Cisco IOS Release 10.3(15) and all subsequent 10.3 releases are deemed "Generally Deployable." Cisco believes Release 10.3 is suitable for deployment anywhere in the network where the features and functionality of the release are required.
For printed documentation of Cisco IOS Release 10.3 access and communication server software features, refer to the Cisco IOS Release 10.3 Access and Communication Servers Configuration Guide Addendum and Access and Communication Servers Command Reference Addendum. These addenda include Release 10.3 features and supplement the information in the following manuals:
The configuration guide and command reference addenda are divided into eight main parts. Seven parts match the parts in the Release 10 Access and Communication Servers Configuration Guide and Access and Communication Servers Command Reference. The eighth part contains chapters covering new technology areas.
Electronic documentation of Release 10.3 access server software features, is available on Cisco Connection Documentation and Enterprise Series CD-ROMs. Refer to the
Cisco IOS Release 10.3 Access and Communication Servers Configuration Guide and Access and Communication Servers Command Reference publications, which are located in the Cisco IOS Release 10.3 database. (Note that the two addenda are not separate documents on the CD, because the information in them has been incorporated into the electronic documents.)
Cisco IOS Release 10.3 supports the following access and communication server platforms:
The Cisco IOS software is available in different feature sets depending upon the platform. Table 3 lists the feature sets for the Cisco 2500 series and the Cisco AS5100.
Beginning with Cisco IOS Release 10.3, the Cisco software image size exceeds 4 MB and when compressed exceeds 2 MB. Also, the systems now require more than 1 MB of main system memory for data structure tables.
For the Cisco communication servers to take advantage of the Release 10.3 features, you must upgrade the code or main system memory as listed in Table 4. Some platforms have specific chip or architecture requirements that affect what can be upgraded and in what increments.
This section describes new features and enhancements in Release 10.3(4) of the access and communication servers software. There are no new features in software releases later than Release 10.3(4).
Note The first few maintenance releases of each new Cisco IOS software release are used to deliver additional new features. Early maintenance releases of Release 10.3 include several major new features. You should consider the importance you place on maximizing product capability versus maximizing operational stability as you plan to deploy a new release. An early release of software should always be tried in a test network before being deployed in a production network.
The Cisco AS5100 is a versatile data communications platform that combines in one chassis the functions of a Cisco access server with analog and digital modems, CSUs, and T1 channel banks.
The Cisco AS5100 provides the greatest benefit for organizations that need to centralize processing capabilities for remote offices and LANs. It enables them to aggregate their modem traffic onto analog or digital telephone lines and route it through the Public Switched Telephone Network (PSTN).
This section describes new features and enhancements in Release 10.3(3) of the access and communication servers software.
- Buffer management—The buffer cache that was shared by all the public buffer pools has been removed. Instead, each interface buffer pool has its own buffer cache. A new buffer size exists, and the show buffers output is enhanced.
- AAA/TACACS+—This latest version of Terminal Access Controller Access Control (TACACS) combines enhanced functionality and new authentication, authorization, and accounting (AAA) features.
- Configure synchronization of logging messages—You can configure the system to synchronize unsolicited messages and debug output with solicited communication server output and prompts for a specific line.
- Dynamic Host Configuration Protocol (DHCP)—DHCP manages a group of IP addresses that are dynamically allocated to users logging in on asynchronous lines using SLIP or PPP. After the connection is terminated, the address is recycled into the address pool to be used again.
- Stacker compression over LAPB—Cisco now supports Stacker compression over Link Access Protocol, Balanced (LAPB) or multi-LAPB encapsulation, in addition to the previously supported predictor-algorithm compression. Stacker compression is recommended when a bottleneck occurs because of the line bandwidth.
- AppleTalk Control Protocol (ATCP) for PPP—Using ATCP, remote users dialing in on an asynchronous interface via PPP can run AppleTalk and IP natively on a remote Macintosh, access AppleTalk zones from the Chooser, use networked peripherals, and share files with other Macintosh users.
- Route summarization—You can configure the access server to advertise a single route for all redistributed routes into OSPF.
- OSPF metric calculation—OSPF calculates metrics for an interface based on the interface's bandwidth.
- BGP COMMUNITIES attribute—To facilitate and simplify the control of routing information in BGP, destinations can be grouped into communities upon which routing decisions can be based.
- IP multicast routing—The communication server can be configured to forward IP multicast traffic.
- Snapshot routing—The communication server can learn routes dynamically and keep the routes available for a specified period, even through routing updates are not exchanged during that period.
- DDR over LAPB—You can customize a DDR network to support LAPB encapsulation for various types of interfaces.
- DDR over X.25—You can customize a DDR network to support X.25 encapsulation for various types of dialers.
- Dialer hold queue—You can configure a hold queue that can prevent interesting packets from being dropped as a modem connection is being established.
This section describes new features and enhancements in the initial Cisco IOS Release 10.3 of the access and communication servers software.
This section describes the access server features that are new in the initial release of Cisco IOS Release 10.3.
- UNIX line printer daemon—This feature allows devices on a LAN that supports the UNIX line printer daemon (lpd) to send print jobs to a printer directly attached to an access server. This feature implements the queuing function of the UNIX lpdin software on the access server.
- TN3270 enhancements—The TN3270 terminal emulation support is more adaptable, easier to use, and able to support new features. This new implementation is a UNIX-style TN3270 with enhanced graphics and three logical modules: Telnet, the TN3270 emulation, and screen output routines. Features include data stream commands and data stream orders, Yale extensions, 7171-style transparent mode, structured fields, Kermit file transfers through transparent mode, and IBM-3179-2 terminal keyboard support. Attributes include foreground color, extended highlighting (underline, reverse video, flashing) and EBCDIC character sets.
- PPP/SLIP protocol translation on virtual terminals—This enhancement to the protocol translation software allows a user on a Telnet, X.25 PAD, or LAT terminal server to make an appropriate connection to an access server running protocol translation and then run SLIP or PPP for packet-oriented traffic.
- Asynchronous mobility—Asynchronous mobility allows mobile users with modems to connect to their private networks via a public network. Asynchronous mobility supports most remote node protocols in the first version. This means a mobile user can connect to an IPX private network using a public network that supports only IP protocols. The public network can be either a large corporate network or the Internet.
- Enable password—This feature allows you to specify an additional layer of security over the enable password command, first by enforcing the use of two passwords, and then by storing the enable secret using a nonreversible cryptographic function.
This section describes the backbone protocol routing features that are new in the initial release of Cisco IOS Release 10.3.
The following features have been added to Cisco's IP software:
- Next Hop Resolution Protocol (NHRP)—Access servers and hosts can use NHRP to discover the addresses of other access servers and hosts connected to a nonbroadcast, multiaccess (NBMA) network. NHRP provides an ARP-like solution whereby systems attached to an NBMA network can dynamically learn the addresses of the other systems that are part of that network. These systems can then directly communicate without requiring traffic to use an intermediate hop.
- Virtual private network—NHRP can be used to facilitate building a virtual private network. In this context, a virtual private network consists of a virtual Layer 3 network that is built on top of an actual Layer 3 network. The topology you can use over the virtual private network can be largely independent of the underlying network, and the protocols you run over it can be completely independent of it.
- Hot Standby Router Protocol (HSRP) enhancements—HSRP now allows multiple access servers on a LAN to provide fast backup for each other. Another new HSRP feature is the ability to configure an access server so that its Hot Standby priority changes based on the availability of its interfaces.
- BGP COMMUNITIES attribute—To facilitate and simplify the control of routing information in BGP, destinations can be grouped into communities upon which routing decisions can be based.
- Flexible netmask display—IP uses a 32-bit mask that indicates which address bits belong to the network and subnetwork fields and which bits belong to the host field. This feature allows you to display the netmask in dotted decimal, hexadecimal, or bitcount format.
- Offset to routing metrics enhancement—You can now limit an offset list to a particular interface or apply an access list to it. An offset list is the mechanism for increasing incoming and outgoing metrics to routes learned via RIP and IGRP.
- IP extended access list enhancements—Improvements include the following:
- The established keyword is now independent of port number filtering. Previously, you could not use established and filter on a port number. This enhancement allows more granularity in the use of established.
- Port filtering and the established keyword are no longer presented as options during configuration unless they are applicable.
- The Cisco IOS software now recognizes many names for TCP and UDP port numbers (for example, FTP, gopher, and talk).
- The keyword any is now an abbreviation for "0.0.0.0 255.255.255.255" in standard and extended access lists.
- Port filtering now supports filtering on a range of port numbers.
- ICMP messages can be filtered on type and code. In addition, the Cisco IOS software now recognizes the names of all ICMP messages, so these can also be specified by name as well as number.
- IGMP messages can now be filtered by message type (number) or message name (DVMRP, host-query, host-report, PIM, and trace).
- Packets can now be filtered by precedence level. Levels can be selected by name or number. Known names are critical, flash, flash-override, immediate, internet, network, priority, and routine.
- When IP extended access lists are used to control access to and from access server services (for example, access-class 101 in), ICMP, IGMP, precedence, and type of service filtering are not performed.
- You can now filter on source ports for TCP and UDP using all of the same operators as destination ports.
- The protocols Enhanced IGRP, ipinip (IP in IP), and OSPF are now known to the parser. Previously, you had to use explicit protocol numbers.
- A show ip access-list command has been added. Its output is identical to show access-list, but is IP specific and allows you to specify a particular access list. With no argument, it displays all simple and extended IP access lists.
This section describes the desktop protocol features that are new in the initial release of Cisco IOS Release 10.3.
The following feature has been added to Cisco's AppleTalk software:
- AppleTalk interenterprise routing—This feature provides support for AppleTalk internets, or domains. AppleTalk interenterprise routing allows two or more AppleTalk domains to be connected through a domain access server. AppleTalk interenterprise routing allows the resolution of conflicting AppleTalk network numbers or cable ranges from different domains and hop-count reduction between domains. With this feature, multiple AppleTalk domains can be internetworked into large scale application, security-based environments with minimal effort.
The following features have been added to Cisco's Novell IPX software:
- NetWare Link Services Protocol (NLSP)—NLSP is a link-state routing protocol based on the OSI IS-IS protocol. Cisco's implementation of NLSP also includes NLSP MIB variables and tools to redistribute routing and SAP information between NLSP and other IPX routing protocols such as RIP, SAP, and Enhanced IGRP.
- IPXWAN Version 2.0—Our access servers support IPXWAN Version 2.0 as defined in RFC 1634. The major enhancements to IPXWAN Version 1.0 are the ability to negotiate the use of NLSP and support for unnumbered IPX links. IPXWAN Version 2.0 is supported over permanent serial lines, X.25 switched and permanent virtual circuits, and Frame Relay permanent virtual circuits.
- IPX floating static routes—Static routes are traditionally implemented to always take precedence over any dynamically learned routes to the same destination network. A floating static route is a statically configured route that can be overridden by dynamically learned routing information. Thus, a floating static route can be used to create a path of last resort that is used only when no dynamic information is available.
This section describes the wide-area networking features that are new in the initial release of Cisco IOS Release 10.3.
The following feature has been added to Cisco's Frame Relay software:
- AutoInstall over Frame Relay—Cisco's AutoInstall feature provides simple access server installation at a remote site from a centralized management location. The central location connects to the remote access server via a serial line and downloads a configuration file. This feature supports autoinstallation over Frame Relay encapsulation on a serial line.
The following feature has been added to Cisco's X.25 and LAPB software:
This section describes the network management features that are new in the initial release of Cisco IOS Release 10.3:
- Cisco Discovery Protocol (CDP)—CDP is a protocol- and media-independent device-discovery protocol that runs on all Cisco-manufactured equipment. It allows you to query Cisco devices on the network without affecting their configuration. By using CDP on a Cisco access server, a device can advertise its existence to others and receive information about all other devices on the same LAN (or on the remote side of a WAN).
- Open Shortest Path First (OSPF) Version 2 Management Information Base (MIB)—This MIB provides RFC 1253 support. RFC 1253 defines standard objects and variables for managing OSPF Version 2.
- Cisco IOS privilege levels—This feature allows an administrator to establish privilege levels for the user interface. The administrator can establish up to 16 levels of access. The multilevel passwords allow the administrator to specify different levels of security for different commands.
- Command aliases—The administrator can now create aliases for Cisco commands.
This section describes warnings and cautions about using the Cisco IOS Release 10.3 software. It discusses the following topics:
If you are upgrading to Cisco IOS Release 10.3 from an earlier Cisco IOS software release, you should save your current configuration file before configuring your access server with the Cisco IOS Release 10.3 software.
If you are using candidate default routes in IP Enhanced IGRP, there is a backwards compatibility problem between Cisco versions earlier than Releases 9.21(4.4), 10.0(4.1), 10.2(0.6), and later Cisco versions. Upgrade all access servers to Releases 9.21(4.4), 10.0(4.1), and 10.2(0.6) or later.
The problem is as follows: When access servers running the later versions are directly attached with neighbors running the earlier version, some Enhanced IGRP internal routes appear as candidate default routes to the access servers running the later version. This can cause the gateway of last resort to be set incorrectly. If your autonomous system relies upon Enhanced IGRP to set the gateway of last resort, traffic that is routed through the gateway of last resort can loop.
A candidate default route is a route that is tagged as the default route. An access server that is selected as the gateway of last resort is one that advertises the best metric for candidate default routes.
A complete fix to the backwards compatibility problem is available with Releases 10.0(4.7), 10.2(0.11), and 9.21(5.1). Access servers running a version older than those versions are unable to mark Enhanced IGRP internal routes as candidate default routes.
Version 3.3 of mrouted, which was announced on August 26, 1994, has a multicast traceroute facility that does not work through Cisco access servers. Cisco access servers do have multicast tracing utilities that can be used to manage multicast internetworks. An interoperable solution will be provided in an early maintenance release of Cisco IOS Release 10.3.
Our implementation of AppleTalk does not forward packets with local source and destination network addresses. This behavior does not conform to the definition of AppleTalk in Apple Computer's Inside AppleTalk publication. However, this behavior is designed to prevent any possible corruption of the AARP table in any AppleTalk node that is performing MAC-address gleaning.
Certain products containing a particular revision of Token Ring controllers do not support source-route transparent bridging (SRT). SRT is the concurrent operation of source-route bridging (SRB) and transparent bridging on the same interface. The issue is confined to products containing the Texas Instruments TMS380C26 Token Ring controller. The affected products, shipped between March 30, 1994 and January 16, 1995, are the Cisco 4000 NP-1R, Cisco 4000 NP-2R, Cisco 2502, Cisco 2504, Cisco 2510, Cisco 2512, Cisco 2513, and Cisco 2515.
Units shipped before March 30, 1994 or after January 16, 1995 are not affected. They use the TI TMS380C16 Token Ring controller, which supports SRT.
SRT support is necessary in two situations. In one, Token Ring networks are configured to source-route bridge protocols such as SNA and NetBIOS, and transparently bridge other protocols, such as IPX. In the other situation, SNA or NetBIOS uses source-route bridging and Windows NT is configured to use NetBIOS over IP. Certain other configuration alternatives do not require SRT (contact the Technical Assistance Center).
As of Release 10.3(1), source-route bridging (SRB) in the following Cisco IOS features sets is no longer supported: IP, IP/IPX, and Desktop. In order to use SRB, you need one of the following feature sets: IP/IBM base, IP/IPX/IBM base, Desktop/IBM base, or Enterprise. In most non-IBM Token Ring environments, the multiring feature in IP, IP/IPX, and Desktop eliminates the need for IP/IBM base, IP/IPX/IBM base, Desktop/IBM base, or Enterprise.
This section describes possibly unexpected behavior by Cisco IOS Release 10.3(19). These caveats apply to all 10.3 releases up to and including 10.3(19). The caveats listed here describe only the serious problems. For a complete list of caveats against this release, use the Documentation CD-ROMs or access Cisco Connection Online as described at the end of this document.
- If the transmit queue limit is set to a low value (for example, through priority queuing), traffic on the interface might be subject to delayed transmission. [CSCdi35399]
- A Cisco 2500 router might crash every few hours because of a software-forced crash. [CSCdi70494]
- The show stacks command fails to report the correct version of code running at the time of the last reload. This problem occurs when the Flash version of the Cisco IOS software does not match the running version of code. [CSCdi74380]
- The following problem has been observed in Cisco IOS releases 10.3(10) and later: a router develops a memory leak after the priority-group command is removed from an interface. The leak will not develop if the router is reloaded after the command is removed. [CSCdj19094]
- Systems will not recognize the following Intel bootflash SIMMS during bootflash format: 28F004S5 (device code A7), 28F008S5 (device code A6), and 28F016S5 (device code AA).
- If you want to run these bootflash devices and use images prior to this bug fix, you must format bootflash with an image containing this bug fix. Then you may load an older image onto the newly formatted bootflash SIMM. [CSCdj20651]
- DLSw incorrectly shows a device both as source and destination in the reachability cache, after a session outage and subsequent recovery. [CSCdi29129]
- The data-link switching (DLSw) ring-list is intermittently not recognized. [CSCdi33453]
- In certain environments, when using RSRB, the router might discard explorer frames. These single-route explorer frames (for example, with a RIF RD of C270) seem to be mishandled by the router and sent to unused interfaces. Removing the configuration from the unused interfaces seems to solve the problem. [CSCdi86652]
- With RSRB direct encapsulation over FDDI, and with multiple routers that provide parallel paths from ring to ring, a router that is configured to peer to two different routers might show only one path in the show source output. [CSCdi91746]
- After you upgrade a Cisco 2504 to 10.3(16), a Novell SAA gateway is no longer able to connect via DLSw to a remote FEP. In the XID negotiation, the SAA Gateway complains about the maximum number of outstanding "I" frames. [CSCdj14967]
- High-end routers intermittently drop Sequenced Packet Exchange (SPX) keepalive packets between local Token Rings. [CSCdi36291]
- If a serial interface is set to loopback via a hardware signal, the interface will remain in loopback until the hardware signal is dropped and a no loopback interface configuration command is issued. [CSCdi47768]
- Version 1.6 Revision C0 EIP cards might cause cache parity errors on all Cisco 7500 series and Cisco RSP7000 systems. The cache parity errors can cause system reloads. The hardware revision and version can be determined from the show diag command output. This problem is resolved in RSP EIP microcode version 20.2 and higher. (The microcode has been changed to alleviate the hardware problem with the "f" transceivers. The board has been revised to 1.6 D0 to replace the "f" transceivers with the "fr" part.) [CSCdi52082]
- Occasionally, a Switch Processor (SP) or Silicon Switch Processor (SSP) card fails, causing CBUS-3-INITERR (8034) errors. To fix this problem, replace the hardware. [CSCdi65219]
- When processing IPX (NCP) keepalive (watchdog) packets, the router adds an extra byte to the packet when SSE switching is enabled. [CSCdi66651]
- When bridging IP and routing AppleTalk, assigning the bridgegroup to the LEX interface causes AARP entries to disappear and to no longer be resolved. [CSCdj22825]
- IP packets sent to the Hot Standby Router Protocol (HSRP) virtual MAC address are not received if the packet is Subnetwork Access Protocol (SNAP)-encapsulated and the receiving interface is part of the ciscoBus or Switch Processor (SP) complex. [CSCdi39274]
- IP cache is erroneously not invalidated for destinations which use the default routes after the next hop is down. To work around this problem, execute the clear ip cache command. [CSCdj26446]
- If Enhanced IGRP is running natively, and an interface goes down, Enhanced IGRP topology entries that are from the redistribution of connected routes might not clear. [CSCdj28874]
- If secondary addresses are configured on an unnumbered interface, the interface routes corresponding to these addresses are not advertised in IS-IS. A workaround is to number the interface. [CSCdi60673]
- On a Cisco 2514 router running protocol translation from X.25 to LAT, the following message is displayed when about 70 sessions have been configured:
%LAT-3-BADDATA: Tty124, Data pointer does not correspond to current packet
- [CSCdi82343]
- When configuring LAT services and translate statements, the following error messages may be displayed:
%Translate: Can't set up LAT service name Insufficient memory to store new identification.
- [CSCdj01752]
- On Cisco 4500 routers, physical broadcast packets received on a Token Ring interface on which a bridge bridge-group address command is configured are repeatedly sent to other Token Ring interfaces. VINES uses physical broadcast to exchange RTP information. This behavior occurs in releases after Release 10.3(7). The workaround is to upgrade to Release 11.0 or 11.1 and to turn on VINES routing, or to remove the above bridge command from the configuration. [CSCdi74089]
- The AIP cannot be configured to issue idle cells instead of unassigned cells. [CSCdi48069]
- On an ATM interface, the following error message might be displayed even if the burst size is 32:
tx output hung(800E = queue full)
- [CSCdi92985]
This section describes possibly unexpected behavior by Cisco IOS Release 10.3(18). These caveats apply to all 10.3 releases up to and including 10.3(18). For additional caveats applicable to Release 10.3(18), see the caveats section for Release 10.3(19), which precedes this section.
The caveats listed here describe only the serious problems. For a complete list of caveats against this release, use the Documentation CD-ROMs or access Cisco Connection Online as described at the end of this document.
All the caveats listed in this section are resolved in Release 10.3(19).
- On RSP systems, when maximum-size MTU packets are received by serial interface processors (including the FSIP, HIP, MIP, POSIP, and serial port adapters on VIPs that forward data to the RSP to be routed), up to 8 bytes of data might be written into the next datagram's packet memory. This could result in anomalous system behavior, including software-caused system crashes and dropped datagrams. This problem is never seen on RSP systems that do not have serial interfaces. [CSCdj08573]
- The output of the show tech-support command displays some potentially sensitive SNMP data, such as the SNMP community strings, SNMP MD5 keys, and SNMP user IDs and passwords. If these data refer to read-write communities or views, they can be used to reconfigure the Cisco IOS software, providing the same level of access to the Cisco IOS software as is available with the enable password. Use caution when sending show tech-support command output across insecure channels. For example, remove the community strings, keys, and user IDs and passwords before sending. [CSCdj06881]
- A Cisco 7000 series router with SP microcode might crash when a buffer copy by the SP makes the RP wait too long, causing a bus error. [CSCdi77785]
- When an LNM queries the router with a report station address, the router answers correctly with a report station address. However, 0.001 seconds later, the router sends a second report station address to the LNM with all zeros in the frame. This causes the LNM to work incorrectly. [CSCdj04559]
- Rarely, a DLSw circuit might become stuck in a "remote_resolve" state. To get the circuit out of this state, disable then reenable DLSw. [CSCdj07098]
- On Cisco 7500 RSP platforms, FSIP serial interfaces may display the following panic messages on the RSP console:
%RSP-3-IP_PANIC: Panic: Serial12/2 800003E8 00000120 0000800D 0000534C %DBUS-3-CXBUSERR:
Slot 12, CBus Error %RSP-3-RESTART: cbus complex
- If the string "0000800D" is included in on the panic message, the problem is related to this bug. The workaround is to load a new image that contains the fix for this bug. [CSCdi78086]
- OIR removal of a FIP from one slot into another will cause the FDDI to permanently remain in DOWN/DOWN. You must reload to restart the FDDI. OIR removal and replacement back into the same slot works fine. [CSCdi87221]
- If you have a Cisco 4000 connected to a FDDI ring and to a Token Ring with several servers and clients on both of the rings, packets that go from the FDDI ring to the Token Ring might be corrupted. There is no corruption of the protocol or the checksum. There is no corruption of packets going from the Token Ring to the FDDI ring. [CSCdj05331]
- Sometimes OSPF neighbor lists become corrupted, preventing OSPF from forming adjacencies. This problem might also cause the router to crash. [CSCdj16875]
- A router may reload without producing a stack trace, or otherwise behave unpredictably, when routing an X.25 call that contains 16 bytes of Call User Data. There is no known workaround. [CSCdj10216]
This section describes possibly unexpected behavior by Cisco IOS Release 10.3(17). These caveats apply to all 10.3 releases up to and including 10.3(17). For additional caveats applicable to Release 10.3(17), see the caveats section for Release 10.3(18), which precedes this section.
The caveats listed here describe only the serious problems. For a complete list of caveats against this release, use the Documentation CD-ROMs or access Cisco Connection Online as described at the end of this document.
All the caveats listed in this section are resolved in Release 10.3(18).
- On Ethernets that experienced output errors, you might also see XBUFHDR and INVRTN errors. [CSCdi75404]
- Rarely, DLSw+ reachability entries might get stuck in the VERIFY state. This problem is timer related and will generally occur after several months of operation. [CSCdi93217]
- When pinging over synchronous DDR with HDLC stac compression, the router will unexpectedly reset. [CSCdi79832]
- An extended access list that denies IP traffic and that does not require transport layer information may let fragments go through if the log option is configured. As a workaround, do not configure the log option. [CSCdj00711]
- During topology changes, a lot of OSPF update packets can be generated and flooded throughout the network and overload the network. This overload situation can cause OSPF to lose neighbors. [CSCdi85902]
- Router memory leaks if a router receives a CLNS packet with an invalid destination address length. [CSCdi90052]
- In a redundant IPX Enhanced IGRP network running IPX incremental SAP, the router's SAP table SAP information may contain out-of-date information, such as the socket number if the socket number is changed from its initial advertisement. [CSCdi85953]
- When IPX incremental SAP is running, the router's SAP table may not contain all the SAPs in the network if one of its interfaces goes down and comes back up later. [CSCdi90899]
- When running IPX incremental SAP, the router may not remove all the SAPs that are no longer reachable via this router. [CSCdi90907]
This section describes possibly unexpected behavior by Cisco IOS Release 10.3(16). These caveats apply to all 10.3 releases up to and including 10.3(16). For additional caveats applicable to Release 10.3(16), see the caveats section for Release 10.3(17), which precedes this section.
The caveats listed here describe only the serious problems. For a complete list of caveats against this release, use the Documentation CD-ROMs or access Cisco Connection Online as described at the end of this document.
All the caveats listed in this section are resolved in Release 10.3(17).
- If a BIND request is received before the Notify response has arrived, DSPU will reject the BIND request with sense code 0x80050000. [CSCdi76085]
- When using DLSw+ to communicate with non-Cisco devices, the Cisco platform might incorrectly handle incoming transport keepalive packets. [CSCdi78202]
- Token Ring drivers that are bridging packets might misclassify IPX broadcast packets as SRB explorer packets and flush them rather than switch them. This problem occurs on low-end products only (for example, IGS xx or Cisco 4500 series platforms). No other protocol packets are affected; this is an IPX broadcast issue only. [CSCdi75134]
- A Management Information Base (MIB) query of the ospfLsdbTable fails because no MIB objects are found under the ospfLsdbTable subtree. However, some subtrees under OSPF can be successfully queried, such as ospfGeneralGroup, ospfAreaTable, and ospfIfTable. [CSCdi69097]
- After you remove a static CLNS route, ISO-IGRP prefix routes might count to infinity around a looped topology. The workaround is to use the command no clns router iso-igrp DOMAIN to break the loops in the CLNS topology, until the routes age out. [CSCdi78048]
- NLSP links may reflect incorrect source network/node addresses in the routing tables. This does not hinder connectivity to other IPX networks when going between Cisco devices. However, certain non-Cisco routers may reject the incorrect address and NLSP routing may fail. NLSP routers should use the address Internal-Network.0000.0000.0001 when sending NLSP packets. On WAN media that require MAPs for IPX, this should be the next hop address in the map statement. [CSCdi68981]
- NLSP might unnecessarily reflood both changed and unchanged LSP fragments. Typically this is not a problem on LAN circuits. However, this can present bandwidth-related problems on low speed WAN circuits, especially as the size of the network increases.
- This flooding behavior might prevent you from seeing another problem: services may be missing from the SAP table until the next full SPF. This is not a problem when all neighbors are Cisco routers, but can be a problem when third party routers are present on the same link. [CSCdi74487]
- Your router might crash at PC 0x12CFA8, address 0xD0D0D11. [CSCdi70432]
- Non-TCP reverse connections to lines may corrupt memory, resulting in a software-forced crash. [CSCdi79310]
This section describes possibly unexpected behavior by Release 10.3(15). Unless otherwise noted, these caveats apply to all 10.3 releases up to and including 10.3(15). For additional caveats applicable to Release 10.3(15), see the caveats sections for newer 10.3 releases. The caveats for newer releases precede this section.
All the caveats listed in this section are resolved in release 10.3(16).
- Over a period of three to five weeks, an active communication server slowly runs out of I/O memory. This problem might be related to AppleTalk Remote Access Protocol (ARAP) or TACACS+ usage. [CSCdi61152]
- When ARAP is configured, sometimes the following messages display:
%SYS-2-INPUTQ: INPUTQ set, but no idb, ptr=xxxxx %SYS-2-LINKED: Bad enqueue of xxxxx in
queue yyyyy
- After this message displays, the router might also reload. [CSCdi63635]
- The arap logging command requires additional debugging messages. [CSCdi68276]
- AppleTalk domains do not operate correctly when configured on subinterfaces. The domain properties will be applied to the main interface rather than its subinterface(s). The workaround is to disable AppleTalk fast-switching. [CSCdi69886]
- DECnet might fail to work properly when using an area number of 63 for layer-2 (L2) routers. If this failure happens, you might be unable to ping (DECnet) between two area routers if one router is using area 63.x. This router might report that the "attached" flag is false when you issue the show dec command, even though the show dec route command shows routes to the router.
- To work around this problem, use the decnet attach override command to force the router into an attached state. [CSCdi69247]
- If you are using a direct Escon-attached Channel Interface Processor (CIP), the CIP might enter a boxed state if the router is reloaded. This problem is more likely to occur if the CIP is connected through a director, or if the CIP is taken off-line before the router is reloaded. To work around this problem, vary the device off-line before reloading the router. [CSCdi59440]
- The router crashes if NSP is configured and is trying to connect back to the owning host. [CSCdi69231]
- If a Cisco 2500 series router has source-route bridging (SRB) enabled on two or more interfaces, and if routing is occurring on any other interface, the router will drop packets causing session loss. [CSCdi71493]
- When you perform buffer changes on a serial interface with Switched Multimegabit Data Service (SMDS) encapsulation, these changes are not saved if you reload. [CSCdi62516]
- The source-bridge ring-number command erroneously allows you to configure a ring-number mismatch. To work around this problem, ensure that all bridge devices on a ring use same ring number. [CSCdi63700]
- When using the custom-queuing feature in conjunction with payload compression on HDLC or Frame Relay encapsulations, traffic regarded as "low-priority" by custom-queueing is passed uncompressed. This can result in compression ratios that are lower than expected. [CSCdi71367]
- IPX Enhanced Interior Gateway Routing Protocol (Enhanced IGRP) updates do not propagate if the maximum transmission unit (MTU) size is less than the IPX Enhanced IGRP packet size. [CSCdi65486]
- Processing of input offset lists in Enhanced IGRP is erroneously disabled, so offset list processing is not available. [CSCdi65889]
- Integrated Services Digital Network (ISDN) NET3 cannot handle incoming FACILITY messages when a call is connected. [CSCdi60340]
- Dialing into an asyncronous line and starting a Serial Line Internet Protocol (SLIP)/Point-to-Point Protocol (PPP) session might fail even though the same IP address was previously allocated successfully for the same user. [CSCdi63143]
- Using ATM Interface Processor (AIP) microcode version 20.8 might cause the AIP board to lock into a state where it transmits corrupted packets. This problem also occurs if you use AIP microcode version 10.15 of Router Processor (RP)-based platforms.
- This problem causes the debug atm error "ATM(ATM9/0.1): VC(1) Bad SAP ..." at the receive side of the ATM virtual circuit (VC). The transmission of data is usually affected in one direction only. The problem might occur when the input traffic exceeds the average rate configured on the ATM VC when the bandwidth of the incoming interfaces exceeds the average rate on the outgoing VC or switched virtual circuit (SVC).
- A workaround is either to downgrade the AIP microcode to aip20-6 or to upgrade the AIP microcode to rsp_aip205-5, or aip20-9 when available. A short term workaround is to issue the command clear int atm 5/0 on the transmit side. [CSCdi67812]
- When dialing into a Cisco AS5200 from an I-Courier modem over sync ISDN and then starting a PPP session, the router may crash. This occurs only when login is done on a non-async interface and when extended TACACS is enabled. A workaround for non-async interfaces is to use AAA/TACACS+. [CSCdi68257]
This section describes possibly unexpected behavior by Release 10.3(13). Unless otherwise noted, these caveats apply to all 10.3 releases up to and including 10.3(13). For additional caveats applicable to Release 10.3(13), see the caveats sections for newer 10.3 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the complete list of caveats against this release, the Cisco Connection Documentation, Enterprise Series CD-ROM or access Cisco Connection Online (formerly CIO) as described in the section "Cisco Connection Online" later in this document.
All the caveats listed in this section are resolved in release 10.3(15).
- Routers send NBP lookup (LkUp) packets for nonextended networks and also fail to convert NBP BrRq packets to NBP FwdReq packets. This behavior is not in compliance with specifications.
- If your router is directly connected to a Phase 1 (non-Phase 2) router in compatibility mode, you can use the appletalk proxy-nbp network zone command to allow the router to convert NBP FwdReq packets to NBP LkUp packets that are sent to the Phase 1 router. [CSCdi61668]
- A router configured with AppleTalk and Enhanced Interior Gateway Routing Protocol (Enhanced IGRP) takes too long to age out routes, even when the link is down. This causes too long of a convergent time for features like backup interface. [CSCdi62796]
- IPTalk does not function correctly. No IPTalk packets are processed through the router. [CSCdi64165]
- If you issue the snmp-server party and snmp-server context configuration commands, the system will sometimes reload. Neither of these commands verify that the configured OID is not already in use, which permits multiple records to be configured with the same OID. This violates the rule that each record must have a unique OID. To work around this problem, do not configure OIDs that conflict with the initial party and context OIDs as specified in RFC 1447. [CSCdi63694]
- In a parallel SDLLC network, sometimes ACTPU responses are not received by the host. [CSCdi55142]
- DLSW NetBIOS cannot connect to Windows NT. [CSCdi62784]
- Configuring the dlsw remote-peer cost command has no effect on peer selection. All peers displayed in the show dlsw capabilities command show equal costs. [CSCdi64537]
- If you are using Synchronous Data Link Control with data-link switching plus, sessions will fail to be reestablished after a physical unit is reset. [CSCdi64828]
- If a packet has a Hot Standby Router Protocol (HSRP) destination MAC address, it is process switched, regardless of the route-cache status on the interface. [CSCdi44437]
- A router running Frame Relay crashes at bridge_enq even when bridging is not configured. The fix put in for this bug does not fix the crash. The fix for CSCdi67157 is the correct fix. [CSCdi63140]
- FSIP microcode does not recognize DCE leads during a cutover from a Cisco 2501 serial port. [CSCdi64735]
- A problem introduced in Cisco IOS Releases 10.3(11.1), 11.0(7.3), and 11.2(0.5) causes OSPF to crash when an OSPF external LSA with a nonzero forwarding address exists and the router has a non-OSPF route for the forwarding address. If the non-OSPF route is removed, OSPF crashes when it reprocesses the external LSA. There is no workaround for the problem. However, in general, no more than one routing protocol should be run over the same topology. If you follow this guideline, no non-OSPF route for forwarding address will exist and the router will not crash. [CSCdi61864]
- A directly connected route might disappear from the IPX Enhanced Interior Gateway Routing Protocol (Enhanced IGRP) topology table if the interface that is configured for IPX Enhanced IGRP goes down and goes back up in a brief period of time (for example, 2 seconds). The workaround to this problem is to issue the commands shut and no shut for the interface. [CSCdi65345]
- Rarely, NetWare Link Services Protocol (NLSP) will not report information learned from the Routing Information Protocol (RIP) or Service Access Protocol (SAP). [CSCdi45425]
- If you define a static IPX route using the peer address of an IPX WAN neighbor, the route might fail with a message about multicast addresses. The workaround to this problem is to avoid using eight-digit IPX internal network numbers with an odd-numbered first byte. Use a seven-digit or shorter length IPX internal address to avoid this error message. [CSCdi61993]
- Using IPX-EIGRP can cause a memory leak when a link with an EIGRP neighbor is flapping. The sap updates get queued and backed up thus taking more and more memory. Obviously the fix is to resolve the flapping. This bug is to try and get EIGRP to be a little more robust with handling this. [CSCdi66169]
- The global command printer printername line line# will not function correctly unless either the newline-convert option or formfeed option is on. [CSCdi63342]
- Password Authentication Protocol (PAP) authentication fails when using TACACS+ as an authentication method for the Point-to-Point Protocol (PPP). [CSCdi66077]
This section describes possibly unexpected behavior by Cisco IOS Release 10.3(12). These caveats apply to all 10.3 releases up to and including 10.3(12). For additional caveats applicable to Release 10.3(12), see the caveats section for Release 10.3(13), which precedes this section.
The caveats listed here describe only the serious problems. For a complete list of caveats against this release, use the Cisco documentation CD-ROM or access Cisco Connection Online (formerly CIO) as described at the end of this document.
All the caveats listed in this section are resolved in Release 10.3(13).
- AppleTalk Remote Access (ARA) connection failures occur at higher rates with the use of 28,800 kbps modems (for example, V.34, V.fc, and V.FAST modems). These connection failures result in "bad exit" and "forced quit" error messages. [CSCdi57713]
- A MacIP server will not give an IP address to MacIP clients if the next address to give out is currently being use by a genuine IP device. This causes the processor to get stuck. The problem is that the MacIP server does not skip over that IP address and assign the next available address. [CSCdi61526]
- The AutoInstall feature does not work in an RSP. [CSCdi59063]
- If you reload or issue the configure memory command after issuing the aaa authorization exec command, you might lose your configuration. However, if you do not issue the aaa accounting exec start-stop tacacs+ command during configuration, this problem will not occur. [CSCdi60172]
- A router running DECNet might present ALIGN-3-SPURIOUS error messages. This problem will occur if the adjacency between neighbors expires. This is a cosmetic problem and has no other impact on the router. [CSCdi60716]
- The write memory and copy running-config startup-config commands work at privilege level 15. However, the remaining write and copy running-config commands still operate at the users' current privilege level, because of security considerations. [CSCdi55809]
- Removing remote source-route bridging (RSRB) peers might cause the router to suspend indefinitely. [CSCdi39270]
- If your router is using promiscuous TCP peers, the router might crash with the message "System restarted by bus error at PC 0xD0D0D0D, address 0x0." The crash occurs when peer structures get deleted because of transmission line problems, peer routers reloads, or other connection problems, while still being used by TCP. The workaround to this problem is to define static peers. [CSCdi58842]
- Data-link switching (DLSw) Ethernet 802.5 frames will be corrupted after a logical link control (LLC) retransmission. [CSCdi60102]
- If you issue the show controllers cache command and press the space bar to page down, the router will suspend indefinitely. The only workaround is to power cycle the router. [CSCdi56241]
- NetBIOS SABME (set asynchronous balanced mode extended) messages are not correctly bridged from FDDI to serial lines using High-Level Data Link Control (HDLC) encapsulation, even though the bridging of SABME messages from FDDI to Ethernet works correctly. [CSCdi58733]
- If an Enhanced Interior Gateway Routing Protocol (Enhanced IGRP) candidate default route is overwritten by another protocol, the Enhanced IGRP topology table might be left in a state where the candidate default route will not return to the routing table. A workaround to this problem is to clear all Enhanced IGRP neighbors. [CSCdi59276]
- A router running Enhanced IGRP with AppleTalk, IPX, or IP that has input route filters configured may improperly filter routes that it should install. Additionally, if a router running IPX-Enhanced IGRP receives an update containing an external route that was originated by the router itself, the rest of the update will be ignored. [CSCdi61491]
- The Open Shortest Path First (OSPF) protocol might crash if there are parallel intra-area paths. [CSCdi62870]
- A router reload may occur when Connectionless Network Service (CLNS) traffic is fast-switched. [CSCdi57629]
- If your router is under a heavy load and you use Intermediate System-to-Intermediate System (IS-IS) or NetWare Link Services Protocol (NLSP), packets might be dropped unnecessarily. [CSCdi58433]
- If a non-Cisco router is running IS-IS on a level-1-only circuit and the router is sending End System-to-Intermediate System (ES-IS) End System Hello (ESH) messages, a Cisco router might not recognize the ESH messages. A workaround is to filter out the ESH packets using the clns adjacency-filter es configuration command in conjunction with setting an appropriate filter. The filter should specify a wildcard (**) in the last byte of the address. [CSCdi58621]
- A router running IS-IS will not clean up its adjacency database properly when switched from being a level-1/level-2 router to being level-1 only. A workaround to this problem is to manually clear the adjacency database using the clear clns neighbors command on the reconfigured router and on all of its neighboring routers. You can also restart the router to work around this problem. [CSCdi58953]
- Infrequently, Intermediate System-to-Intermediate System (IS-IS) and NetWare Link Services Protocol (NLSP) link-state packets (LSPs) are not transmitted on point-to-point interfaces. [CSCdi58613]
- If you issue the no ipx router eigrp xxx command, the router might reload if there are a lot of service access points (SAPs) defined in the router and if the SAP table was changing while the command was performed. [CSCdi60174]
- The Cisco 1001 LAN extender does not work with VINES if a remote LAN is connected to a core router through the LAN Extender. [CSCdi57934]
- The amount of free system memory might decrease if you issue the dialer hold-queue command over an ISDN interface. [CSCdi58402]
This section describes possibly unexpected behavior by Release 10.3(11). Unless otherwise noted, these caveats apply to all 10.3 releases up to and including 10.3(11). For additional caveats applicable to Release 10.3(11), see the caveats section for Release 10.3(12), which precedes this section.
The caveats listed here describe only the serious problems. For the complete list of caveats against this release, the Cisco Connection Documentation, Enterprise Series CD-ROM or access Cisco Connection Online (formerly CIO) as described in the section "Cisco Connection Online" later in this document.
All the caveats listed in this section are resolved in Release 10.3(12).
- AppleTalk print jobs fail when an AppleTalk packet traveling from ATM to Ethernet receives an improper 802.3 packet length. This problem can cause the AppleTalk Printer Access Protocol to fail, and HP LaserJet printers with the AppleTalk-compatible HP JetDirect card to discard these packets. [CSCdi53747]
- Under some conditions, Simple Network Management Protocol (SNMP) queries of the Cisco Environmental Monitor MIB can cause the system to reload. This behavior occurs when an SNMP get-request operation tries to retrieve instance 0 of an object in the ciscoEnvMonSupplyStatusTable. Because the instances of this table start with 1, the correct processing is to return a noSuchName error (or noSuchInstance if SNMPv2 is used). A workaround is to not use SNMP get-requests that specify instance 0 for objects in the Cisco Environmental Monitor MIB. Instead, applications should either use SNMP get-request operations starting with instance 1, or else use SNMP get-next-requests or get-bulk-request operations. [CSCdi55599]
- Asynchronous lines may become stuck in a "Carrier Dropped" state when running TACACS+ against a slow TACACS+ server. Only a reload can make the lines usable again. [CSCdi54618]
- When DECnet conversion is enabled, discard routes are inserted into the Connectionless Network Service (CLNS) routing table. [CSCdi40503]
- In certain mixed-vendor bridge environments, the automatic spanning tree (AST) never becomes active if a Cisco device is the root bridge. Bridge protocol data units (BPDUs) are constantly exchanged, but the spanning tree topology never develops or becomes active. [CSCdi53651]
- A LAN Network Manager (LNM) might fail to link to an access server's source bridge, after a Token Ring interface is shut down on a remote access server. The show lnm bridge command continues to display an active link to the LAN network manager. This problem does not occur with bridges that are locally linked to the LAN manager. To work around, first remove and then reconfigure the source-bridge command from the Token Ring interface. [CSCdi53954]
- New Systems Network Architecture (SNA) sessions fail to connect to a front-end processor, when duplicate ring numbers are in the Routing Information Field (RIF). To work around, issue the clear rif-cache command. [CSCdi55032]
- Packets might be dropped if they are received for a Fast-Sequenced Transport (FST) nonselective peer while that peer is still setting up the connection. [CSCdi55219]
- Connections to dependent logical units (DLUs) with downstream physical unit (DSPU) or Advanced Peer-to-Peer Networking (APPN) across RSRB might fail when the remote service access point (SAP) address is not enabled at the destination access server. The workaround is to enable the remote SAP address. [CSCdi56660]
- DLSw Fast-Sequenced Transport (FST) encapsulation does not work over a WAN Token Ring or over FDDI. [CSCdi57207]
- A small delay occurs between the time Open Shortest Path First (OSPF) marks a link-state advertisement (LSA) as deleted and the time the LSA is actually removed. Within this small window, if OSPF receives an old copy of the LSA that has a higher sequence number, OSPF cannot resolve the conflict and is unable to remove the LSA. The old LSA copy is most likely received from some new neighbors through database exchange. You will observe a self-originated LSA stuck in the database. [CSCdi48102]
- OSPF sometimes puts incorrect information in the source field for stub routes. This prevents the Border Gateway Protocol (BGP) from advertising the stub route to peers, as the route will not be synchronized. [CSCdi49377]
- Attempting to copy an empty startup configuration to the network causes the access server to reload. [CSCdi58040]
- No method exists for altering the transmission rate of Intermediate System-to-Intermediate System (IS-IS) link-state packets (LSPs) in cases where the rate would add undue load to the receiving system. [CSCdi54576]
- If IS-IS is running, and a Connectionless Network Service (CLNS) static route is configured that points to a point-to-point interface on which IS-IS is not configured, and the static route is removed, the system might suspend indefinitely. A workaround is to either disable IS-IS before removing the static route, or to enable IS-IS on the point-to-point interface before removing the static route. [CSCdi56815]
- If more than 42 neighbors reside on a single LAN interface, Intermediate System-to-Intermediate System (IS-IS) and NetWare Link Services Protocol (NLSP) are unable to establish neighbor adjacencies. The workaround is to limit the number of neighbors to 42 or fewer. [CSCdi56547]
- IPX Service Advertising Protocol (SAP) tables might not accurately reflect SAP entries learned locally, if you simultaneously configure IPX Enhanced Interior Gateway Routing Protocol (Enhanced IGRP) and IPX Routing Information Protocol (RIP)/SAP. Some of the SAP entries might appear in the SAP table as derived from Enhanced IGRP rather than from RIP/SAP, even when the local LAN is not running Enhanced IGRP. [CSCdi56588]
- If you turn off an interface and immediately turn it back on, the access server might reload. [CSCdi57683]
- The access server might reload when running IPX Enhanced IGRP, due to illegal access to memory. [CSCdi57728]
- Groups of four ports on a Cisco 2511 might have their data set ready (DSR) behaving in unison in response to a single stimulus. Reloading the access server is the only workaround. [CSCdi49127]
- Rarely, a heavily loaded X.25 link that is experiencing congestion can enter a state where it oscillates between sending RNR (receive not ready) and REJ (reject) messages. [CSCdi55677]
This section describes possibly unexpected behavior by Release 10.3(10). Unless otherwise noted, these caveats apply to all 10.3 releases up to and including 10.3(10). For additional caveats applicable to Release 10.3(10), see the caveats sections for later 10.3 releases, which precede this section.
The caveats listed here describe only the serious problems. For the complete list of caveats against this release, the Cisco Connection Documentation, Enterprise Series CD-ROM or access Cisco Connection Online (formerly CIO) as described in the section "Cisco Connection Online" later in this document.
All the caveats listed in this section are resolved in Release 10.3(11).
- A busy access server sometimes pauses indefinitely, indicating an invalid address error. This is usually seen in environments where a number of short duration modem calls are answered. A workaround is to configure modem answertimeout 10. [CSCdi48100]
- When two or more access servers are connected to the same Token Rings, and each uses source-route bridging (SRB), a station on one of the rings might choose a non-optimal route with a path through both access servers. In typical (large) networks, this behavior might result in explorer storms as well as suboptimal routes. [CSCdi45116]
- A Cisco access server might report inaccurate traffic statistics. In particular, non-broadcast frame counts might be incorrect if the access server is acting as a source bridge on a Token Ring. [CSCdi46631]
- An incorrect timer reference causes explorer frames to be flushed on interfaces, even when the maximum data rate for explorers on the interface is not exceeded. [CSCdi47456]
- The number of downstream PUs supported should be increased from 256 to 1024. [CSCdi49448]
- If peer A and peer B are DLSw priority peers (the keyword priority is on the remote peer definition), and peer A is reloaded, peer B may crash. [CSCdi50155]
- Low end platforms will cache invalid rif entries when using any form of the multiring command. This can also be seen in the dlsw reachability cache and possible loops with lnm. [CSCdi50344]
- Peer-on-demand peers (peers that learn of each other through border peers) do not connect. The options inactivity timeout and lf lfsize should be added to the dlsw peer-on-demand-defaults command. [CSCdi50574]
- Removing DLSw configuration by configuring no dlsw local-peer and adding the DLSw configuration back can cause a memory leak in the middle buffer. [CSCdi51479]
- Applying a source-bridge output-lsap-list to a Token Ring interface when source-bridge explorer-fastswitch is enabled may cause packets permitted by the output-lsap-list to be dropped. The workaround is no source-bridge explorer-fastswitch. [CSCdi51754]
- When a very large number of i-frames are sent by an end station to a DLSw access server at the same instant, the following message may appear on the console:
- DLSW:CPUHOG in CLS background, PC=0x60549f3c
- Since the CPU is being occupied by the cls background process for a period of time, protocols that involve polling may lose their connections due to poll starvation. [CSCdi52382]
- Ethernet sessions don't come up or drop. The llc frames are bad after a retransmission. [CSCdi52934]
- Running multiple Enhanced Interior Gateway Routing Protocol (EIGRP) autonomous systems might consume all available memory in the access server. [CSCdi36031]
- Unconfiguring OSPF can cause the access server to reload. [CSCdi51283]
- If two IP-EIGRP autonomous systems are configured, and then an interface address is changed such that the interface moves from one autonomous system to the other, EIGRP will fail to operate on that interface. The workaround is to delete the IP address (using the no ip address command) before configuring the new address. [CSCdi52078]
- Under certain conditions, EIGRP may stop transmitting packets. This may manifest itself as large numbers of routes repeatedly Stuck-In-Active. The workaround is to deconfigure and restart EIGRP, or reload the system. [CSCdi53466]
- Under unknown circumstances, random lines on an ASM will pause indefinitely in Carrier Dropped state. The only way to clear the line is to reload the ASM. [CSCdi44663]
- Vines SRTP on serverless segments with 10.3(8) IOS is not sending the redirect to the correct network number (layer 3) address. Workaround is to shut off Vines redirects on the serverless segment interface. Sniffer trace of this packet will show an abnormal end of Vines SRTP. [CSCdi50536]
- Under certain conditions, the access server can reload with the following message:
- System was restarted by error-Illegal Instruction, PC 0x300D646
- This problem is related to ISDN. There is currently no workaround. [CSCdi45085]
- If CHAT script operations fail over asynchronous interfaces, a reload might occur during later operations because data was left in an inconsistent state. [CSCdi47460]
This section describes possibly unexpected behavior by Release 10.3(9). Unless otherwise noted, these caveats apply to all 10.3 releases up to and including 10.3(9). For additional caveats applicable to Release 10.3(9), see the caveats sections for newer 10.3 releases. The caveats for newer releases precede this section.
The caveats listed here describe only the serious problems. For the complete list of caveats against this release, the Cisco Connection Documentation, Enterprise Series CD-ROM or access Cisco Connection Online (formerly CIO) as described in the section "Cisco Connection Online" later in this document.
All the caveats listed in this section are resolved in release 10.3(10).
- The service hide-telnet-address command does not hide the Telnet address in the connection closing message. The busy-message command does not suppress connection closing message. [CSCdi47740]
- Routing Table Maintenance Protocol (RTMP) routes are sometimes not aged correctly; consequently, the update time continually increases. Although the RTMP path is updated, the route in the routing table is not. As a result, the user does not see the route timer and state change. [CSCdi34053]
- Available memory will slowly decrease on an access server that is bridging IP and which has more than one interface with the same IP address. [CSCdi44023]
- DECnet Phase IV-to-Phase V conversion might introduce incorrect area routes into the ISO-IGRP, if there are DECnet L2 routes on the DECnet side. These area routes show up as "AA00" and are propagated to other access servers. [CSCdi47315]
- When source-route transparent (SRT) bridging is configured on the access server, calls to management functions that are related to source-route bridging (SRB) might not work correctly. [CSCdi42298]
- When a front-end processor (FEP) initiates a QLLC connection, a virtual circuit is established, but the XID negotiation never proceeds to completion. The access server sends XID responses as commands, rather than as responses. [CSCdi44435]
- An access server might crash if running QLLC and using RSRB over a serial line to provide the Logical Link Control, type 2 (LLC2) connection from QLLC to an end station or host. The crash only occurs if multiple changes are made to the encapsulation type on the RSRB serial line. [CSCdi45231]
- If an access server receives a source-route bridging (SRB) packet with bit 2 of the routing control field set, the access server might send back a bridge path trace report frame to a group address, instead of to the source of the original frame. This can cause congestion. [CSCdi47561]
- When Synchronous data-link control (SDLC) attached physical unit 2.1 (PU 2.1) devices are connected over data link switching plus (DLSw+), if the host device does not respond because the application is down, the DLSW+ circuit does not correctly disconnect. This problem causes the circuit at the SDLC end to be in a CONTACT PENDING state even with no circuit at the host end. This is cleared by shutting down the SDLC interface at the access server or by reloading the PU 2.1 device. [CSCdi48227]
- If an access server is incorrectly configured with an autonomous system (AS) placed in a confederation it is not part of, the confederation information within the AS path will be incorrectly propagated. The workaround is to configure the access server correctly. [CSCdi46449]
- ISO Interior Gateway Routing Protocol (IGRP) in millions of instructions per second (mips)-based access servers does not interoperate with 68 Kbps-based access servers. [CSCdi44688]
- TN3270 does not assume the appropriate 132 x 27 dimensions when set up as a Model 5 (MOD5). [CSCdi44497]
- Vines servers located downstream might unexpectedly lose routes that were learned via Sequenced Routing Update Protocol (SRTP). This behavior results from improper handing of network sequences numbers by the system. Issuing a clear vines neighbor or disabling SRTP are suggested workarounds. [CSCdi45774]
- A Cisco access server reloads when it receives incorrectly formatted Interprocess Communicat
