and date on the machine running the GUI matches the time and date of the machine running the proxy as this is used to change the expire time color to red.
CSCec61373
Need to validate contents of Contact_Age
Problem Description: Entering an invalid value for the Contact_Age field of a static registration results in the Contact being added to the database without any error message; but then when the associated user is called the Contact is treated as if it has expired and the call fails. The correct behavior would be to flag the invalid value when the Contact was being entered.
Conditions: This is applicable to static registrations via the graphical user interface (GUI) or CLI only. An example of an invalid contact is misspelling the word "Permanent".
Recommended Action: Re-enter the Contact with a valid Contact Age value.
CSCed21297
SPS does not support complete Remote-Party-ID syntax
Problem Description: SPS supports only that portion of the Remote-Party-ID syntax that is required for and parallels that of the P-Asserted-Identity header as used to facilitate Privacy in a network consisting of other Cisco SIP endpoints.
Conditions: PrivacyWithRPID is enabled and SPS receives an INVITE from a trusted entity with the following Remote-Party-ID header:
When forwarding to an untrusted entity, SPS will not recognize that privacy was requested since it does not support quoted strings as privacy values, so it will not remove the header.
Recommended Action: Use the semicolon separated syntax for rpi-privacy tokens rather than the quoted string syntax.
CSCed27525
Linux GUI install gives spurious warnings
Problem Description: Upon installation of the SPS graphical user interface (GUI), the user will see several warning messages.
Conditions: The messages may be due to the version of InstallAnywhere currently used to create the installer.
Recommended Action: Ignore the messages as they are harmless.
CSCed40792
RAS Gatekeeper Cluster Host/Port pairs need to be made required
Problem Description: The proxy fails to restart correctly after modifying the remote access server (RAS) Gatekeeper Clusters via the graphical user interface (GUI).
Conditions: When a GK or port is added without giving a value to the corresponding port or Gk. For example, if a value is added to the GK1 column, a value must be added to the Port1 column for the same row.
Recommended Action: Always add both GK and port data when modifying or creating RAS Gatekeeper clusters.
CSCed83101
Multiple registrations do not all show up in provisioning
Problem Description: At times, registrations by independent UAs to the same number will appear to overwrite each other when using provisioning to view the registrations. When a call is made to the number both sets ring. Also, when using the CLI tool in ACE mode, both registrations appear.
Conditions: This may occur if the Contact in the Register message does not contain a User portion of the URL.
Recommended Action: Use the sysadmin_sps_regroute CLI tool to view the registrations with the same number.
CSCee24124
Slow export of registry/routing entries in sysadmin_sps_regroute
Problem Description: The export function of the sysadmin_sps_regroute tool takes a long period of time when compared to doing an export when in ACE mode or through the graphical user interface (GUI).
Conditions: Perform an export of the registry or routing databases via the sysadmin_sps_regroute tool. Process completes, but takes longer than if done by other methods.
Recommended Action: Use the ACE mode of the sysadmin_sps_regroute tool when performing an export of the routing or registry database. Another option is to export from the GUI.
CSCee27711
sipd processes die if log file can not be written
Problem Description: sipd processes abort with 'File size limit exceeded' errors. This error indicates that log files can not be written to.
Condition: Either the filesystem log file exist on must be full, or at least one log file must have reached the maximum file size allowed by the operating system.
Recommended Action: Manually remove the log file and remove any unnecessary file to recover disk space. Then gracefully restart the SPS.
CSCee29382
Radius accounting record time format always GMT
Problem Description: There is a RADIUS accounting directive for time format that accepts the values of GMT or Local; however, the accounting record times are always in GMT regardless of how this is configured.
Conditions: Accounting enabled, Time Format changed from GMT (default) to Local
Recommended Action: None
CSCee29399
MaxRequestsPerChild is misleading
Problem Description: MaxRequestsPerChild is not the max number of SIP requests a sipd child process an handle. A sipd process handles SIP traffic, IPC traffic, and timeouts. Timeouts happen every 50 ms (regardless of an running timer for that slot) and a per child MaxRequestsPerChild counter is incremented each time. As a result, sipd child processes die much more frequently than might be expected when MaxRequestPerChild is set to some non 0 value.
Conditions: MaxRequestPerChild changed from default value of 0.
Recommended Action: Try a value of the order of 100000 to see sipd child processes die in a more expected pattern.
CSCee32712
StateMachine debug option ignores LogLevel
Problem Description: The value of LogLevel is not taken into account when StateMachine debugs are enabled. Full StateMachine debugs are written to the error_log file regardless of the LogLevel value if StateMachine debugs are enabled.
Condition: StateMachine debugs On, LogLevel set to something other than debug
Recommended Action: None. It is recommended that StateMachine debugs are not enabled on a heavily loaded system.
CSCee35557
Log rotation by file size using rotatelogs does not work
Problem Description: The admin guide (SPS 2.1 and later) and GUI (SPS 2.2 and later) describe using rotatelogs to rotate the access_log and error_log by time or by size. If you configure SPS to rotate based on size, for example:
it rotates every 500 seconds rather than every 500M.
Recommended Action: None
CSCee41389
GUI allows unsupported dot wildcards in middle of route pattern
Problem Description: Calls can not be resolved to a route that was provisioned using dot wildcards
Condition: The route pattern contains an embedded dot wildcard at the beginning or middle of the pattern
Recommended Action: Dot wildcards must exist at the end of a route pattern. Replace the embedded dot with a '*' wildcard or re-write the route pattern.
CSCee44194
Register missing port in contact displays as port 0 in pserver
Problem Description: Provisioning GUI shows a dynamic register with a port of 0
Condition: The user agent registered with a contact header and no port information, the contact is treated at the default port 5060 regardless of the displayed information.
Recommended Action: Configure user agents to provide port information in the contact of registrations
CSCee46503
SPS: Error make_sock: for address 0.0.0.0:5060, setsockopt: SO_REUSE
Problem Description: The sipd process might core, or not spawn any child processes after a graceful restart.
Condition: The issue is only seen when specifying IP_address:port combinations in the Listen parameter under the Server Directives configuration section.
Recommended Action: Do not specify any IP_address:port combinations in the Listen parameter under Server Directives. By default, the SPS will listen on all interfaces. Also, there is no issue when using sip stop/start, or restart instead of graceful restart.
CSCee53076
CiscoSPS GUI transmits password in clear text to SPS
Problem Description: The CisoSPS GUI (v2.1 and v2.2) transmits the password in clear text.
Recommended Action: None.
CSCee55874
Call forward unconditional does not look in registry db
Problem Description: When using call forward uncondition from one subscriber to another subscriber, SPS looks for usable routes for the call forwarded number rather than consulting its registration database. As a result, the INVITE may be sent to a default gateway rather than to the registered contact of the user to which the call was forwarded.
Condition: Call forward unconditional enabled Subscriber has CFUNC to sip:<user>@<SPS> where <user> is another registered user.
A route exists for the <user>. SPS uses the route to forward the INVITE rather than the registered contact.
Example:
5000@cisco.com and 5001@cisco.com are registered users. 5000@cisco.com has CFUNC to 5001@cisco.com. A route exists for 5... to DefaultGateway A call is received for 5000@cisco.com, CFUNC is invoked, and an INVITE for 5001@cisco.com is sent to DefaultGateway instead of to the 5001@cisco.com's registered contact.
Recommended Action: Add a route for 5001 to send back to SPS.
CSCee61074
SPS: Issues adding multiple DIVERSION headers to 302 messages
Problem Description: Cisco SPS has issues adding multiple diversion headers to 302 Moved Temporarily messages.
Conditions: This symptom is observed when the call forwarded configuration is set to CFUNC for called party #1 and CFNA for called party#2, the SPS only adds the last diversion header to 302 Moved Temporarily messages.
Recommended Action: None
CSCee74996
sipd segfaults on misconfigured etc/hosts
Problem Description: sipd does not start and does not appear in the list of running processes (output of ps -ef | grep csps)
Condition: The user has a /etc/hosts file that does not contain a short hostname, and the unix hostname command only contains the shortname. This results in SPS being unable to resolve its own hostname.
Recommended Action: Configure the shortname in /etc/hosts as follows:
x.x.x.x myhostname myhostname.company.com
CSCee75014
Additional ACE logs appearing in the error_log file
Problem Description: Unformatted debug messages appear in the SPS error_log file. This occurs with all debugs turned off and the logs at 'warn' level. These messages can look like serious errors, but they are not as they are handled appropriately.
Recommended Action: None
CSCee75092
GUI search for starts with does not match if criteria is field
Problem Description: The GUI has a search filter at the top of registration/route tabs. If, for instance, you have a registration with a user of 'service' and you search for 'Starts With' => service, the register will not show up as a match.
Recommended Action: If you search for 'Contains' or 'Equals' service it works. If you search for 'Starts With' service it works. So 'Starts with' isn't matching if the search criteria is the entire field.
CSCee78675
CIAgent erroneously reports failure on boot on linux
Problem Description: If a linux system is rebooted with SPS installed, the bootup process will start CIAgent. All processes start correctly, but mib2agt reports something back to Redhat's init process that indicates failure, because it prints a red [FAILED] message on boot.
Condition: From /var/log/messages:
Jun 7 14:38:18 faye BrassServer: CIAgent brassd started
Jun 7 14:38:18 faye rc: Starting BrassServer: succeeded
Jun 7 14:38:19 faye Mib2agt: CIAgent mib2agt started
Jun 7 14:38:19 faye rc: Starting Mib2agt: failed
Jun 7 14:38:21 faye rc: Starting CIAgent: succeeded
Jun 7 14:38:22 faye mdmpd: mdmpd succeeded
Workaround: None, however, the error can be ignored and mib2agt will function properly.
CSCee84589
VirtualDomain static register fails resolution if domain has upcase
Problem Description: SPS returns a 404 when resolving to an IP route in a virtual domain
Conditions: The user has created a virtual domain entry with uppercase letters and then provisioned a static registration for that domain. The uppercase domain in the register has incorrectly been reported as all lowercase and fails to match.
Workaround: Have the client register dynamically or use all lowercase virtual domains
CSCee86613
SPS_setup address change broken for IPs containing
Problem Description: SPS does not display a list of valid addresses when attempting to use sps_setup to change the IP address
Conditions: The SPS was installed with an IP address containing a '0'
Recommended Action: The SPS must be uninstalled and reinstalled with the new IP address information desired.
CSCee88280
valid registrations with * are rejected
Problem Description: Attempts to register AORs with a '*' character, such as *69@somewhere.net fail. Attempting to do so via the GUI, sysadmin_sps_regroute, or with a REGISTER message all fail.
Recommended Action: Use a static route instead. Note, the '*' in the destination pattern must be escaped with a '\'. So the destination pattern for the example above would be "\*69" where the proxy serves the domain somewhere.net. The next hop is set the FQDN or IP address of the right hand side of the Contact that was to be registered.
CSCee89134
sipd cannot start if logs directory is unwritable
Problem Description: sipd does not start and no message is received in error_log
Condition: The sip/logs directory is not writable by sipd
Recommended Action: Enable write permission to the logs directory
CSCee91256
Possible memory leaks in pserver when using the GUI
Problem Description: Pserver process uses up more memory than necessary.
Condition: Each time the GUI is opened or the Subscriber page is reloaded more memory gets used up.
Recommended Action: Restart pserver to free up used memory if it should become a problem.
CSCef30525
Segmentation fault if request contains null user in requri
Problem Description: A child sipd process handling a request with no user in the Request URI will segfault. Note, the syntax of such a request is invalid, example: INVITE sip:@192.168.1.2:5060 SIP/2.0 SPS should reject such a request with a 400 response; but since the sipd dies, no response it sent. A new child sipd process will be started to replace the previous one and processing of other requests will continue normally.
Recommended Action: None
CSCef46700
pserver crash when db connection goes down/up often
Problem Description: Pserver dies while processing requests.
Condition: Connection to the registry or routing database is being torn down and recreated often. This triggers something which crashes the pserver.
Recommended Action: Restart the pserver should it go down. It may also be necessary to restart SipServices as well when bringing up pserver if using the pserverctl script.
CSCef49522
pserver core in Hash_Map_Manager on route import
Problem Description: While importing a larger number of routes or registrations via the GUI or sysadmin_sps_regroute command line tool, it is possible that pserver will crash. Any routes or registrations already imported successfully will remain in the database, but those that were not yet processed will need to be imported again.
Recommended Action: Restart pserver and import the routes or registrations again.
CSCef50002
sipd killed with -9 will respawn as a second parent process
Problem Description: When restarting sipd, it is possible in some rare cases to end up with multiple master sipd processes, e.g. multiple sipd processes with a parent process id of 1. If this happens, SPS will no longer function probably.
Recommended Action: Perform a sip stop and make sure all sipd processes really stop. If they do not, perform another sip stop. If they still do not stop, kill them manually. Afterwards, perform a sip start to start SPS again and observe that there is now only one master sipd.
CSCef55059
GUI displays contact with transport that disagrees with DB
Problem Description: Call is routed to a registered user using a transport that differs from the transport displayed in the GUI.
Condition: The client was registered dynamically with a transport parameter in the Contact, but the Contact is incorrectly not enclosed in angle braces.
Recommended Action: Using the GUI, edit the register entry and change the transport to some other transport. Then re-edit the entry and return it to the intended transport.
CSCef67068
sipd core parsing an invalid authentication header
Problem Description: When attempting to authenticate a request with invalid credentials, it is possible for the child sipd process to segfault. Some examples are as follows:
The request should be rejected with a 407 response being returned; but, since the sipd process dies, no response is returned. The sipd process will be replaced with a new one, and normal processing will continue.
Recommended Action: None
Resolved Caveats—Cisco SIP Proxy Server, Version 2.2.1.11
All the caveats listed in this section are resolved in the Cisco SIP Proxy Server, Version 2.2.1.11.
Table 4 Resolved Caveats for the Cisco SIP Proxy Server, Version 2.2
DDTS ID Number
Description
CSCee24069
sysadmin_sps_regroute command line arguments do not all work
Problem Description: The sysadmin_sps_regroute tool fails when it is used in the command line argument mode. Passing in arguments on the command line does not always work.
Condition: Entering two or more commands on the command line for sysadmin_sps_regroute fail due to the fact that the commands are stored in the wrong order as they are being processed.
Recommended Action: Enter the commands manually through the menu system within the sysadmin_sps_regroute tool or use the GUI to perform the functions.
CSCdw58265
CSPS: segfault in Sip_Services/ACE with CSS and RegFarm
Problem Description: When Sip_Services is first started using sipdctl start, it dumps core and then starts correctly. This happens on Linux only, and it has no effect on functionality. The only oddity is a core file is left over. On Solaris, Sip_Services starts correctly the first time.
Conditions: This happens on Linux when using a virtual IP or hostname as the ServerName in combination with having registry or route farming enabled. This never happens on Solaris.
Recommended Action: There is no workaround.
CSCdy02211
CSPS: sipd process(es) block when handling REGISTERs
Problem Description: Requests, such as REGISTERs and INVITEs, are handled by CSPS at a reduced rate or not at all.
Conditions:
1. CSPS is configured as a farm of 2 or more servers with Registry farming enabled, and the farm member processing the request is not able to connect to one or more of the other farm members.
2. The traffic levels exceed the following for an extended period of time: REGISTERs/second = 5 INVITEs/second = 50
Recommended Action: There are two possible actions:
1. Ensure the calls rates do not exceed those described above OR
2. Do not enable Registry farming
CSCdz62420
CSPS: GUI needs a warning notification for required missing values
Problem Description: Server may fail to restart if a value for a required field has not been provided.
Conditions: Using the Provisioning graphical user interface (GUI) set remote access server (RAS) to ON. Add a Tech prefix, but leave the Dialed Number or Tech Prefix field blank. Submit the changes. Perform a restart in the Proxy Control screen.
Recommended Action: Add information for all fields when configuring RAS.
CSCea58255
Routes with embedded * ignored by provisioning system
Problem Description: It is not possible using the graphical user interface (GUI) based provisioning system to define a static route with a destination pattern including a '*' character. Trailing '*' characters are to be treated as expanded wildcards, but embedded '*' characters are to be treated as single '*' characters. The GUI accepts the destination pattern as valid input; however, the route does not make it into the routing database used by SPS.
Conditions:
1) Add '*' to the numeric character set as follows:
NumericUsernameCharacterSet *+0123456789.-()#
2) Define a static route with destination pattern *69
3) The GUI accepts the input but no route is added to the in memory route database (can be verified using sysadmin_csps_regroute).
Workaround: Define a static registration for the destination pattern instead. For the example above:
1) define a user as *69@<ProxyDomain>
2) set the contact to *69@<next-hop>
Sample output from sysadmin_csps_regroute is as follows:
user type --> PHONE
user --> *69
Domain --> <ProxyDomain>
contact --> *69@<next-hop>
contact user type --> PHONE
contact port --> 5060
transport --> UDP
expired at --> -
CSCea69911
CSPS: unable to insert registry contact with @host
Problem Description: While entering a contact for a static registration in either the CLI or provisioning graphical user interface (GUI), if the customer neglects to add a user_info portion, i.e. user_info@host_info, the registration cannot be viewed via the GUI or CLI.
Recommended Action: Always have a user_info portion when adding a contact in the CLI or GUI.
CSCeb61810
GUI should disallow sip: in contact for static registrations
Problem Description: Calls may not be delivered successfully to a static Registry if the user entered the contact incorrectly in the graphical user interface (GUI). The syntax should be user@host and not sip:user@host.
Conditions: The GUI does not perform checking on the static Registry contact to see if the user entered 'sip:' in front of the contact address.
Recommended Action: When manually entering a Registry contact, do not put 'sip:' in front of the contact.
CSCeb63312
First graceful restart after adding IgnoreProxyRequire fails
Problem Description: If add an IgnoreProxyRequire directive (vi sipd.conf or in graphical user interface (GUI)) and gracefully restart the server, the graceful signal shows in error_log, but the daemons get stuck in <defunct> state and never restart.
1. No IgnoreProxyRequire directive was configured the last time the proxy was started
2. An IgnoreProxyRequire directive was added via the GUI or by manually editing sipd.conf
3. ./sip graceful or ./sipdctl graceful was performed to gracefully restart the server with the new configuration
Recommended Action: A full restart fixes the problem
# ./bin/sip restart or
# ./bin/sipdctl restart
Further graceful restarts are successful and new IgnoreProxyRequire directives that are added will gracefully restart successfully.
CSCeb85264
Cannot add wildcarded route by editing existing route in GUI
Problem Description: When using the graphical user interface (GUI) to edit an existing route, adding a wildcard destination pattern such as "408*" will not work correctly. Rather than expanding the route into multiple routes of the form 408, 408., 408., etc.; a single route of 408* is entered into the database instead.
Recommended Action: Instead of editing the existing route, first delete the existing route and then add a new wildcard route.
CSCec11580
SIP: Provisioning GUI will not add GK cluster to sipd.conf
Problem Description: A remote access server (RAS) gatekeeper cluster configured through the graphical user interface (GUI) fails to work correctly. The cluster information does not show up in sipd.conf.
Conditions: When adding a RAS Gatekeeper cluster through the GUI the data is not added to sipd.conf. The spa_log will show the following error:
ALRT : Ras.cxx:132 Invalid Number Of GateKeeper Cluster (num=12)
Recommended Action: When adding a cluster through the GUI, make sure to populate the last column in the row (GK 5, port 5) You do not need to have values in the GK1 through GK4 columns, but you can if you like.
CSCec13130
unwanted character in register contact field in GUI
Problem Description: SPS provisioning graphical user interface (GUI) shows extra character ">" at the end of a contact in a dynamic registration.
Conditions: With some third party endpoints, when they dynamically register with SPS 2.1, the GUI shows an extra character ">" at the end of their registered contact.
Recommended Action: This is a harmless bug which is not noticed with Cisco equipment. Even when the bug occurs, it creates no problem in call processing. No workaround is required.
CSCec31901
Apply OpenSSL patches for vulnerability
Problem Description: New vulnerabilities in the OpenSSL implementation for SSL have been announced.
An affected network device, running an SSL server based on the OpenSSL implementation, may be vulnerable to a Denial of Service (DoS) attack when presented with a malformed certificate by a client. The network device is vulnerable, to this vulnerability, even if it is configured to not authenticate certificates from the client. There are workarounds available to mitigate the effects of these vulnerabilities.
Cisco SPS 2.1 Installation Guide - Need doc update in troubleshooting
Problem Description: The SPS 2.1 Installation Guide "Troubleshooting Tips" section of the "Setting Up Servers and MySQL Databases in a New System" as the following error:
--------------------
Verify MySQL installation with the following commands: <serverroot>/bin/mysqlshow
<serverroot>/bin/mysqladmin version status proc
--------------------
These two commands do not work because their syntax is wrong.
Recommended Action: The correct syntax is:
<serverroot>/bin/mysqlshow -u guest -p
Enter password: nobody (by default)
<serverroot>/bin/mysqladmin -u guest -p version status proc
Enter password: nobody (by default)
CSCed10488
RedHat 7.3 logrotate can result in maxed-out CPU on SPS systems
Problem Description: RedHat 7.3 systems contain a problem with logrotate and mailman. This is a problem with the distribution and will effect all systems running the distro regardless of patch level. It is fixed in RH9 and AS3, and thus is not an issue for SPS 2.2, but the fix was not backported to 7.3.
Basically, a program called 'mailman' creates a bunch of different log files in /var/log/mailman. Rather than listing out all 20 logfile names, the logrotate script simply says to rotate '*'. This means that on the first rotate, 'error' rotates to 'error.1'. On week 2 you now rotate 'error.1' to 'error.2' and 'error' to 'error.1', but because of the * you also re-rotate 'error.1' to 'error.1.1'.
After a few months, you have several million files and logrotate chokes.
This problem can be accelerated by introducing a full-disk error condition. The mailman logs are of zero size so continue to rotate, but the status file can not be updated, which results in a rotation every day instead of every week.
Recommended Action: rm -f -r /var/log/mailman Remove all references to mailman from '/var/lib/logrotate.status' Uninstall the mailman rpm
CSCed12417
Modification of SharedMemoryStatsInterval requires full restart
Problem Description: Modifying the SharedMemoryStatsInterval directive does not take effect immediately on a graceful restart. As part of the graceful restart, the SharedMemStats are printed initially, but the timer that controls the periodic printing of the stats does not get reset to use the new interval. Rather, it runs to completion of the previously configured interval, at which time the stats are printed, and then the new interval is used from that point on. For example, the default interval is five minutes. If the stats are printed and then two minutes later then interval is changed to 1 minute via a graceful restart, SPS will print the stats as part of the graceful restart, but then it will wait the remaining three minutes for the previous timer to expire before printing the stats again. After that, it will restart the timers with a one minute interval and start printint the stats every minute from that time forward.
Recommended Action: Wait for the previously configured timer to expire, or perform a restart instead of a graceful restart to have the new interval put into effect immediately.
CSCed37564
SPS GUI license does not delete the license key properly from the db
Problem Description: Can not delete and add a new license key for the same host using the license key graphical user interface (GUI) application.
Conditions: Once you delete the license key for a particular host and try to re-add it back using the GUI, it will failed. The system will stated that there is an entry already exist for that.
Recommended Action: There is no workaround.
CSCed55241
Route failover corrupted if transaction expires prior to failover
Problem Description: SPS does not fail over from first route to subsequent routes if the INVITE transaction expires prior to the fail over timer expiring. Instead, SPS sends a CANCEL for the outstanding transaction and subsequently a corrupted INVITE to the subsequent routes.
This is due to a race condition between the transaction expiring timer and the retransmission timer not being handled correctly. The default transaction expiration when there is no response is 60 seconds.
The default retransmission timers take over 60 seconds to expire. Therefore the transaction expires, but is not expired cleanly, and the retransmission timers then expire and use corrupted data.
Conditions:
1. Multiple routes exist for same destination:
destination next-hop
-----------------------------
555.... 10.2.3.4
555.... 10.6.7.8
2. There is no response from the next-hops
3. Default values for retransmission timers and counters as well as transaction expiration.
4. Place a call to 5551212.
There must be no Expires header in the INVITE as this will replace the default transaction expiration timer.
Recommended Action: These are several.
1. Reduce the retransmission timers such that they are less than the transaction expiration timer.
2. Increase the transaction expiration timer such that it is greater than the retransmission timers
3. Have the endpoint sending the INVITE include an Expires header with a value greater than the retransmission timers. For example, the ATA includes an Expires header with a value of 300 seconds, and the 7960 includes an Expires header with a value of 180 seconds.
CSCed64443
Modify SPS_setup to allow IP or Hostname change to existing SPS
Problem Description: Changing the IP address or hostname of an existing machine which is part of an SPS installation can cause calls to fail or the proxy to not work properly in various ways.
Recommended Action: Run the sps_setup script to re-install each of the components of the existing farm.
CSCed68752
400 bad from returned if user parameter is other than IP or phone
Problem Description: When receiving a SIP message with a From header containing a user parameter, SPS rejects the From as bad if the user parameter value is something other than IP or PHONE.
Recommended Action: There is no workaround.
CSCed75539
licenseMgr dumps core when exiting
Problem Description: licenseMgr dumps core when exiting.
Conditions: A running licenseMgr is stopped via: lmctl stop, sip stop, or by sending a KILL signal Rather than exiting gracefully, it seg faults and dumps core.
Recommended Action: This is not a service affecting issue. The only potential problem is buildup of core files on the hard disk. By default, no core is produced for security reasons, so it is only in cases in which core files have been explicitly enabled that this is an issue at all. On Linux, core files can be suppressed by as follows: ulimit 0 On Solaris, core files can be suppressed via the coreadm utility.
CSCed80185
Accounting record not sent for invalid request
Problem Description: When SPS receives a BYE with an invalid Request URI, it returns a 400 - Bad Message to the sender. If server side accounting is enable, SPS also attempts to send an accounting record. At this point, the sipd seg faults and no accounting record is sent. Note, call processing still completes as usual. When SPS receives an INVITE with an invalid Request URI, it returns a 400 - Bad Message to the sender. If server side accounting and unsuccessful accounting is enable, SPS also attempts to send an accounting record. At this point, the sipd seg faults and no accounting record is sent. Note, call processing still completes as usual.
Conditions: Server Side Accounting enabled and BYE with invalid Request URI received. and/or Server Side and Unsuccessful Accounting enabled and INVITE with invalid Request URI received.
Recommended Action: There is no workaround.
CSCee00536
Call forwarding not working when using number expansion
Problem Description: Call forwarding functionality on SPS does not work correctly when used in combination with Number Expansion. If the called number is expanded due to it matching a Number Expansion rule, SPS does not locate the call forwarding information of the expanded number, so the call forwarding does not occur.
Recommended Action: None
CSCee17747
SIP segfaults with RAS module enabled on Solaris
Problem Description: Due to a bug in the initialization code, SPS does not start properly when RAS is enabled.
Conditions: This occurs only on Solaris and is dependent on the patch level.
Recommended Action: None
CSCee33125
Invite to multiple registrations gets 500 Server Internal Error
Problem Description: A '500 Server Internal Error' response is given as a response to a request to a registration with 3 or more contacts.
Conditions: Multiple contacts for a registered number can cause problems in processing an Invite to that number.
Recommended Action: If this problem occurs, try limiting the number of registrations to two per number.
CSCee40838
Primary unable to write to DB is secondary IP is removed under load
Problem Description: All registration attempts to one member of a SPS farm fail with 'failure to lock' error messages.
Condition: One member of a SPS farm is or was recently non-accessible and the remaining server is under heavy registration loads.
Recommended Action: Return the out-of-service farm member to active service and reduce traffic levels to allow the farm to synchronize.
CSCee40859
send_n failed error during DB resync while under load
Problem Description: The error 'send_n failed: Bad file number' is seen in the error_log
Condition: A SPS farm database is being loaded to a member that was out of service while registration traffic is being sent to the syncing member.
Recommended Action: None. The server will recover once the sync is complete
CSCee42779
While under load farm sync occurs multiple times
Problem Description: The error_log shows a Registry DB sync occurring several times in rapid succession.
Condition: The farm is under heavy load and one farm member has become out-of-service for a period, causing the registry database to become out-of-sync.
Recommended Action: None. After several syncs the farm recovers.
CSCee57117
Registration server SPS 2.1: freeze with zombie processes
Problem Description: Under very heavy load a Cisco SIP Proxy Server can stop handling SIP registration
Conditions: SIP handle high load of registration
Recommended Action: Restart the SPS or manually identify the (zombie) process that are not using CPU and kill them paying attention to not kill the master sipd process and at the TCP/IO process
CSCee85472
sharedmem_stats_log displays erroneous size of reg and route dbs
Problem Description: The registry and route memory usage listed in the sharedmem_stats_log is incorrect. It is always 0 even if active registrations and routes exist.
Recommended Action: The numbers displayed in the log file should be ignored. The size of the databases can be determined instead as follows:
[root@vvs-france data]# ls -l registry_db
-rw-r--r-- 1 csps csps 2367488 Jun 15 14:25 registry_db
[root@vvs-france data]# ls -l routing_db
-rw-r--r-- 1 csps csps 2367488 Jun 15 14:25 routing_db
CSCee85495
sipd cannot start if Shared Memory Stats Log is enabled
Problem Description: If Shared Memory Stats Log is enabled (it is disabled by default) on a Solaris 8 machine without the recommended Solaris patches, sipd may not be able to start. This has not been seen on Linux or on Solaris machines with the recommended patch level.
Recommended Action: Upgrade the Solaris 8 machine to the recommended patch level, or disable Shared Memory Stats Log.
CSCee87094
sipds stop working correctly due to shared memory leak or corruption
Problem Description: After running fine for potentially several days or longer, sipd child processes start to abort. The following error is logged in the error_log:
[notice] child pid 10934 exit signal Abort (6), possible coredump in /opt/sip
As a result, few, if any, SIP transactions are processed successfully.
Recommended Action: Performing a full restart from the GUI or the command line corrects the problem.
CSCef06454
pserver cores if adding more than 29 routes with same user
Problem Description: Provisioning GUI or sysadmin_sps_regoute no longer communicate with pserver after a route addition
Condition: pserver has crashed following attempts to add 30 routes using the same destination pattern
Recommended Action: Limit provisioning of redundant routes to the supported limit of 29
CSCef11289
Routes disappear while provisioning additional new routes
Problem Description: Routes disappear from the SPS database
Condition: New routes unrelated to the disappearing routes are being provisioned
Recommended Action: Re-add the removed routes
CSCef12238
200 returned for REGISTER even if write to db fails
Problem Description: It is possible for a user to receive a 200 for its REGISTER request, with the 200 containing the Contact(s) requested to be registered despite the fact that the addition/update of the Contact(s) failed. As a result, subsequent calls for that user may be forwarded incorrectly or not at all.
Recommended Action: None, although the problem should be corrected the next time the user refreshes the registration. You can check for the existence of any such cases by searching for the user's registration using the GUI's registration screen.
CSCef68192
SPS retransmits best final response when branch response received
Problem Description: When forking a call and receiving a 200 for one branch, SPS CANCELs all remaining branches. When a 487 is eventually received for any of these branches SPS retransmits the 200 (the best response) each time. This is not generally a problem other than creating unnecessary traffic, and as the number of forked branches increases so does the unnecessary traffic.
Recommended Action: None
CSCef78929
SPS periodically stops writing to shared_mem_stats_log
Problem Description: After running fine for some period of time with SharedMemStatsLog enabled, SPS may stop writing updated stats to the log. No more stats are written until the next time SPS is restarted or gracefully restarted. All call processing and other log files continue to function normally.
Condition: SharedMemStatsLog enabled. It is disabled by default. Call Forward Unavailable and/or Call Forward No Answer are enabled. The are disabled by default.
Recommended Action: Monitor the shared_memory_stats_log, and if it is no longer being updated perform a full restart. Alternatively, disabled Call Forward Unavailable and Call Forward No Answer.
CSCef90030
CSPS: sipds leak shared memory if CFUNV or CFNA are enabled
Problem Description: If CFUNV and/or CFNA are enabled, all sipds leak shared memory. The rate of the leak is variable due to timing, but it tracks relatively close to the call rate, meaning that as the call rate increases, so does the memory leak. A rough estimate is 1M of memory per 1000 users per day.
Condition: Call Forward Unavailable (CFUNV) and/or Call Forward No Answer (CFNA) are enabled. The are disabled by default.
Recommended Action: Assuming CFUNV and/or CFNA are necessary and cannot be disabled, monitor the shared memory usage using the SharedMemStatsLog. Note, this log may stop writing at its configured interval due to the memory leak, in which case a graceful restart can be issued to make it output a single set of statistics. Once the memory usage, indicated in the file by the line "Total Used Memory" exceeds the amount of free memory, indicated by the line "Total Free Memory", a full restart should be performed to free all the leaked memory.
CSCeg90530
forwarding 487 after final response returned causes mem leak
Problem Description: In cases where SPS proxies an INVITE to one or more downstream entities and none of them return a final response within the maximum transaction time (60 seconds by default), SPS returns a "408 final response" to the caller and CANCELs any pending downstream branches. If any of those entities later returns a final response for the INVITE, SPS forwards the final response to the caller and incurs a memory leak of roughly 1k of its shared memory in the process. By default, SPS runs with 128M or shared memory. Over time, if these types of call flows continue, SPS will run out of shared memory be become non-responsive to most or all SIP requests until SPS is restarted.
Recommended Action: Enable the Shared Memory Stats Log and monitor the shared memory usage. If the "Free Memory" drops below 25% of the total memory, restart SPS.
Note A graceful restart is not sufficient. It is possible that some transactions will be lost during the restart, so it is best to perform the restart at non peak hours if possible.
Obtaining Documentation
The following sections explain how to obtain documentation from Cisco Systems.
World Wide Web
You can access the most current Cisco documentation on the World Wide Web at the following URL:
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.
Ordering Documentation
Cisco documentation is available in the following ways:
•Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace:
•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).
Documentation Feedback
If you are reading Cisco product documentation on Cisco.com, you can submit technical comments electronically. Click Leave Feedback at the bottom of the Cisco Documentation home page. After you complete the form, print it out and fax it to Cisco at 408 527-0730.
You can e-mail your comments to bug-doc@cisco.com.
To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:
Cisco Systems Attn: Document Resource Connection 170 West Tasman Drive San Jose, CA 95134-9883
We appreciate your comments.
Obtaining Technical Assistance
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.
Cisco.com
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to
•Streamline business processes and improve productivity
•Resolve technical issues with online support
•Download and test software packages
•Order Cisco learning materials and merchandise
•Register for online skill assessment, training, and certification programs
You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.
Inquiries to Cisco TAC are categorized according to the urgency of the issue:
•Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.
•Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.
•Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.
•Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.
Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.
Cisco TAC Web Site
The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:
All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:
If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:
If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.
Obtaining Technical Assistance
