Guest

Cisco IOS Software Releases 12.4 Mainline

Cisco IOS Software Release 12.4 Features and Hardware Support

Table Of Contents

Cisco IOS Software Release 12.4 Features and Hardware

1) Introduction: Cisco IOS Software Release 12.4

1.1) Migration Guide

1.2) Cisco IOS Packaging: Secure Management Access

1.3) Release 12.4T Additional Information

2) Release 12.4 Feature Technology Highlights

2.1) Hardware Support

2.2) Broadband

2.3) High Availability

2.4) Infrastructure

2.5) IP Mobility

2.6) IP Multicast

2.7) IP Routing

2.8) IP Services

2.9) IPv6

2.10) Management Instrumentation

2.11) Multiprotocol Label Switching

2.12) Quality of Service

2.13) Security and VPN

2.14) Voice


Product Bulletin No. 2852

Cisco IOS Software Release 12.4 Features and Hardware


This Product Bulletin introduces Cisco IOS Software Release 12.4T, and includes the following sections:

Last Updated: July 2006

1) Introduction: Cisco IOS Software Release 12.4

Cisco IOS® Software is the world's leading network infrastructure software, delivering a seamless integration of technology innovation, business-critical services, and hardware support. Currently operating on millions of active systems, ranging from the small home office router to the core systems of the world's largest service provider networks, Cisco IOS Software is the most widely leveraged network infrastructure software in the world.

One of the most significant delivery milestones for Cisco IOS Software is the introduction of a new major release, which ships once every two years, delivers hundreds of advanced capabilities, and aggregates multiple prior releases into a synergistic whole.

Developed for wide deployment in the world's most demanding Enterprise, Access, and Service Provider Aggregation networks, Major Release 12.4 is a comprehensive portfolio of Cisco technologies, including the leading-edge functionality and hardware support introduced in Release 12.3T, anchored by an intensive stability and testing program.

Major Release 12.4 introduces more than 700 industry-leading features across the widest range of hardware in the industry. These key innovations span multiple technology areas, including Security, Voice, High Availability, IP Routing, Quality of Service (QoS), IP Multicast, IP Addressing, IP Mobility, Multiprotocol Label Switching (MPLS), and VPNs.

Figure 1

Major and Technology Release Relationship

1.1) Migration Guide

Cisco recommends that customers who need to deploy Release 12.3T features upgrade to Cisco IOS Software Major Release 12.4. Release 12.3T is scheduled for End of Sales in Q4CY'05.

While customers can no longer order software releases that reach End of Sales, they can download such releases from Software Center if they have a maintenance contract.

The following Cisco IOS Software releases identify the current recommended migration into Release 12.4.

Figure 2

Release 12.4 Migration Recommendation

Major Release 12.4 undergoes testing and review cycles to continuously improve and increase reliability and quality. As per Cisco's policies, no new technologies or features are added. Cisco updates Release 12.4 via regular maintenance releases to include minor improvements based upon customer experiences.

Maintenance for Release 12.3T ceases upon this introduction of Release 12.4. Users of Release 12.3T should migrate to Major Release 12.4 in order to receive maintenance.

For additional information about Cisco IOS Software Product Lifecycle Dates & Milestones, please visit:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/prod_bulletin0900aecd801eda8a.html

1.2) Cisco IOS Packaging: Secure Management Access

Cisco IOS Software Release 12.4 will introduce support for management access using Secure Shell (SSH), HTTPS and Simple Network Management Protocol version 3 (SNMPv3) on the Cisco 1800, 2800, and 3800 Series Access Routers. These three features work with other device management features (ie: image verification, role-based CLI views, user authentication, and VTY access control lists) to provide flexible and secure management access to any remote router, regardless of which Release 12.4 feature set it is configured on the router.

SSHv2 client and server functionality provides a secure, encrypted alternative to traditional telnet for router configuration and administration.

SSL Server functionality provides an HTTPS-based secure, encrypted complement to access graphical user interfaces (ie: Router and Security Device Manager).

SNMPv3 Server functionality includes authPriv mode, which provides authentication and encryption of SNMP messages.


Note: Export controls on strong encryption vary according to type, strength, territory, end-use, and end-user. Visit the Cisco Encryption Sales Support Tool to determine eligibility for Cisco strong encryption solutions. Send an email to Export Compliance ( export@cisco.com) for clarification. Encryption-free versions of IP Base, IP Voice, Enterprise Base, and Enterprise Services feature sets will continue to be available.


1.3) Release 12.4T Additional Information

Release 12.4

http://www.cisco.com/go/release124/

Product Bulletin No. 2214, Cisco IOS Software Product Lifecycle Dates & Milestones

http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/prod_bulletin0900aecd801eda8a.html

Cisco IOS Software Center

Download Cisco IOS Software releases and access software upgrade planners.

http://www.cisco.com/public/sw-center/sw-ios.shtml

Cisco Feature Navigator

A web-based application that allows users to quickly match Cisco IOS Software releases to features to hardware.

http://www.cisco.com/go/fn/

Cisco Software Advisor

Determine the minimum supported software for selected hardware.

http://www.cisco.com/pcgi-bin/front.x/Support/HWSWmatrix/hwswmatrix.cgi

Cisco IOS Upgrade Planner

View all major releases, hardware, and software features from a single interface.

http://www.cisco.com/pcgi-bin/Software/Iosplanner/Planner-tool/iosplanner.cgi

Cisco IOS Software Questions and Feedback

http://www.cisco.com/warp/public/732/feedback/release/

2) Release 12.4 Feature Technology Highlights

Table 1  Major Release 12.4 Technology Summary 

Section
Feature Highlights and Benefits

Coupled with industry-leading Cisco IOS Software, Cisco redefines best in class routing with the industry's first portfolio engineered for secure, wire-speed delivery of concurrent data, voice and video services - Cisco Integrated Services Routers.

As Service Providers scale their offerings to meet growing demand for Broadband subscriptions, they must simplify operations and increase individual subscriber revenue. Broadband aggregation dynamically binds subscribers to critical, revenue-generating services that carriers must deliver. Cisco delivers Broadband Aggregation capabilities on a comprehensive set of routers and software to meet a variety of network requirements - from WiFi hot-spots to carrier-grade aggregation - for millions of Digital Subscriber Line (DSL) and Cable subscribers.

Cisco IOS High Availability enables network-wide resilience to increase IP network availability. Network applications must cross different network segments - from the Enterprise Backbone, Enterprise Edge, and Service Provider Edge, through the Service Provider Core. All segments must be resilient to recover quickly enough for faults to be transparent to users and network applications. A failure that is detected anywhere in the network can result in termination, interruption or violation of service level agreements for business-critical applications such as, voice, e-commerce, storage area networking, work-flow, trading, and point of sales.

Cisco IOS Software Infrastructure includes the underlying foundation upon which all network services are built. Cisco IOS Software features integrate the power and flexibility of the infrastructure to provide a complete set of network services. Cisco is enriching Cisco IOS Software in four key areas: High Availability, Security, Manageability, and Scalability. The changes augment and fortify the underlying network infrastructure software and establish a new base for further delivery of advanced, intelligent network services.

The mobile workforce needs the ability to communicate with customers, partners, and fellow workers anywhere, anytime and have access to relevant business applications, tools to carryout business effectively. Enterprise mobility is about providing ubiquitous connectivity to the mobile user, independent of the devices and access technologies. Mobile IP, an IETF standard (RFC 2002), allows a host device to be identified by a single IP address even though the device may move its physical point of attachment from one network to another.

IP Multicast is a bandwidth-conserving technology that reduces traffic by simultaneously delivering a single stream of information to thousands of corporate recipients and homes. Applications that take advantage of multicast technologies include video conferencing, corporate communications, distance learning, and distribution of software, stock quotes, and news.

Cisco IP Routing Protocols provide the fundamental infrastructure for the delivery of advanced IP services across all Cisco products. Whether based on Internet Engineering Task Force standards or Cisco innovations, Cisco offers a broad portfolio of IP Routing technologies. All share common attributes and goals of scalability, availability, manageability, fast convergence, and high performance.

Cisco IOS Software contains a wide array of critical network services designed for flexibility, scalability, and reliability to help solve the most difficult problems facing enterprises and service providers. Customers can select the appropriate Cisco IOS Software feature sets to meet their evolving network requirements. Features such as Network Address Translation (NAT), Dynamic Host Configuration Protocol (DHCP), and Hot Standby Router Protocol (HSRP) can be easily deployed individually or in combination with each other across a wide range of Cisco hardware.

IPv6 is a new IP protocol designed to replace IPv4, the Internet protocol that is predominantly deployed and extensively used throughout the world. IPv6 quadruples the number of network address bits from 32 bits (in IPv4) to 128 bits or approximately 3.4 x 1038 addressable nodes, which provides more than enough globally unique IP addresses for every network device on the planet.

Cisco IOS Software provides a rich set of features that enable customers to efficiently manage their networks. Benefits of this embedded instrumentation functionality include: lowered operating and maintenance costs, rapid incorporation of new network services and devices, management of the network as an integrated system, reduced downtime by adaptive fault management, and measurable and billable differentiated services.

Cisco IOS Multiprotocol Label Switching (MPLS) enables Enterprises and Service Providers to build next-generation intelligent networks that deliver a wide variety of advanced, value-added services over a single infrastructure. This economical solution can be integrated seamlessly over any existing infrastructure, such as IP, Frame Relay, ATM, or Ethernet. Subscribers with differing access links can be aggregated on an MPLS edge without changing their current environments, as MPLS is independent of access technologies.

A communications network forms the backbone of any successful organization. These networks transport a multitude of applications and data, including high-quality video and delay-sensitive data such as real-time voice. The bandwidth-intensive applications stretch network capabilities and resources, but also complement, add value, and enhance every business process. Networks must provide secure, predictable, measurable, and sometimes guaranteed services. Achieving the required Quality of Service (QoS) by managing the delay, delay variation (jitter), bandwidth, and packet loss parameters on a network becomes the secret to a successful end-to-end business solution. Thus, QoS is the set of techniques to manage network resources.

Comprehensive network-security features in Cisco routers help companies protect their infrastructures, devices, and important information, while reducing costs.

Cisco CallManager Express is a solution embedded in Cisco IOS Software that provides call processing for Cisco IP phones. This solution enables the large portfolio of Cisco access routers to deliver telephony features similar to those that are commonly used by business users to meet the requirements of the small office, thereby enabling deployment of a cost-effective, highly reliable, IP Communications solution for the small office.


2.1) Hardware Support

Table 2  Hardware Highlights


2.1.1) Cisco 3800 Series Integrated Services Router

The integrated services routing architecture of the Cisco 3800 Series builds on the powerful Cisco 3700 Series routers designed to embed and integrate security and voice processing with advanced services for rapid deployment of new applications, including application layer functions, intelligent network services, and converged communications. The Cisco 3800 Series supports the bandwidth requirements for multiple Fast Ethernet interfaces per slot, time-division multiplexing (TDM) interconnections, and fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE), while still supporting the existing portfolio of modular interfaces. This ensures continuing investment protection to accommodate network expansion or changes in technology as new services and applications are deployed. By integrating the functions of multiple separate devices into a single compact unit, the Cisco 3800 Series dramatically reduces the cost and complexity of managing remote networks.

New models include the Cisco 3825 and the Cisco 3845, available with three optional configurations for AC power, AC power with integrated IP phone power support, and DC power.

Figure 3

Cisco 3800 Series Integrated Services Router

Benefits

This high-performance architecture is optimized for concurrent service deployment and offers increased default and maximum memory for future services growth.

Cisco IOS Software features offer support for identifying, preventing, and adapting to security threats and maintaining a self-defending network, including Cisco SDM 2.0, NAC (antivirus enforcement), Dynamic Multipoint VPN, dynamic in-line IDS, Cisco IOS Firewall, and URL filtering capabilities.

Onboard DSPs—Integrated PVDMs support analog voice, digital voice, conferencing, transcoding, and secure Real-Time Transport Protocol (SRTP) media while enabling network-module or AIM slots for switching, concurrent applications, content, and voice mail.

Field-upgradable, modular components are supported on the Cisco 3800 Series, allowing customers to easily change network interfaces without upgrading their entire branch-office network. The Cisco 3800 Series takes advantage of the existing portfolio of WICs, VICs, network modules, and AIMs to reduce sparing, training, configuration, installation, and maintenance costs.

The Cisco 3800 Series minimizes downtime with availability features, including optional redundant power, Error Checking and Correction (ECC) memory for improved fault isolation and correction, USB Flash memory for ease of image recovery, advanced temperature monitoring and variable-speed cooling fans, Cisco IOS Software Warm Reboot for improved bootup times, network-module online insertion and removal, and field-replaceable components such as fan tray, motherboard, and power supplies (Cisco 3845 only).

Additional Information: http://www.cisco.com/en/US/products/ps5855/index.html

Product Management Contact: cs-3800@cisco.com

2.1.2) Cisco 2800 Series Integrated Services Router

The Cisco 2800 Series comprises four new routers: Cisco 2801, 2811, 2821, and 2851 Routers. The Cisco 2800 Series provides significant additional value compared to prior generations of Cisco routers at similar price points by offering up to a fivefold performance improvement, up to a tenfold increase in security and voice performance, new embedded service options, and dramatically increased slot performance and density while maintaining support for most of the more than 90 existing modules that are available today for the Cisco 1700 Series and Cisco 2600 Series.

The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speed up to multiple T1/E1/xDSL connections. The routers offer embedded encryption acceleration and motherboard voice digital-signal-processor (DSP) slots; intrusion prevention system (IPS) and firewall functions; integrated call processing and voice mail; high-density interfaces for a wide range of connectivity requirements; and sufficient performance and slot density for future network expansion requirements and advanced applications.

Figure 4

Cisco 2800 Series

Benefits

A wide variety of LAN and WAN options are available. Network interfaces can be upgraded in the field to accommodate future technologies and several types of slots are available to add connectivity and services in the future on an "integrate-as-yougrow" basis.

Each of the Cisco 2800 Series routers comes standard with embedded hardware cryptography accelerators, which when combined with an optional Cisco IOS Software upgrade help enable WAN link security and VPN services.

The Cisco 2800 helps enable end-to-end solutions with full support for the latest Cisco IOS Software-based QoS, bandwidth management, and security features.

On the Cisco 2811, 2821, and 2851 there is a built in external power-supply connector that eases the addition of external redundant power supply that can be shared with other Cisco products to decrease network downtime by protecting the network components from downtime due to power failures.

Hardware

Routers

Cisco 2800 Series Integrated Services Routers


Additional Information: http://www.cisco.com/en/US/products/ps5854/index.html

Product Management Contact: cs-2800@cisco.com

2.1.3) Cisco 1800 Series Integrated Services Router

Cisco 1800 Series Integrated Services Routers are the next evolution of the award-winning Cisco 1700 Series modular access routers. The Cisco 1841 Router is designed for secure data connectivity and provides significant additional value compared to prior generations of Cisco 1700 Series routers by offering more than a fivefold performance increase, integrated hardware-based encryption enabled by an optional Cisco IOS Software security image, and a dramatic increase in interface card slot performance and density while maintaining support for more than 30 existing WAN interface cards (WICs) and multiflex trunk cards (voice/WICs [VWICs]—for data only on the Cisco 1841 router) of the Cisco 1700 Series.

The Cisco 1841 Router features secure, fast, and high-quality delivery of multiple, concurrent services for small-to-medium-sized businesses and small enterprise branch offices. The Cisco 1841 router offers embedded hardware-based encryption enabled by an optional.

Cisco IOS Software security image; further enhancement of VPN performance with an optional VPN acceleration module; an intrusion prevention system (IPS) and firewall functions; interfaces for a wide range of connectivity requirements, including support for optional integrated switch ports; plus sufficient performance and slot density for future network expansion and advanced applications as well as an integrated real-time clock.

Figure 5

Cisco 1800 Series

Benefits

Supports concurrent deployment of high-performance, secure data services with headroom for future applications.

Offers cryptography accelerator as standard integrated hardware that can be enabledwith an optional Cisco IOS Software for 3DES and AES encryption support.

Provides 32 MB of Flash and 128 MB of synchronous dynamic RAM (SDRAM) memory to support deployment of concurrent services.

Supports the Cisco 1841 router starting with Cisco IOS Software Release 12.3T and helps enable end-to-end solutions with support for latest Cisco IOS Software-based QoS, bandwidth management, and security features.

New intrusion-detection-system (IDS) signatures can be dynamically loaded independent of the Cisco IOS Software release.

Hardware

Routers

Cisco 1800 Series Integrated Services Routers


Additional Information: http://www.cisco.com/en/US/products/ps5853/index.html

Product Management Contact: cs-1800@cisco.com

2.1.4) Cisco 1711 and 1712 Security Access Routers

Description

The Cisco 1711 and 1712 Security Access Routers offer an all-in-one security, routing, and switching solution for enterprise small branch offices and small and medium sized businesses. They feature built-in Fast Ethernet LAN switching, Fast Ethernet port for DSL or broadband modem connectivity, integrated Cisco IOS Security and backup WAN for link redundancy to help ensure high availability of critical business applications.

Figure 6

Cisco 1711/1712 Application Advantages—Workgroup Segmentation with Dial Backup

Benefits

Complete Solution—delivering broadband access with link redundancy, routing, switching and security.

Integrated Network Security—stateful inspection firewall with URL filtering, hardware accelerated VPN encryption (DES & 3DES) delivering 15 Mbps encryption rates, and IDS detecting 100 signatures.

Integrated LAN Switching—4 port 10/100BaseT switch with 802.1Q VLAN and MDI/MDIX auto-configuration.

High WAN Availability—ensures availability of network connection and applications with analog modem or ISDN S/T back-up WAN.

WAN Migration—Use the Analog modem or ISDN S/T port as primary connection then migrate to high speed Cable/DSL connection when available.

Dual ISP Support—The 10/100BaseT ports can be separated to allow simultaneous connection to two ISPs for load balancing and failover protection.

Superior Manageability—CiscoWorks for centralized configuration and management. Embedded web-based Security Device Manager (SDM) for simplified device configuration management.

Hardware

Routers

Cisco 1711 and 1712 Security Access Routers


Product Management Contact: dthaele@cisco.com

2.1.5) Network Modules for Circuit Emulation Services over IP for the 2600, 3600, and 3700 Series Routers

Description

The Cisco 2600/3660/3700 Circuit Emulation over IP (CEoIP) network modules (product IDs: NM-CEM-4T1E1 and NM-CEM-4SER) enable service provider customers to create a new revenue stream by offering a leased line service over existing packet infrastructure. Enterprise and government customers will be enabled to migrate applications which require TDM transport on to their IP networks, thus saving operational expenses.

Hardware

Routers

Cisco 2600 and 3700 Series

Cisco 3600 Router


Product Management Contact: cschwaig@cisco.com

2.1.6) Network Analysis Module for the 2600, 3660, and 3700 Series Routers

Description

The Cisco 2600/3660/3700 Series Network Analysis Module (product ID: NM-NAM) is an integrated traffic-monitoring network module that enables network managers to gain application-level visibility into network traffic at remote sites with the ultimate goal of improving performance, reducing failures, and maximizing return on network investments. It expands the Cisco NAM solution available for Cisco Catalyst® 6500 Series switches and Cisco 7600 Series routers. It provides the unique advantage of performing remote troubleshooting and traffic analysis through its Web-based NAM Traffic Analyzer without having to send personnel to remote sites or haul large amounts of data to the central site.

Figure 7

The Cisco 2600/3660/3700 Series Network Analysis Module

Benefits

Real Time and Historical Traffic Monitoring in WANs—Analyze bandwidth usage at application level, proactively monitor data and VoIP applications.

Application Performance Management—Identify application response delays observed at branches.

Fault Isolation and Troubleshooting—Remotely isolate network problems, capture/decode packets.

VoIP and QoS Monitoring—Analyze IP Telephony sessions, validate QoS policies.

Capacity Planning and Extended Applications—with standards based software applications.

Hardware

Routers

Cisco 2600 and Cisco 3700 Series

Cisco 3660 Router


Product Management Contact: massung@cisco.com

2.1.7) Cisco Unity Express

Cisco Unity Express offers entry-level voice mail and automated attendant services as an option for the Cisco CallManager Express call-processing solution. This product is critical for Cisco CallManager Express customers in small/medium businesses or branches that need data connectivity and IP Telephony functionality, and those that require the productivity benefits that voice mail and auto attendant services provide. Cisco Unity Express is delivered on a network module that can be used in the Cisco 2600XM Series, Cisco 2691, and the Cisco 3700 Series Access Routers.

Figure 8

Cisco Unity Express

Benefits

Voice-mail and automated attendant features specifically designed for the small and medium office or branch. Cisco Unity Express provides up to 100 personal mailboxes, 20 general delivery mailboxes, 8 concurrent sessions or ports, and 100 hours of onboard storage.

Cisco Unity Express is delivered on a network module form factor that can be integrated into and shared across a broad range of access routers (Cisco 2691 Routers; Cisco 2600XM and 3700 Series Access Routers).

First release of Cisco Unity Express offers superior voice message management to the user by support voice mail features (ie: replying, forwarding, and saving messages; message marking and play out options for privacy or urgency; alternate greetings and envelope information).

Cisco Unity Express includes a built-in automated attendant that simplifies self service for callers by allowing them to quickly reach the right person without the assistance of an operator, but maintains the option to return to an operator at any time when greater assistance is needed.

A choice of GUI, command-line interface (CLI) and telephony user interface (TUI) streamlines administration.

Cisco Unity Express software is loaded on the network module at the factory, simplifying deployment. The Cisco Unity Express initialization wizard further expedites the administrator's startup by automatically importing information from Cisco CallManager Express, thereby eliminating the need to replicate data entry.

Hardware

Routers

Cisco 2691 Routers

Cisco 2600XM and 3700 Series Access Routers


Product Management Contact: access-ccme-cue@cisco.com

2.1.8) Cisco IDS Network Module

With the increased complexity of security threats, achieving efficient network intrusion security solutions is critical to maintaining a high level of protection. Vigilant protection helps ensure business continuity and minimizes the effect of costly intrusions. The Cisco IDS Network Module for the Cisco 2600XM and 3700 Series Routers and the Cisco 3660 Router is part of the Cisco IDS Family sensor portfolio and the Cisco Intrusion Protection System. These IDS sensors work in concert with the other IDS components (Figure 49), including Cisco IDS Management Console, CiscoWorks VPN/Security Management Solution, and Cisco IDS Device Manager, to efficiently protect data and information infrastructure.

The Cisco IDS product line delivers a broad range of solutions that allow easy integration into many different environments, including enterprise and service provider environments. Each sensor addresses the bandwidth requirements of different routers up to 10 Mbps in the Cisco 2600XM, and up to 45 Mbps in the Cisco 3700 Series. The appliance product supports 80 Mbps to 1 Gbps.

The Cisco IDS Network Module can monitor up to 45 Mbps of traffic and is suitable for T1/E1 and T3 environments. A router installed with this IDS network module also supports other Cisco IOS Security features such as VPN, firewall, Multiprotocol Label Switching (MPLS), Network Address Translation (NAT), and Web Cache Control Protocol (WCCP), while supporting all common Cisco IOS Software functions.

Cisco IDS Network Modules fit into a single network module slot on the Cisco 2600XM Series, Cisco 3660, and Cisco 3700 Series Routers. The available configuration is a 20-gigabyte hard disk for logging and storage of events. The external Ethernet port is used for command and control to enable a secure outbound port for management. This setup also allows for both security operations and network operations to have their own command and control interfaces.

Figure 9

Cisco IDS Network Module

Benefits

By integrating IDS and branch office routing, Cisco reduces the complexity of securing WAN links, while reducing operational costs. Following are the benefits associated with the integration of the IDS into the branch office router:

Physical Space Savings: uses a single network module slot in a Cisco 2600XM Series, Cisco 3660, or Cisco 3700 Series branch office routers.

Simple Power and Cable Management: takes advantage of the power options of the router, including DC power and redundant power.

Common Management Interface: can be configured and managed from the Cisco IOS Software CLI. This network module supports all the same CiscoWorks Management Center for Cisco IDS Sensors that the Cisco IDS 4200 Series supports, allowing customers to use one centralized management system for both appliance and router IDS sensors.

Network Command and Control Interface: by using the external Fast Ethernet port for command and control, the Cisco IDS Network Module internal router connection is free to capture the packets to the network module for processing by the IDS engine.

Separate Processor for the Cisco IDS Network Module to Maximize Performance: a dedicated CPU in the network module frees the router CPU from process-intensive IDS tasks.

Lower Operational Costs: the Cisco IDS Network Module is covered via Cisco maintenance service for the router. This setup minimizes network operational costs.

Hardware

Routers

Cisco 2600XM, 3600, and 3700 Series Routers

Cisco 2691 Router


Product Management Contact: Kevin Sullivan, sullivan@cisco.com

2.2) Broadband

Table 3  Broadband Feature Highlights

Sections

2.2.1) Upstream Connection Speed Transfer at LAC

This feature allows the configuration for Layer 2 Tunneling Protocol (L2TP) Attribute-Value Pair 38 (AVP) at the L2TP Access Concentrator (LAC). AVP38 allows the communication of the upstream (from the remote site to the LAC) connection speed and complements Cisco's existing support for AVP24 for downstream (from LAC to remote site) connection speed. This support allows for the creation of asymmetric broadband services where the upstream and downstream connection speeds differ.

Benefits

Allows support of asymmetric broadband service speeds such as Asymmetric DSL (ADSL).

Better compliance with RFC2661 for L2TP.

Required for regulatory compliance in European countries like Germany.

Hardware

Routers

Cisco 7200, 7300, and 7400 Series Routers


Product Management Contact: sbhardwa@cisco.com

2.2.2) Configurable MAC Address for bba-group

This feature allows the configuration of separate MAC addresses for PPPoE and RBE sessions on the same physical ATM interface. This is important since the aggregation router, as shown in Figure 10, uses the ATM interfaces MAC address as the source address for both the PPPoE and RBE incoming sessions. In cases where multiple hosts exist and PPPoE and RBE sessions have been initiated, there is a need to have the ability to configure the MAC address (versus simply taking the MAC address from the ATM interface of the CPE router) so that the different sessions can be differentiated. This feature is only available under the bba-group configuration mode and requires each session to be on its own PVC.

Figure 10

Configurable MAC Address for bba-group

Benefits

Allows support of multiple session types, like RBE and PPPoE, on the same ATM interface for broadband applications.

Hardware

Routers

Cisco 7200, 7300, and 7400 Series Routers


Considerations

Only configurable under the bba-group mode and not vpdn-group mode.

Requires each session to be on its own PVC.

Product Management Contact: sbhardwa@cisco.com

2.2.3) Explicit Call Transfer for ETSI PRI

Explicit Call Transfer (ECT) allows the router to transfer a call received from the PSTN to the final destination number on the PSTN instead of "hairpinning" the call on the router interface and consuming DS0 channel on a PRI interface. This particular feature will allow the ECT functionality to work on ETSI (NET5) switch-type and will help make better use of channels on a PRI interface. The typical architecture for this functionality has the AS5xxx to acting as a voice gateway between a SIP (Session Initiation Protocol) based Voice Recognition Server(VRS) and a Central Office Switch in the PSTN network. The application is to be able to provide call transfer services based upon voice recognition (the typical voice activated menus of call centers like an airline reservation system) to service provider customers looking to operate large customer contact centers. In these applications, the call flow proceeds as follows:

1. An initial call is received on a PRI interface of the Cisco AS5000 Series and routed to the Voice Recognition Server via a SIP interface.

2. The VRS identifies a destination number to transfer the call to based on a voice command selection from the end user.

3. The VRS sends appropriate SIP message with the destination number to the Cisco AS5000 Series and the Cisco AS5000 Series does an Expicit Call Transfer on its PRI interface of the original call.

Benefits

Allows better utilization of DS0 channels on PRI interfaces for VoIP applications and allows Call Transfer functionality to work with ETSI (NET5) switch types, which are found in Europe and Asia.

Hardware

Access Servers

Cisco AS5000 Series Access Server


Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.4) Protocol Translation Template

Protocol Translation Template (PTT) will allow Telco DCN (Data Communication Network) customers increased flexibility in configuring PT sessions in environments where a large number of PT sessions must be configured. The current PT configuration requires static mapping between incoming connections (like PAD, Telnet, LAT) and configuration parameters to the outbound protocol connection (PAD, Telent, LAT, PPP, SLIP, ...) and configuration parameters. The new PTT will allow the construction of a template which will contain `ruleset' capabilities to allow for the dynamic configuration construction to simplify the task of creating large scale PT configurations. The `ruleset' capability will allow for multiline string searches, comparisons, and substitutions in the PTT to create a configuration for PT.

Benefits

Using Protocol Translation Templates will allow Telco DCN administrators to create large scale PT configurations in a quicker and more error-free manner. Administrators will not have to configure a large number of static PT sessions and will have a simple method to configure a general purpose PTT.

Hardware

Routers

Cisco 2610XM, 2620XM, 3660, 3725, and 3745 Routers


Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.5) Asynchronous Line Monitoring

Asynchronous Line Monitoring enables the monitoring of control characters, along with the character mode traffic on an asynchronous line. A new keyword `control-char' will be added to the existing CLI `monitor traffic' to turn on this function.

Asynchronous Line Monitoring also adds the ability to lock the keyboard, preventing the insertion of typed characters into the stream of characters on the asynchronous line.

The modified CLI will look like this:

monitor traffic line <line> [in] [out] [control-char][interactive]

This functionality is important for Telco Data Communication Network (DCN) applications where Service Providers want to monitor remote Network Elements via asynchronous lines.

Figure 11

Asynchronous Line Monitoring

In the DCN application example shown above, the user opens a telnet session from the Operation Support System (OSS) host to the Network Element.

Benefits

Asynchronous Line Monitoring provides added granularity and enables network administrators to control traffic on asynchronous lines.

Hardware

Routers

Cisco 2610XM, 2620XM, 3660, 3725, and 3745 Routers


Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.6) VRF Aware Dialer Watch

Description

The virtual routing and forwarding instance (VRF) Aware Dialer Watch feature enhances dialer watch functionality by allowing an IP address and VRF pair to be watched for dial backup. In this way, a given VRF (or set of VRFs) may be backed up by an ISDN or Dial Connection. This functionality provides an added measure of fault tolerance in a VPN environment.

Figure 12

VRF Aware Dialer Watch Typical Configuration

A typical scenario for the VRF Aware Dialer Watch feature follows:

A VRF router learns the route to the CE (Customer Edge) from a PE (Provider Edge).

The VRF router watches these learned routes to the CEs.

The primary link between a PE and CE goes down.

The watched route goes down in the VRF router.

Dialer Watch call is initiated to the corresponding CE.

Benefits

Enhanced fault tolerance and network Resiliency in VPN environments.

Hardware

Routers

Cisco 3631, 3640, 3640A, and 3660 Routers

Cisco 3725 and 3745 Routers


Product Management Contact: sbhardwa@cisco.com

2.2.7) PPP/MLP MRRU Negotiation

Description

The PPP/MLP MRRU Negotiation Configuration feature enables a router to send and receive frames over Multilink PPP (MLP) bundles that are larger than the default Maximum Receive Reconstructed Unit (MRRU) limit of 1524 bytes. Previously, configuring the MRRU option negotiated on a multilink bundle with the MLP was not possible. Cisco IOS Software provided an MRRU default value of 1524 bytes, which meant that the maximum transmission unit (MTU) of the peer's bundle interface was restricted to a value of 1524 bytes or fewer for a successful data transfer.

The PPP/MLP MRRU Negotiation Configuration feature allows configuration control over MRRU negotiation. A new interface configuration command introduced with this feature, ppp multilink mrru, allows configuration of the specific MRRU value that the router will advertise, and optionally establishing a lower boundary on the MRRU value of the peer.

Benefits

This feature is useful when the addition of a header, such as an IPsec header or application software header, causes the MTU of packets on an MLP interface to exceed the 1500 byte MTU of a typical IP packet.

Hardware

Routers

All (platform independent)


Product Management Contact: sbhardwa@cisco.com

2.2.8) Digital Private Network Signaling System Backhaul

This feature introduces support for Digital Private Network Signaling System (DPNSS) Layer 2 functionality on the Cisco Gateway (GW) Router. It supports Layer 3 backhauling to a Cisco PGW2200 using DPNSS and Digital Access Signaling System (DASS) User Adaptation (DUA) over Stream Control Transmission Protocol (SCTP).

DPNSS was developed by British Telecom and is used in the United Kingdom, Northern Europe, and parts of Asia. It is a standard and open protocol used between PBXs in a private network that enables complex features to work on a network basis. This feature applies the DPNSS backhaul solution on Cisco gateways to provide connectivity and services to the PBXs that are running the DPNSS protocol.

Benefits

This functionality enables Cisco routers to interoperate with PBXs that run the DPNSS signaling protocol. This will allow for successful migration of Cisco VoIP solutions into a DPNSS-based PBX environment.

Hardware

Routers

Cisco 2610XM, 2611XM, 2620XM, 2621XM, 2650XM, and 2651XM Routers

Cisco 3725 and 3745 Routers


Product Management Contact: sbhardwa@cisco.com

2.2.9) V.120 Support for Network Access Servers

The V.120 Support for Network Access Server (NAS) feature supports the International Telecommunication Union Telecommunication Standardization Sector (ITU-T) V.120 bit rate adaptation standard, which allows connectivity to slower bandwidth devices through rate adaption. This feature was developed for the Media Gateway Control Protocol (MGCP) network access server (NAS) package, and allows ISDN terminal adapters to transfer data. The MGCP NAS package implements signals and events to create, modify, and close data calls. The events include signaling the arrival of an outbound call, such as IP to Public Switched Telephone Network (PSTN) to the media gateway controller (call agent), reporting carrier loss and call authorization status, and receiving callback requests.

Benefits

This feature enables Cisco routers to function in Gateway role between networks with different data rates that use the V.120 standard.

Hardware

Access Servers

Cisco AS5300, AS5350, AS5400, AS5850-ERSC, and AS5850-RSC Series Access Servers


Product Management Contact: sbhardwa@cisco.com

2.2.10) Layer 2 Tunnel Protocol Tunnel Connection Speed Labeling

In previous releases of Cisco IOS Software, when a Layer 2 Tunnel Protocol (L2TP) Network Server (LNS) received an Incoming-Call-Connected (ICCN) message, there was no authentication check on the users connection speed. L2TP Tunnel Connection Speed Labeling introduces the ability to accept or deny an L2TP session based on the allowed connection speed that is configured on the Cisco Access Registrar (ARS) RADIUS server for that user. This allows RADIUS server authorization of users based on their Service Level Agreement (SLA).

Benefits

This feature enables an LNS to authorize users for network access based upon the connection speed of the session. This is useful in certain European markets due to regulatory requirements.

Hardware

Routers

Cisco 7200, 7301, and 7400 Series Routers

Cisco 7301, 7304-NPE-G100, and 7304-NSE-100 Routers


Product Management Contact: sbhardwa@cisco.com

2.2.11) Peer Pool Backup Command

The "peer pool backup" facility provides ability to specify a "preferred" IP address pool from AAA (on a per user basis) and still provide alternate pools when then AAA specified pool is exhausted or not yet created. This functionality is driven by the emergence of numerous independently controlled AAA servers in a large scale dial or DSL environments where user groups are assigned address ranges, but there is a common "over flow" pool set so that the number of users in a group can far exceed the address range assigned. This facility also provides the ability to suppress the loading of dynamic IP address pools on a per interface basis and the ability to limit the AAA pool name to a set acceptable to the NAS, both key features when the NAS and AAA are controlled by separate parties.

Benefits

Allows Cisco routers increased flexibility and scalability in assigning IP addresses for Dial/DSL environments which have a large service subscriber base.

Hardware

Routers

Cisco 2610XM, 2611XM, 2620XM, 2621XM, 2650XM, and 2651XM Routers

Cisco 3631, 3640, and 3660 Routers

Cisco 7200 and 7400 Series Routers

Access Servers

Cisco AS5300, AS5350, AS5400, AS5850-ERSC, and AS5850-RSC Series Access Servers


Product Management Contact: sbhardwa@cisco.com

2.2.12) Point to Point Protocol over Ethernet Relay

Point to Point Protocol over Ethernet Relay (PPPoE) Relay enables an L2TP access controller (LAC) to relay active discovery and service selection functionality for PPP over Ethernet (PPPoE), over a L2TP control channel, to an L2TP network server (LNS) or tunnel switch. The relay functionality of this feature enables the LNS or tunnel switch to advertise the services it offers to the client, thereby providing end-to-end control of services between the LNS and a PPPoE client.

Benefits

PPPoE Relay allows end-to-end control of services between LNS and PPPoE client. This allows a broadband Service Provider added flexibility in the services offered to the user base or further granularity to customize the network based upon the subscriber.

Hardware

Routers

Cisco 7200 and 7400 Series Routers


Product Management Contact: sbhardwa@cisco.com

2.2.13) PPPoE Session Limit per NAS Port Download

PPPoE Session Limit Per NAS Port limits the number of PPPoE sessions on a specific virtual circuit (VC) or VLAN configured on an L2TP access concentrator (LAC). The NAS port is either an ATM VC or a configured VLAN ID.

The PPPoE per-NAS-port session limit is maintained in a RADIUS server customer profile database. This customer profile database is connected to a LAC and is separate from the RADIUS server that the LAC and L2TP Network Server (LNS) use for the authentication and authorization of incoming users. See Figure 72 for a sample network topology.

Figure 13

PPPoE Session Limit Per NAS Port Sample Topology

Benefits

Allows centralized control of the number of users on a given port for a service provider. This is useful when dealing with multiple LAC devices.

Hardware

Routers

Cisco 7200 and 7400 Series Routers


Product Management Contact: sbhardwa@cisco.com

2.2.14) Telnet/Packet Assembler/Dissembler Translation Authorization

Due to the security risks inherent in allowing unauthorized network usage, it is important to authorize sessions before allowing access to network resources. In previous releases of Cisco IOS Software, protocol translation sessions established the use of a one-step protocol translation without first issuing an authorization request. The Telnet/Packet Assembler/Dissembler (PAD) Translation Authorization feature adds an option to require that an authorization request be issued as a prerequisite to establishing a protocol translation session.

Benefits

The key benefit is enhanced security introduced by the Authorization step when using Telnet sessions or low-cost PAD devices for managing Network Elements in Telco environments with X.25.

Hardware

Routers

Cisco 2691 Router

Cisco 2610XM, 2611XM, 2620XM, 2621XM, 2650XM, 2651XM Series

Cisco 3631, 3640, 3640A, and 3660 Routers


Considerations

This feature is supported only for X.25-to-TCP and TCP-to-X.25 protocol translation sessions.

It is supported for both permanent virtual circuit (PVC) and switched virtual circuit (SVC) X.25 connections.

Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.15) X.25 Data Display Trace

The ability to debug a network is of vital importance when trying to trace the source of problems that cause lack of connectivity or suboptimal performance. X.25 Data Display Trace enhances the Cisco IOS Software debugging capability for X.25. It enables an authorized user to display the entire X.25-encoded traffic stream, including user data, for those packets specified by an X.25 debug command.

Benefits

X.25 Data Display Traces enables enhanced debugging capabilities for maintaining a router network or perhaps using the router to troubleshoot a network with X.25 connectivity.

Hardware

Routers

All routers supporting X.25 encapsulation on serial interfaces


Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.16) PPPoE over VLAN Scaling and ATM Support for PPPoE over VLANs

Scalability, both in terms of session counts and more broadly in terms of media types supported, is of critical importance to Service Providers deploying Broadband Networks. The PPPoE over VLAN Scaling and ATM Support for PPPoE over VLANs feature provides two enhancements to PPP over Ethernet (PPPoE) over IEEE 802.1Q VLAN functionality:

Session Scalability: removes the requirement for each PPPoE over VLAN session to be created on a subinterface. Removing this requirement increases the number of VLANs that can be configured on a router to 4000 VLANs per interface.

Media Support: adds ATM permanent virtual circuit (PVC) support for PPPoE over VLAN traffic that uses bridged RFC 1483 encapsulation.

Figure 14

Sample Network Topology for PPPoE over 802.1Q VLANs over ATM

Benefits

Lower cost per session due to the increase in session scalability.

Increased flexibility in terms of choosing an underlying physical media to carry PPPoE over VLAN traffic over due to the ATM support.

Hardware

Routers

Cisco 1700, 7200, 7300, and 7400 Series Routers

Cisco 3725 and 3745 Routers


Considerations

PPPoE over 802.1Q VLAN support can be configured without using subinterfaces on the PPPoE server only.

ATM PVC support for PPPoE over 802.1Q VLANs can be configured only on the PPPoE server.

Scalability targets refer to software configurability only. Hardware memory and performance considerations may impose lower limits to the number of usable sessions on a given hardware product.

Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.17) End of Record Functionality for Data Communication Networks

The Cisco Protocol Translator is designed to support telnet-like applications that are stream-based, with no recognition or accommodation for logical records. This can cause problems for record-oriented applications, because the record boundaries in X.25 data are lost during translation to TCP.

End of Record Functionality for Data Communication Networks (DCN) provides for the configuration of an End of Record (EOR) marker, enabling the X.25 logical boundaries to be marked when translated to TCP. The feature enables the preservation of logical boundaries when translating X.25 data to TCP, enabling X.25-based networking solutions to adapt to and benefit from TCP/IP technologies.

Benefits

The benefit of this feature is that it will preserve data integrity in X.25 over TCP (XOT) protocol translation environments and minimize the need for packet resends; therefore, it will improve network performance/data throughput.

Hardware

Routers

Cisco 2610XM, 2611XM, 2691, 3631, 3640, 3660, 3725, and 3745 Routers

Cisco 7200, 7400, and 7500 Series Routers

Switches

Cisco IGX8400-URM Switch

Access Servers

Cisco AS5300, AS5350, and AS5400 Series Access Servers


Considerations

This feature is supported only for XOT protocol translation sessions.

Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.18) Packet Assembler/Disassembler Subaddress Formatting Option

Prior to Cisco IOS Software Release 12.3(2)T, Packet Assembler/Disassembler (PAD) Subaddressing specifies a
two-digit field for subaddressing that requires a leading zero for subaddress values less than 10 (i.e., 0-9). The PAD Subaddress Formatting Option feature introduces the ability to suppress the leading zero for subaddresses with a value of nine or lower. This suppression occurs before the subaddress field is appended to the calling address.

Figure 15

X25 Addressing Scheme: PAD Calls from Branch Office to Host

Benefits

This feature increases compatibility with X.25 host systems that use single-digit subaddresses. This will be particularly relevant for European X.25 host systems, which have a large installed base of single-digit systems.

Hardware

Routers

Cisco 800 Series Routers

Cisco 1700 Series Access Routers

Cisco 2691, 3631, 3640, 3660, 3725, 3745 Routers

Cisco 7200, 7400, and 7500 Series Routers

Switches

Cisco Catalyst 4000-AGM Series

Cisco IGX8400-URM Series Switches


Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.19) Layer 2 Tunneling Protocol Version 3

Layer 2 Tunneling Protocol version 3 (L2TPv3) is the Cisco solution for transporting Layer 2 packets over an IP network. L2TPv3 extends the usability of IP networks by enabling the transport of Layer 2 frames over an IP infrastructure. L2TPv3 is required for supporting legacy services over IP infrastructures and for supporting several new connectivity options, including Layer 2 virtual private networks (VPNs) and Layer 2 virtual leased lines.

L2TPv3 is an update to RFC2661 (L2TPv2). L2TPv2 was originally defined as a method of tunneling PPP frames across packet switched data network. A need emerged to update the draft, so it could include all Layer 2 encapsulations that required tunneling across packet networks, which led to the development of L2TPv3.

L2TPv3 includes to noticeable changes: removal of the PPP specific portions of the L2TPv2 header, thus generalizing it for other applications, and the transition to a performance friendly format for high-speed decapsulation.

L2TPv3 uses a directed Control Channel session between edge routers for setting up and maintaining connections. Forwarding occurs through the use of IP packet forwarding between two edge devices. Two headers, an IP header and the L2TPv3 header, are used to forward packets between routers. The external header is an IP header that routes tunneled packets over the IP backbone to the egress provider edge (PE) device. The L2TPv3 header determines the egress interface, and is used to bind the Layer 2 egress interface to the tunnel.

Figure 16

L2TPv3

Benefits

Reduced Cost: consolidate multiple core technologies (ie: IP and Asynchronous Transfer Mode (ATM)) into a single packet-based infrastructure.

Simplified Services: Layer 2 transport provides options for Service Provider and Enterprise customers who need to provide L2 connectivity and maintain customer/department autonomy. Several key factors assist in the simplification of service deployment:

Configuration only on edge routers.

Service Provider and Enterprise customers do not participate in passing/maintaining routing information for VPN traffic.

Leverages code and mind share from L2VPN access network deployment.

Protect Existing Investments: Service Provider and Enterprise customers can leverage existing IP infrastructures to support Layer 2 networks without deploying an old-world infrastructure.

Feature Support: Layer 2 transport can be tailored to meet customer requirements by using Cisco IOS Software features (ie: Quality of Service (QoS) and IPsec).

New Service (revenue) Opportunities for IP Networks: ie: L2 Transport and Virtual Leased Line (VLL) services.

Standards-Based Approach: standards track open architecture addressed by the IETF.

Hardware

Routers

Cisco 1700, 2600, 3700, 7200, and 7300 Series


Attachments: Frame Relay, Ethernet, HDLC, PPP

Product Management Contact: Neil Abogado, nabog@cisco.com

2.2.20) PPPoE Session Recovery after Reload

If the PPP keepalive mechanism is disabled on customer premises equipment (CPE) device, a Point-to-Point Protocol over Ethernet (PPPoE) session will hang indefinitely after an aggregation device reload. PPPoE Session Recovery After Reload enables the aggregation device to attempt to recover PPPoE sessions that failed because of reload by sending a PPPoE active discovery terminate (PADT) packet to the CPE. The CPE device is expected to take failure recovery action upon receipt of this packet.

Benefits

Network availability will improve, because CPE routers in a Broadband network will be informed to reestablish their PPPoE session after a reload at the Aggregation Router. This will minimize the impact and duration of connectivity loss during a failure in the Aggregation Router.

Hardware

Routers

Cisco 2600, 3600, 7200, and 7400 Series Routers

Cisco 3725 and 3745 Routers


Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.21) L2TP Client-Initiated Tunneling

Layer 2 Tunneling Protocol (L2TP) Client-Initiated Tunneling introduces the ability to establish client-initiated L2TP tunnels. The client may initiate an L2TP or L2TPv3 tunnel to the L2TP network server (LNS) without the intermediate network access server (NAS) participating in tunnel negotiation or establishment.

Benefits

This enables providers to offer value-added services, such as VPNs or Firewalls, directly to their customers.

Hardware

Routers

Cisco 827, 830, 1710, 1711, and 1712 Routers


Product Management Contact: Sanjay Bhardwaj, sbhardwa@cisco.com

2.2.22) B-Channel Availability Control

ISDN B-Channel Availability Control (BCAC) and Round-Robin Channel Selection Enhancements allow more dynamic control of the ISDN B channels by providing additional functionality for configuring message signaling, and an enhanced channel selection scheme th