December 28, 2001
Products Affected
-
Resource Pool Manager Server (RPMS) Release 1.1
Problem Description
RPMS Release 1.1 Patch A is available. This patch contains a fix for CSCdv50972 that corrects a vulnerability to hanging sockets which may be exposed by interoperation with certain Cisco IOS® software images. This fix will bring the RPMS Release 1.1 patch level to equivalency with RPMS Release 1.0(4) patch B. There have also been changes to the default behavior of the remote watchdog.
The complete list of resolved DDTS entries is below:
-
CSCdv50972: Periodically close phantom socket connections created by NAS.
-
CSCdv50986: No CDR generated for Dangling Calls.
-
CSCdv51044: Cannot disable Network Access Server (NAS) Audit when watchdog detects remote.
-
CSCdv51021: Logging Statements for Watchdog.log are unclear.
To follow the link below you must be a registered user and you must be logged in.
Problem Symptoms
CSCdv50972: Periodically close phantom socket connections created by NAS.
Symptoms
The RPMS Server shuts itself down with this message in rpmserver.log:
java.net.SocketException: Too many open files
Conditions
This problem occurs when NASs in communication with RPMS, create socket connections with RPMS but do not send any data through them. This has been seen with Cisco IOS software imagec5300-j-mz.121-2a.T2.bin.
The patch enhances RPMS to periodically close these phantom sockets.
CSCdv50986: No CDR generated for Dangling Calls
Symptoms
Call Detail Records (CDR) will not be generated for dangling calls. For example, RPMS tracks an active call from NAS 1.2.3.4, DS0:0:0:1:0. RPMS then receives a subsequent call accept request from the same NAS and DS0. The currently tracked call is no longer active, but no CDR is generated.
Conditions
There are no special conditions for this to occur.
The patch insures that CDRs will then be generated for dangling calls.
CSCdv51044: Cannot disable NAS Audit when watchdog detects remote RPMS failure
Symptoms
No symptoms exist for this defect. It is an enhancement.
Currently, in RPMS 1.1, when the watchdog detects the configured remote RPMS to be in a troubled state, the watchdog will initiate a NAS audit on the local RPMS server. There is no configuration parameter available in watchdog.conf to disable this behavior.
Conditions
No special conditions exist for this defect to occur.
The patch contains a new configuration parameter that is available in the watchdog.conf file. The new parameter is NasAuditOnRemoteFailure under section RemoteRPMS. If this value is set to true, an audit will be initiated upon failure detection of the remote RPMS. If set to false, no audit will be initiated.
CSCdv51021: Logging Statements for Watchdog.log are unclear
Symptoms
The watchdog process logs unclear messages in watchdog.log. The log messages do not clearly indicate when the watchdog detects a RPMS server to be in a healthy or troubled state.
Conditions
There are no special conditions for this to occur.
Installing the patch will cause logging messages to clearly indicate the state of the RPMS servers being monitored. An example of the new logging messages are below:
Local: RPMS monitor on lipizzan-7.cisco.com has detected that RPMS
lipizzan-7.cisco.com is NOT PROCESSING incoming TACACS messages
within the specified timeout of 5 seconds at : Tue Oct 09 18:24:09
PDT 2001
Local: RPMS monitor on lipizzan-7.cisco.com has detected that RPMS
lipizzan-7.cisco.com is NOW PROCESSING incoming TACACS messages
within the specified timeout of 5 seconds at : Wed Oct 10 12:07:10
PDT 2001
Workaround/Solution
To follow the software link below you must be a registered user and you must belogged in.
To install RPMS Release 1.1 Patch A, follow these steps.
DDTS
|
DDTS |
Description |
|---|---|
|
Periodically close phantom socket connections created by NAS |
|
|
No CDR generated for Dangling Calls |
|
|
Cannot disable NAS Audit when watchdog detects remote |
|
|
Logging Statements for Watchdog.log are unclear |
NetPro Discussion Forums - Featured Conversations
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.