Table Of Contents
Release Notes for Cisco Service Control Application for Broadband, Release 3.5.5
Cisco Service Control Application for Broadband Release 3.5.5
Support for GBE Traffic Interfaces on the SCE8000
Quota-Based Fair Usage Policy with Multiple Thresholds and Sliding Window
Collection Manager and Reporter Enhancements
Cisco Service Control Application for Broadband Release 3.5.0
Congestion Control Through CMTS Awareness
Increased Number of Concurrent Subscribers
UI and Operational Enhancements
Subscriber Manager and Collection Manager Enhancements
Traffic Accounting and Reporting
Obtaining Documentation and Submitting a Service Request
Release Notes for Cisco Service Control Application for Broadband, Release 3.5.5
Revised: April 13, 2011, OL-14439-11Overview
The release notes for Cisco Service Control Application for Broadband (SCA BB) describe the enhancements provided in Cisco SCA BB Release 3.5.5. These release notes are updated as needed.
For a list of the caveats that apply to Cisco SCA BB Release 3.5.5, see the "Open Caveats" section.
For information regarding features added and issues resolved in the 3.1.x train, refer to:
•Release Notes for Cisco Service Control Application for Broadband (SCA BB), Release 3.1.7
For information regarding new and improved protocol signatures for SCA BB, refer to:
•Release Notes for Cisco Service Control Application for Broadband (SCA BB) Protocol Packs Notes
For further information about related products, refer to the latest versions of the following Release Notes:
•Release Notes for Cisco Service Control Operating System (SCOS)
•Release Notes for Cisco Service Control Management Suite Subscriber Manager (SCMS SM)
•Release Notes for Cisco Service Control Management Suite Collection Manager (SCMS CM)
For the Download Guide containing the compatibility matrix, refer to the following:
Cisco Service Control Application for Broadband Download Guide
Contents
•Cisco Service Control Application for Broadband Release 3.5.5
•Cisco Service Control Application for Broadband Release 3.5.0
•Obtaining Documentation and Submitting a Service Request
Introduction
This document describes the new functionality, enhancements, and known issues in SCA BB Release 3.5.5.
It is assumed that the reader already has a good working knowledge of the Cisco Service Control solution. For additional information, refer to the Cisco SCA BB documentation.
Note We have streamlined and improved the user interface. To access it, follow these instructions.
To access the online Cisco Service Control documentation site, do the following:
1. On cisco.com, go to the following page:
http://www.cisco.com/web/psa/products/index.html
2. From the Select a category list, select Service Exchange.
3. From the Select a subcategory list, select the desired Cisco Service Control category.
4. From the Select a product list, select the desired Cisco Service Control product.
Note Operation of the SCA BB GUI Console is not supported on VMWare.
Cisco Service Control Application for Broadband Release 3.5.5
This section describes the new features and resolved issues of SCA BB Release 3.5.5.
New Features
The SCE Release 3.5.5 follows the SCE Release 3.5.0. SCE Release 3.5.5 introduces the following new features:
•Support for GBE Traffic Interfaces on the SCE8000
•Quota-Based Fair Usage Policy with Multiple Thresholds and Sliding Window
•Collection Manager and Reporter Enhancements
See the Cisco Service Control Application for Broadband User Guide for a complete description of these features.
Support for GBE Traffic Interfaces on the SCE8000
The SCE8000 now supports GBE interfaces leveraging Cisco standard 8xGBE SPA, SPA-8XGE-L-V2, and SFP optics.
The GBE support for various flavors of the SCE8000 are as follows:
•SCE8000 with a single 8xGBE SPA
•SCE8000 with two 8xGBE SPA
•Cascaded pair of 8xGBE and 10G SPA in each SCE8000
•Cascaded pair of two 8xGBE SPAs and two 10G SPAs in each SCE8000
Quota-Based Fair Usage Policy with Multiple Thresholds and Sliding Window
The SCE subscriber-based bandwidth management algorithms ensure that every subscriber receives a fair share of the bandwidth during congestion.
Release 3.5.5 introduces a new near time fairness adjustment mechanism that allows de-prioritization of heavy subscribers during a congestion. The SCE quota tracking mechanism identifies heavy subscribers and allocates periodic quotas to heavy subscribers. If a threshold is breached, a policy with lower bandwidth and priority is assigned to that subscriber during congestion.
In Release 3.5.5, the Quota Manager (QM) supports multiple quota thresholds and a sliding window for quota counting. Multiple quota thresholds enables grouping of subscribers based on their quota consumption.
The QM uses a sliding window for an aggregated period that allows saving the quota history of the subscriber with higher granularity for implementing more flexible and precise quota policies. The QM logically divides the time axis to multiple slices and the consumption during the aggregation period is calculated. When a subscriber breaches the quota threshold over the period, the subscriber is assigned a penalty package.
CMTS Awareness Enhancements
Enhancements to the CMTS Awareness solutions in the Release 3.5.5 include:
•Automatic learning of CMTSs—Configuring the IP address of the CMTS is not required, the CMTS-Awareness solution learns these addresses automatically.
•Meaningful host-names for CMTSs—The host-name is derived from the CMTSs using the SNMP.
•Handling reboots of CMTSs—When a CMTS reboots, all the cable modems relogin and the CMTS-Awareness solution maintains correct mappings of Collection Manager (CM) to Virtual Links.
New Report Templates
New report templates introduced in Release 3.5.5 include:
•Reporting on tunneled IPv6 over IPv4 traffic (SCE8000 only):
–IPv6 vs IPv4 Bandwidth Comparison
–Tunneled IPv6 Active Subscribers
–Tunneled IPv6 Average Subscriber Bandwidth
–Tunneled IPv6 Concurrent Sessions
•Report templates on subscribers cumulative consumption and general templates:
–Cumulative Distribution of Subscriber Usage
–Subscribers Average Consumption
•Report templates on global bandwidth:
–Global Bandwidth per Service comparison
–Global Bandwidth per Traffic Direction
•Virtual Links Reports for enhancing the CMTS-Awareness and other Virtual Links enabled solutions:
–Top Virtual Links by Usage Volume
–Virtual Link Bandwidth per Package
–Total Active Subscribers per Virtual Link
•SIP Reports:
–Number of Calls per SIP Domains
–Call Duration per SIP Domains
–Top SIP Domains by Unique Users
–Top SIP User-Agent
–Average MOS per SIP domains
SCE8000 Enhancements
•Additional MIBs were added to the SCE8000:
–Engage MIB under the pcube tree
–GC MIB under the Cisco tree
–Attack MIB under the Cisco tree
•Increased the number of supported Anonymous Groups to 5,000
Collection Manager and Reporter Enhancements
•Collection Manager
–TA Adapter can now handle 1M subscribers with the default heap size (512 MB), and moving to a 64bit machine is no longer required.
•Reporter
–The report title is editable
–Display of SCE name or IP on the report is optional.
–Sorting of reports is enabled by clicking on the table headings
Resolved Caveats
This section describes caveats that are resolved in SCA BB Release 3.5.5.
SCA BB Console
This subsection describes resolved caveats in SCA BB Release 3.5.5 that relate to the general issues concerning the SCA BB console.
CSCsq60512
SCA-BB allows applying policy with illegal characters and further retrieval attempts fail
If SCA-BB allows user to apply policy with illegal characters to the SCE, subsequent retrieval attempts fail due to the validity checks. Replacing the policy file with the copy of the policy file from the previous installation resolves this issue.
This issue has been resolved.
CSCsw51179
Applying a policy to a SCE with a lower PP version.
You can apply a policy with a GUI that is upgraded to a higher PP version than the SCE to which the policy is applied to. This causes new signatures that seem to be controlled by the SCE but they are not, because SCE is not aware of the new signatures.
This issue has been resolved.
CSCsw63256
Installing a SPQI via the GUI is required in order to be able to apply a policy to the SCEs
When you perform a protocol pack upgrade via the GUI or servconf application, a special module is extracted to C:\Documents and Settings\user\.p-cube\. If this module does not exist applying the policy to the relevant SCEs might fail.
This issue has been resolved.
CSCsx21299
when enabling Virtual Links, the VLUR should be enabled by default
When enabling the Virtual Links, the VLUR is not enabled by default. Therefore relevant reports are not generated.
This issue has been resolved.
CSCsx23458
SCE8000 - The CPA client stops sending queries
The CPA client stopped sending messages when the RDR-formatter buffer filled up with queued messages.
This issue has been resolved.
SCsx75622
Changing the Virtual Link template causes erroneous configurations
After applying a policy with virtual links and then applying a change in the virtual link template (including different number of Global Controllers), the VLM that created and configured the virtual links is not updated automatically with the change.
This issue has been resolved.
CSCsy54032
GUI requires an auto-install DPI-JAR feature
In some cases the default JAR installed by the latest PP installation must be removed.
This issue has been resolved.
CSCsy79082
SCA-BB GUI - VAS combo box is missing from the package advance tab
VAS forwarding configuration options does not appear in the Advance tab of the package settings.
This issue has been resolved.
CSCsy73995
Bandwidth Controller (BWC) with unlimited PIR limits subscriber traffic to 500 mbps
A subscriber Bandwidth Controller (BWC) with unlimited PIR connected to an unlimited Global Controller limited the subscriber bandwidth to 500 mbps instead of allowing unlimited rate.
Therefore, if a subscriber transmitted more than 500 mbps of traffic, the SCE platform limited the traffic to 500 mbps, even when the BWC was set to unlimited.
This issue has been resolved.
Reporter
This subsection describes resolved caveats in SCA BB Release 3.5.5 that relate to the Reporter.
CSCso27918
When you run the Top Service Ports report with selected package vs the Oracle database, the following error message was generated: ORA-00936: missing expression.
This issue has been resolved.
CSCso80517
The SCE uses the convention Kbytes = 1,024 bytes, but the bandwidth reports in the Reporter uses kbps = 1,024 bits per second, instead of 1,000 or mbps = 1,048,576 bits per second, instead of 1,000,000 that implies the bandwidth shown by the Reporter in mbps is lower by ~4.6% than the bandwidth reported by other reporting tool, for the same traffic.
This issue has been resolved.
CSCsw87722
Momentary resources contention may cause the command line reporter execution to fail
During report generation by the command line reporter, some reports failed with an exception.
This issue has been resolved.
CSCsw88099
When working with an external MySQL DB, the CM failed to create the Peak Bandwidth per Subscriber report.
This issue has been resolved.
CSCsw90802
When working with an external Oracle DB, the CM failed to create the Relative Consumption Report per Subscriber report.
This issue has been resolved.
CSCsx40094
The Top Email Account Owners reporter template generated in correct results.
This issue has been resolved.
CSCsy00585
In some cases when long service names are used some services do not appear under its parent node in the Reporter hierarchy view as configured in the service configuration.
This issue has been resolved.
CSCsy44866
The reporter returned an error when a report is generated first using a subset of SCEs selected in the properties view and then on the deselecting all the SCEs.
This issue has been resolved.
CSCsy82256
Top Subscribers Usage Distribution per Service report displayed global usage services names instead of subscriber services.
This issue has been resolved.
CSCsz21353
Incorrect values are displayed in the report table in the PDF file although the chart and the csv table display correct values in the report view.
This issue has been resolved.
CSCsz31814
When one generates a VoIP report, `Skype VoIP' service is missing from the services to view list.
This issue has been resolved.
CSCsz35746
Top SMTP Servers chart displayed no data even when there was SMTP traffic in the network, while the Top Servers graph displayed the SMTP services traffic properly.
This issue has been resolved.
CSCsz72641
If the Package Aggregated Usage Volume per Service report is generated on a wide time span, the following error is generated: Arithmetic overflow occurred.
This issue has been resolved.
Cisco Service Control Application for Broadband Release 3.5.0
This section describes the new features and resolved issues of SCA BB Release 3.5.0.
New Features
The following section lists the major new features in SCA BB 3.5.0. See the Cisco Service Control Application for Broadband User Guide for a complete description of these features.
Behavioral Targeting
The SCE now includes a solution for behavioral targeted advertising that allows Service Providers to participate in the advertising value chain. This solution enables Service Providers to increase ARPU through a revenue sharing model while addressing privacy concerns through advanced Opt-in / Opt-out mechanisms.
The solution is comprised of several tools that allow integration with multiple advertising partners:
•Traffic mirroring - sending a copy of selected HTTP traffic to a 3rd party server, using VLAN marking. This capability is used in behavioral targeting and may also be used for other solutions such as, LI / CALEA, Video caching, and identifying and mitigating copyright infringing P2P downloads.
•Reporting HTTP ClickStream information in RDR records and making the subscriber details anonymous in these records. ClickStream is the ability to associate HTTP requests with a subscribers ClickStream, and enables gathering information about a subscribers browsing habits. ClickStream events constitute only 1%-5% of the total amount of HTTP requests, which reduces the amount of data to be analyzed.
•Enhanced HTTP redirect - additional parameters can be added to the redirected message for inserting in WiFi.
The Redirect operation is enhanced with the following configuration options:
–Redirect once
–Redirect always
–Redirect periodically
— Only every T seconds
— Only once, every V Kbytes
— Only once, every X clicking events
–Redirect until the subscriber browses to a dismissal URL
New fields in the HTTP Redirect packet for advanced use cases of smarter redirection by the redirect server. You can to choose whether to include each of the following fields:
–Service ID
–Subscriber ID
–Timestamp
–String (configurable by the user)
–Referrer
–Distinct ID, which is composed of an incremental-number or an SCE traffic processor number
–Cookie
–Original host
–Original URL
–Original parameters
The Redirect operation now includes the option to select an HTTP code value (like 302 or 304) and string
Congestion Control Through CMTS Awareness
Congestion Control through CMTS awareness allows automatically tying DPI bandwidth management into CMTS physical interfaces so subscribers or applications can be de-prioritized in reaction to HFC bandwidth congestion. The solution is application and subscriber aware - different actions can be applied to different applications and subscribers. The solution is also topology aware and includes automatic real time tracking of each of the CMTS upstream and downstream interfaces. Congestion at the CMTS RF interfaces can be avoided through measuring bandwidth per upstream / downstream prioritizing only when required CMTS awareness is implemented in a MSOs network through the SCE integrating with CMTS's for automatically identifying existing RF interfaces and their associated speeds. The SCE keeps traffic within an upstream / downstream below the physical limit through mapping interface traffic into a virtual pipe (implemented based on SCE Global Controllers).
The SCE performs preferential bandwidth control - based on application tiers keeping the interface's utilization below a certain threshold for bounding the delay on that interface.
Mitigating Outgoing SPAM
The outgoing SPAM mitigation solution is enhanced with the ability to set the identification and mitigation per package. The following parameters can now be configured per package:
•SPAM identification thresholds
•Sending an RDR
•Subscriber notification
•Blocking
Increased Number of Concurrent Subscribers
The number of concurrent subscribers on the SCE2020 and SCE8000 is increased as follows:
•SCE2020—In earlier releases, 80K exist, and in Release 3.5.0, 200 K concurrent subscribers exist.
•SCE8000—In earlier releases, 250 K exist, and in Release 3.5.0, 1M concurrent subscribers exist.
The number of supported concurrent subscribers is set to several discrete options. Each discrete option influences the amount of supported flows.
Enhancing the SCA BB Reporter
In Release 3.5.0, the SCA BB Reporter is enhanced with the following new features:
•Favorite Reports - A favorites section is added to the reporter. All favorite/common reports can be executed from this tab.
•Reports Hierarchy - This new functionality allows focusing on the most active services and on a specific category of services. You can define the level of hierarchy presented, adapting the report interactively.
•Printing, e-mailing, and exporting reports to PDF format.
•New report templates: Infected subscribers vs. active subscribers, Average bandwidth per subscriber over all services, Average bandwidth per subscriber for a single service, Total active subscribers and other new report templates.
SCE8000 Enhancements
Release 3.5.0 includes multiple enhancements for the SCE8000:
•Increased performance per blade to up to 15Gbps. 15Gbps refers to the BW of the link before the SCE is added.
•SCE8000 active-standby fail over through Cascade support on the SCE8000.
•SNTP (Simple Network Timing Protocol) on the SCE8000.
•IPinIP on the SCE8000.
•SCE8000 Device monitoring.
–CLI command for showing the temperature within the device
–Detailed User Log indications for system failure events - Power Supply, FAN, etc.
–CLI command for status of the PSU and FANs
Classification Enhancements
The SCE's classification capabilities are enhanced in Release 3.5.0:
•Instant Messaging and SMTP - IM traffic separation - Separating VoIP over IM from Chat and File-Transfer.
•Distinguishing between Authenticated and non-authenticated SMTP (AUTH command).
•Multi-Transaction Classification for HTTP - The SCE can now classify all 'GET' requests over a single http TCP flow. This allows more secured and accurate support for flavors and blacklists. Each request / response is treated as a stand-alone transaction so reporting / control can be separately applied.
•Multi-Stage Classification - today the SCE's classification process may last for up to several tens or even hundreds of packets mainly due to the need to classify encrypted protocols. This new feature allows generating a first-stage, quick, temporary classification result for allowing you to enforce more restricted policies. As the SCE processes more of the flow's packets the initial classification decision may change. At every classification stage, an updated classification to Protocol Type is provided and the mapping to Service may be adjusted.
UI and Operational Enhancements
The user interface and operational concepts are enhanced in Release 3.5.0:
•Streamlined upgrade - Parallel upgrade of multiple SCEs
•Parallel apply action of policy on multiple SCEs - up to 5 SCEs in parallel
•Updated Traffic Tree:
–Addressing new trends in Internet and Video protocols and applications
–New structure with better partitioning of protocols
–Reflects a more consistent classification taxonomy and terminology
–New and advanced tool for navigation in the traffic tree that allows searching for Service, Protocol, port numbers, etc.
•More Intuitive BW-control Configuration and representation:
–Global Policy View
–Wizard for adding a new GC and mapping BWCs and rules to it
–GCs and their rules can be filtered and viewed without the BWCs
–The GC and total BW are configured in absolute values and not in percentages
Flow Capture
Flow capturing functionality is added on the SCE for capturing subscriber traffic for multiple troubleshooting use cases. Layer 3 attributes like address ranges define the traffic to capture.
The captured traffic is accumulated in a .cap file and stored in a remote FTP destination.
Subscriber Manager and Collection Manager Enhancements
•Subscriber Manager
–Support for Java 1.5
–Support for Veritas Cluster Server 5
–SM and SCE pre-loaded with LEGs
•Collection Manager
–Easy to use upgrade procedure
–Provides information on RDR rate per table
–Maintenance scripts for MySQL & Oracle
–Support for Java 1.5 and RHL5
–Support for external databases: MySQL 5.1, Oracle 11
Protected URL Database
The SCE Protected URL Database is a database that contains a "blacklist," a list of websites that are considered off limits or dangerous. The SCE can be configured to apply a specific action, such as blocking a site, when a subscriber attempts to access a site listed on the blacklist.
The database is encrypted so that no one, including the operator, can view the blacklist. The blacklist is managed on the SCE and cannot be withdrawn to the management PC.
RDRs are created when a subscriber attempts to access a link included in the blacklist. However, the RDRs do not contains the URL or Host information of the site.
Protocol Support
Refer to the Protocol Pack Notes for information regarding protocol support for Protocol Pack #15 (included in SCA BB 3.5.0).
Note When you upgrade old PQB files, new signature-based protocols are not assigned to any service. Signature-based protocols that are not assigned to a service are classified as Default Service. To fix this, manually assign these protocols to a service.
Resolved Caveats
This section describes caveats that are resolved in SCA BB Release 3.5.0.
CSCsd52274
When the management agent is down (during a boot or PQI installation), if the time frame changes, the GC value does not consistently change to the value of the new time frame once the management agent is back up.
This issue is resolved in Release 3.5.0.
CSCsg14757
When there are many subscribers, and low GC values, high congestion factors are required in order to converge. Therefore, the subscribers connected to the low GC are starved with no fair reason from the user's perspective (business and policy wise).
This issue is resolved in Release 3.5.0.
CSCsg29991
If the PRPC server port in a device (SM/CM/SCE) is changed, many GUI actions create the PRPC connection in the same way that retrieves the correct PRPC port from the configuration file, while apply retrieves the session object in a different way.
This issue is resolved in Release 3.5.0.
CSCsg45603
From the GUI, you add a subscriber. The subscriber appears in the GUI and in the SM. After removing the subscriber IP mapping from the GUI, the subscriber IP mapping remains in the SM and in the Edit Subscriber window.
This issue is resolved in Release 3.5.0.
CSCsi86983
Applying a service configuration fails on SCE1010 when Virtual Links mode is switched on. Hence, Virtual Links is not supported for SCE1010 platforms.
This issue is resolved in Release 3.5.0.
CSCsl52081
When applying the customer's service configuration into the SCEs by a multithreaded API program, API errors are returned from multiple SCEs.
This issue is resolved in Release 3.5.0.
CSCsl74259
The DURATION field in Usage RDRs contains the configured duration rather than the actual duration.
This issue is resolved in Release 3.5.0.
CSCsm37063
There is a problem applying some service configuration/PP combinations (3.0.6PP#10, 3.1.0PP#10, 3.1.0PP#12) to SCA BB 3.1.5 installed with PP#12 and higher or 3.1.6 PP#13 and higher.
For example:
1. Install 315 PQI.
2. Open 310PP#12-pqb-service configuration in the SCA BB 3.1.5 Console.
3. Apply the service configuration to 3.1.5 SCE FCS.
4. Try to install SPQI 315PP#12.
The following error is displayed:
1/24/08 3:00:21 PM IST | ERROR | Protocol Pack Installation on 'SCE 315' [192.118.77.20]: Operation failed: Error while importing DSS: Item uniqueness violation error: duplicate Protocol ElementThis issue is resolved in Release 3.5.0.
CSCsm57690
When applying a PQB, the following error message is generated: "Failed to update CM at 127.0.0.1 with service configuration values: Connection refused: connect". This happens only when a local RDR-server is configured: RDR-formatter destination 127.0.0.1 port 33001 category number 4 priority 100.
This issue is resolved in Release 3.5.0.
CSCso85051
For the Accounting RDR, the reporting is controlled by the following advance setting options:
•Flow Accounting RDRs enabled
•Flow Accounting RDRs limit per seconds - specifies max RDR rate
•Flow Accounting RDRs interval for each service (in seconds) - specifies interval between RDRs
This issue is resolved in Release 3.5.0.
CSCsq72143
SCE8000 limits the minimum GC to 1.6M, although the GC can be configured to 16K via the CLI.
This issue is resolved in Release 3.5.0.
CSCsq73623
When you perform some sce-url-db operations related to protection, the SCE clears the URL database silently without notifying the user.
This issue is resolved in Release 3.5.0.
CSCsr50955
The SCE external URL filtering might incorrectly classify URLs that contain "%" in the path part of the URL.
This issue is resolved in Release 3.5.0.
CSCsv78126
The current default policy sets the Transaction RDRs rate limit to a value of 250 RDRs per second. This value is too high and should be set no higher than 100 as it was in 3.1.X
This issue is resolved in Release 3.5.0.
Open Caveats
Traffic Processing
This section describes open caveats in SCA BB Release 3.5.5 that relate to traffic processing.
•Traffic Accounting and Reporting
General
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to general issues concerning traffic processing.
CSCsy78259
Updating the black list protected DB via the import CLI command fails occasionally with the following error:
Invalid command was sent Or unexpected string was found -
CLI output is Error - Internal error, Writing/Updating the LUT 'GT_LUT_HTTP_PROTECTED_URL_BlackList' that is in the protection domain 'BLACK_LIST_DOMAIN' is disallowed for the current userWorkaround:
Run import operation again.
Traffic Classification
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to traffic classification.
CSCsd81077
The same flow can be classified to different services, depending on a zone configuration that seems unrelated. This occurs after you define a new port-based protocol and then create a new service, adding a service element with the new protocol and a non-default zone to the service. Flows that match the new protocol but do not match the zone of the service element will now be mapped to the Default Service.
The following steps illustrate this. The unexpected flow classification occurs at step 6.
1. Add a new port-based protocol. For example, doom2 on TCP port 6666. Do not add the protocol to any service.
2. The SCE will now classify flows that match the doom2 protocol (TCP on port 6666) as Generic TCP, as expected.
3. Add a zone named gaming servers.
4. Create a new service doom2 gaming servers. Add a service-element where protocol=doom2 and zone=gaming servers.
5. The SCE will now classify flows that match the doom2 protocol and the gaming servers zone to the new doom2 gaming servers service, as expected.
6. However, flows that match the doom2 protocols, but DO NOT match the gaming servers zone, is classified as Default Service instead of Generic TCP.
7. If you delete the doom2 gaming servers service, the same flows that were classified as Default Service, is again classified (correctly) as Generic TCP.
Workaround:
Add the service element <New port-based protocol, Initiated by either side, *, *>to an existing service. (You can also define a new service for this purpose.) Once you do that, transactions using the specific protocol but with network IP addresses that do not match the specific zone, will go to the less specific service.
For the example given above, add the service element <doom2, Initiated by either side, *, *>to the "Generic TCP" service.
CSCsi46655
When SCA BB is deployed in an environment where it is required to analyze traffic in VLANs/VPNs with overlapping IP addresses, some of its capabilities, which rely on uniqueness of IP addresses in the network, do not function:
•Classification—No support for zones.
•Reporting—Reports based on IP addresses in Transaction RDRs are not accurate.
Many reports in the following categories rely on IP uniqueness:
•Mail and News
•Traffic Discovery—Statistics
•Web and Streaming
•Protocol Library—Mechanism based on IP addresses. This feature can be disabled using the GUI (advanced options).
•Protocol Library—BitTorrent aggressive aging - classification based on Tuple.
•Ignore filter—Filtering by VPN or VLAN is not supported.
N/A
In Release 3.0.0, the limit for the number of items in the HTTP URL list was increased from 10,000 to 100,000. Adding more than 10 K items to the list affects flow capacity. Using 100 K list items can degrade system capacity by up to 50 K flows compared with the capacity numbers presented in SCA BB Release 3.1.5.
Traffic Accounting and Reporting
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to traffic accounting and reporting.
CSCsb60539
When you enable TUR RDRs for RTSP, the session ID field in RTSP TUR contains incorrect values due to extraction of the session ID from the wrong fields in the RTSP packets.
CSCsd74145
Skype call detection is done using a heuristic analysis of Skype traffic, which makes call detection in Skype less accurate than in other VoIP protocols, and introduces the following limitations:
•Call start and stop event-detection can be delayed by between 30 and 60 seconds, and a single call duration measurement may involve inaccuracy of +/-30 seconds or 20% (the larger of the two)
•A Skype call that is carried over two connections (rather than a single connection) might not be detected
When looking at aggregated information and reports these limitations are of less significance, due to averaging and aggregation of large number of calls.
N/A
The number of concurrent sessions reported by the SCE application can sometimes be lower than the number of open flows in the SCE platform counters. In certain services, such as VoIP and FTP, a single session is made of more than one flow. The SCE platform counters track flows, rather than sessions, and therefore may show higher values. In addition, flows with no payload are tracked by the SCE platform counters, but not by the SCE application counters.
N/A
The following MIB counters and fields in the Link Usage RDR and the Package Usage RDR require clarification:
•Seconds Counter—This counter is dedicated to VoIP accounting. It tracks the aggregated call duration in seconds. It is also included in Subscriber Usage RDRs.
•Seconds Counter for VoIP Services—Counts the duration of voice calls and not the duration of VoIP control flows. This makes this counter appropriate for voice usage reports; the VoIP Reports in the Reporter are based on this counter.
•Seconds Counter for Non-VoIP Services—Counts the aggregated duration of sessions.
•Concurrent Sessions Counter—Tracks the number of concurrent sessions.
•For voice sessions this counter tracks the number of control sessions, not the number of calls.
•Inactive sessions are counted until they are terminated due to aging.
•Unlike the Sessions Counter, this counter shows the value at the time that the RDR is generated and not an aggregated value.
•Concurrent Active Subscribers Counter—Tracks the number of subscribers that have an open session for the reported service.
•For voice sessions, this counter tracks the number of subscribers that have open control sessions, rather than subscribers that have active voice calls; the number of concurrent talking subscribers cannot be deduced from this counter.
•Like the Concurrent Sessions Counter, this counter shows the value at the time that the RDR is generated; it is not an aggregate metric.
Traffic Control
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to traffic control.
CSCsg08507
When working in the QM with a Number of Sessions bucket and with dosage less than quota, when the dosage given to the SCE is fully used a new session will be blocked even if there is still quota in the QM, since there are no Quota Threshold RDRs. This (blocked) session will trigger a Threshold RDR (and threshold notification to the QM); therefore the next session will succeed.
For example, if the dosage size is 5 sessions, every 6th session will be blocked and will fail.
Workaround:
Always set the dosage size equal to the quota size when working with a number of sessions bucket.
SCA BB Console
This section describes open caveats in SCA BB Release 3.5.5 that relate to the SCA BB console.
General
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to general issues concerning the SCA BB console.
CSCsa91254
Selecting Save from any tool in the SCA BB Console saves the current open PQB configuration file, even if that is not the appropriate file type for the tool.
CSCsu88253
Depending on the open view, the Welcome page does not appear or appears in a different location within the SCA BB console.
CSCsv62305
Upgrading a device via the GUI or API also upgrades the console. If you upgrade a Protocol Pack via an SPQI file, the console is upgraded as well with the new signatures. Applying it to a device that was not upgraded as well may fail.
CSCsy57726
Policy cannot be applied when redirection URL contains a port
Policy cannot be applied when the redirection URL contains a port, following error is generated:
Failed to apply: Input concatenated Key String are not validMore info: in func 'CmdlLut::overwriteManyCfg', lutName='GT_NotificationWhiteListLUT', key[0]='www.my-http-server.com:8080:/redirect.cgi', value[0]='0', numVariables=2.. (directLinkMethods.overwriteManyLookupValues)Input concatenated Key String are not validMore info: in func 'CmdlLut::overwriteManyCfg', lutName='GT_NotificationWhiteListLUT', key[0]='www.my-http-server.com:8080:/redirect.cgi', value[0]='0', numVariables=2.. (directLinkMethods.overwriteManyLookupValues)Workaround: Remove the port string from the URL.
CSCsy81384
The Apply function fails with an error, when updating the HTTPS redirection URL as part of redirection set in the GUI.
N/A
SCA BB allows users to navigate from a report to the corresponding service configuration entity. For example, right-clicking a service name in the report's legend can take you to the service definition in the Service Configuration Editor. However, the system can navigate only to the PQB file that is currently open in the SCA BB console.
N/A
Service and package names are not refreshed automatically in the Reporter after applying changes in the SCA BB Console.
Workaround:
Refresh the templates manually.
Installation
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to installation of the SCA BB console.
CSCsa94964
Running the uninstaller while the SCA BB Console is open, can fail; however, no warning is thrown when starting the uninstallation. Close the SCA BB Console before running the uninstaller.
CSCsa94964
You must uninstall the SCA before reinstalling it. Do not install the SCA on top of an existing installation.
CSCsc32003
When the application is uninstalled, the Network Navigator configuration (sites and devices) is not deleted, but instead is kept for future SCA BB Console installations. \
Workaround: To clear these settings, manually delete the following folder:
C:\Documents and Settings\<username>\.scasbb300
Network Navigator
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to the Network Navigator.
CSCsa95657
The console permits the creation of two (or more) identical devices with the same name or the same IP address.
Workaround:
Remove all identical devices.
CSCsc49774
If you mistakenly provide the IP address of a device of a different type (for example, adding an SCE but with the IP address of an SM) connecting to this device will fail; the error message that is issued does not correctly identify the problem.
CSCsv55906
When upgrading from 3.1.7 to 3.5.0, the Network configuration is not automatically imported. You export, and then import. Once the import is complete, two default sites appear in the window.
N/A
Concurrent operations, such as applying a configuration and extracting a support file simultaneously, on the same SCE platform are not supported. Wait for one operation to finish before beginning a second operation.
N/A
When applying a service configuration to the SCE, the Network Navigator also updates the relevant CM with service configuration values, such as service and package names, that are later shown by the Reporter.
The Network Navigator takes the CM IP address from the SCE platform RDR-formatter definitions. With certain topologies (such as in a NAT environment), this IP address might not be accessible by the Network Navigator, and a different CM IP address should be used. The engage.ini preferences file can be used to remap CM IP addresses from the SCE platform RDR-formatter definitions to IP addresses to which the Network Navigator can connect.
The "dc.ip.remap.<n>=<address1>,<address2>" property in the engage.ini file defines a mapping between IP addresses. For example, the entry " dc.ip.remap.1=10.1.12.224,212.194.11.27 " means that if the SCE RDR formatter destination is 10.1.12.224, the Network Navigator should update the CM at 212.194.11.27.
The engage.ini file can be found and edited at the following location:
<scas-bb-console-installation>/plugins/policy.contribution/config
which usually maps to:
C:\Program Files\Cisco SCAS\SCAS BB Console 3.0.0\plugins\policy.contribution_1.0.0\config\engage.ini
Service Configuration Editor
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to the Service Configuration Editor.
CSCsx17491
PQB files that were created using SCA BB releases earlier than Release 3.0 might not open in SCA BB Release 3.5.0 and later.
Workaround:
Install SCA-BB 3.1.7, open the PQB and save it to the disk. You can then open it in SCA-BB 3.5.5.
Subscriber Manager GUI
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to the Subscriber Manager GUI.
CSCsw79014
The following issues with the SM Client GUI make it practically unusable:
•CSCsr09226 Release 3.5.0 GUI—When using a VLAN SM GUI and changing a subscriber name, it fails and the subscriber is removed (SM)
•CSCsw18320 Release 3.5.0-SM GUI—Subscriber details are not refreshed automatically
•CSCsj45511 Release 3.1.5LA-GUI—Window freezes and you cannot work with the Subscriber Manager
•CSCsh57287 GUI—SM GUI is not up-to-date with SM DB
•CSCso30235—Exporting subscribers fails with GUI 3.1.5 and SM 3.1.0
•CSCsi03280 SM GUI—Can be connected to an SCE
•CSCsh96714 SM GUI—When you change the subscriber domain, a logic problem occurs
•CSCsh57286GUI—An SM GUI error appears when searching for a subscriber and the DB is empty
•CSCsl48003 SCABB-SM GUI—a faulty radio button operation - adds VLAN and IP per subscriber
•CSCsl16383 GUI—When you add a subscriber to the SM GUI, length limitation exists
•CSCsl47880 SCABB-SM GUI—Does not allow adding a subscriber with more than 40 characters
Reporter
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to the Reporter.
CSCsy26498
The Reporter filters the data for HTTP-related reports based on the services that belong to the HTTP protocol family. Services that are defined by flavors without a specific protocol are not included in the reports. The HTTP service based on the URL list will not be displayed in the HTTP-related reports.
Workaround:
Add a service-element for the service that includes flavor and HTTP protocol.
Configuration Management
This section describes open caveats in SCA BB Release 3.5.5 that relate to configuration management.
General
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to general issues concerning configuration management.
CSCsz94225
In the virtual-link mode (without the VLM solution integration), the "no virtual-links all direction downstream" command does not remove all the downstream Virtual Links per direction.
Workaround:
Instead of using the command "no virtual-links all direction downstream" to remove all virtual link from the downstream direction use the command that removes the virtual-link per index one by one.
For example, to remove the virtual-link index 1:
SCE#>configureSCE(config)#>interface LineCard 0SCE(config if)#>no virtual-links index 1 direction downstreamSCE(config if)#>exitSCE(config)#>exit
Note Removing all Virtual Links from the upstream direction works fine.
Service Configuration API
This subsection describes open caveats in SCA BB Release 3.5.5 that relate to the Service Configuration API.
N/A
Backward compatibility with previous SCA BB 2.5 Service Configuration API releases
For example:
Package and class name changes: The Service Configuration Management API has changed in SCA BB 3.0.0, to accommodate new product naming conventions. Nevertheless, the older API classes and methods can still be used.
Note However, the Service Configuration Editing API in SCA BB 3.0.0 has been significantly changed, and is generally incompatible with 2.5.
CSV file format changes: SCA BB introduces a new format for CSV files of HTTP URL lists. For backward compatibility, SCA BB 3.0.0 Service Configuration API allows importing CSV files of HTTP URLs in the old 2.5 formats.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.