THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
19-Feb-21 |
Initial Release |
Affected OS Type | Affected Software Product | Affected Release | Affected Release Number | Comments |
---|---|---|---|---|
NON-IOS |
Application Patches |
21.sp9 |
21.sp9.2020.07, 21.sp9.2020.09 |
Cisco Broadworks Release R21.sp9 |
Defect ID | Headline |
---|---|
CSCvw82628 | [TAC] XSP/XSI is not reachable on TCP port 443 |
Due to restrictions that are placed on Tomcat's usage of direct memory outside of it's memory heap, customers may experience an Out of Memory (OOM) condition under extreme circumstances.
Patch AP.platform.21.sp9.14.ap371587 applies limits to the amount of direct memory that can be used by Tomcat outside of the Tomcat heap. In extreme circumstances, this may lead to an OOM condition.
When an OOM condition is triggered the server may stop responding to SSL connections correctly. When this occurs, it will be logged in Catalina with an output similar to this example:
MMM DD, YYYY 12:17:56 PM org.apache.tomcat.util.net.NioEndpoint$Acceptor run SEVERE: java.lang.OutOfMemoryError: Direct buffer memory at java.nio.Bits.reserveMemory(Bits.java:658) at java.nio.DirectByteBuffer.<init>(DirectByteBuffer.java:123) at java.nio.ByteBuffer.allocateDirect(ByteBuffer.java:306) at org.apache.tomcat.util.net.SecureNioChannel.<init>(SecureNioChannel.java:60) at org.apache.tomcat.util.net.NioEndpoint.setSocketOptions(NioEndpoint.java:542) at org.apache.tomcat.util.net.NioEndpoint$Acceptor.run(NioEndpoint.java:701) at java.lang.Thread.run(Thread.java:745)
The issue may be temporarily mitigated by restarting the eXtended Server Platform (XSP). This will clear the memory usage and allow it to respond to SSL connections again until the memory heap is exhausted again.
The version of BroadWorks that is currently deployed as well as the patches activated can be checked by executing the get versions all
command from the CLI. More information on how to check the patch level can be found in section 8.2 of the Cisco Broadworks Maintenance Guide.
The following patches must be applied to correct the issues:
BroadWorks patches can be downloaded through the Cisco Software Download Center after logging in with your Cisco.com (CCO) account.
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
My Notifications—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.