 Feedback
|
Table Of Contents
Release Notes for Cisco ACNS Software, Release 5.1.3
Manually Downloading the SmartFilter Control List
Media File System Issues When Downgrading to ACNS 5.0 Software
Websense Issues When Downgrading to ACNS 5.0 Software or ACNS 5.1 Software
Scheduling Live Events for Multiple Content Engines
Multicast Sender Nonretroactive Scheduling Rule
Open Caveats - ACNS Software, Release 5.1.3
Resolved Caveats - ACNS Software, Release 5.1.3
TACACS+ Enable Password Attribute
Configuration Requirements for Managed Live Events
Multicast Sender Interoperability
Restrictions Regarding Native FTP Caching in ACNS 5.1 and 5.1.x Software
FTP Caching Support in the Cisco ACNS Caching and Streaming Configuration Guide, Release 5.1
FTP Caching Support in the Cisco ACNS Software Command Reference, Release 5.1 Publication
Group-Type Patterns in Rule Pattern Lists
SmartFilter Software and the rule action no-auth Command Rule Interaction
Bandwidth Configuration for Interfaces and Content Services
Default Port of the Content Engine GUI
Playing Nonhinted IP/TV On-Demand Programs over an ACNS Network
Restriction on IP/TV Program Manager Configuration
Cisco Product Security Overview
Reporting Security Problems in Cisco Products
Obtaining Technical Assistance
Cisco Technical Support & Documentation Website
Definitions of Service Request Severity
Obtaining Additional Publications and Information
Release Notes for Cisco ACNS Software, Release 5.1.3
August 4, 2005
ACNS Build 5.1.3b15
Note
The most current Cisco documentation for released products is available at Cisco.com at http://www.cisco.com. The online documents may contain updates and modifications made after the hardcopy documents were printed.
Contents
These release notes contain information about the Cisco Application and Content Networking System (ACNS) software, Release 5.1.3. These release notes describe the following topics:
•
•
•
Introduction
ACNS software combines the technologies of demand-pull caching and pre-positioning for accelerated delivery of web applications, objects, files, and streaming media; ACNS software runs on Cisco Content Engines, Content Distribution Manager, and Content Router hardware platforms.
Note
These release notes are intended for administrators who will be configuring, monitoring, and managing devices that are running ACNS 5.1.3 software. These release notes describe the open and resolved caveats regarding ACNS software, Release 5.1.3.
System Requirements
This section describes the hardware supported by ACNS software, Release 5.1.3.
Hardware Supported
ACNS software, Release 5.1.3 supports the same hardware platforms that were supported in the ACNS 5.1 release. The following hardware platforms are supported:
New or Changed Information
This section describes new or changed information for the ACNS 5.1.3 release. It covers the following topic:
•
Note
Manually Downloading the SmartFilter Control List
The intent of the SmartFilter Control List is not to categorize every available URL on the Internet. Instead, it focuses on categorizing those Internet sites that are considered unproductive or inappropriate for typical business or educational environments. The 30 predefined SmartFilter Control List categories encompass a wide variety of material. Some categories are focused on reducing legal liability of a company. These 30 categories are set to "Deny" in the default SmartFilter software policy. Some categories contain such sites as MP3 sites (sites that content that consumes excessive bandwidth). The remainder of these 30 categories are considered unproductive or inappropriate for business or educational environments.
SmartFilter software also provides ten user-defined categories that allow you to further tailor access by defining and filtering sites that are not included in the SmartFilter Control List. Additionally, you can exempt any site that you would like specific groups or individuals to access quickly and easily.
Secure Computing uses automated tools to search the Internet continuously for new sites and pages that meet the content criteria for the 30 predefined Control List categories. Candidate sites are presented to Secure Computing Control List technicians for personal review. As a rule, sites are not added to the SmartFilter Control List without first being viewed and approved by Secure Computing Control List technicians.
Note
You can use the SmartFilter Administration Console to define a SmartFilter Control List download schedule. The Download Setup window tracks the download site, your username, and your password. If you do not download an updated SmartFilter Control List at least monthly, the SmartFilter software considers the Control List "expired," and invokes the action that you specified in the SmartFilter License window.
If the SmartFilter Control List (sfcontrol file) was not properly downloaded from the Secure Computing FTP site and you used FTP to transfer this sfcontrol file from one Content Engine to another, this can cause the cache process to restart.
To stop SmartFilter from restarting the cache process, complete the following tasks, which include manually downloading the SmartFilter control list to the Content Engine:
1.
For example, enter the no url-filter http smartfilter enable global configuration command to disable this feature through the Content Engine CLI.
2.
3.
For example, enter the url-filter http smartfilter enable global configuration command to disable this feature through the Content Engine CLI.
4.
a.
b.
c.
d.
e.
f.
Note
Important Notes
This section emphasizes important information regarding ACNS 5.1.x software.
•
•
•
•
Media File System Issues When Downgrading to ACNS 5.0 Software
If you have configured the media file system (mediafs) with ACNS 5.1 software or later, and then downgrade to ACNS 5.0 software, the mediafs disk space assignment is lost and it reverts to ACNS network file system (cdnfs) disk space. (The mediafs is used for on-demand content that is fetched through the two streaming protocols [RTSP and WMT]. The cdnfs is used for pre-positioned content in the ACNS network.)
This situation occurs because of a design change that was implemented in ACNS 5.1 software. Because ACNS 5.0 software is not compatible with this change, the disk space becomes assigned to cdnfs instead of mediafs. To work around this problem, follow these steps:
1.
Use the Content Distribution Manager GUI for Content Engines that are registered with a Content Distribution Manager. Use the Content Engine GUI for standalone Content Engines (that is, Content Engines that are not registered with a Content Distribution Manager and are being managed through the Content Engine GUI or CLI).
2.
Websense Issues When Downgrading to ACNS 5.0 Software or ACNS 5.1 Software
If the local (internal) Websense server is enabled on the Content Engine and you downgrade from the ACNS 5.2.x software to ACNS 5.0 software or ACNS 5.1 software, the WebsenseEnterprise directory is removed from the Content Engine and the local Websense server stops working. Note that the ACNS 5.2.x software does not generate an error message indicating that the WebsenseEnterprise directory has been removed.
To avoid this problem when downgrading from ACNS 5.2.x software to ACNS software 5.1 or ACNS 5.0 software, follow these steps:
1.
2.
3.
Scheduling Live Events for Multiple Content Engines
When you schedule a program for a live event, we strongly recommend that you use Greenwich Mean Time (GMT) instead of the local time of the Content Engine that is delivering the program. If you are transmitting the live event across multiple Content Engines that span different time zones, and you schedule local time on each Content Engine instead of GMT, the live transmission is likely to fail.
Multicast Sender Nonretroactive Scheduling Rule
In ACNS 5.1 software, a primary multicast sender automatically schedules the first carousel pass, which sends multicast content to receiver Content Engines. However, ACNS software enforces a nonretroactive scheduling rule, which states that a multicast sender cannot send any files that arrived 10 minutes before it became a multicast sender. Thus, in ACNS software, Release 5.1, when a Content Engine becomes the active primary sender, it does not automatically schedule the first carousel pass to include content that is over 10 minutes old. If you want the old content sent, you must use the distribution multicast resend EXEC command without the on-demand-only option specified. (The on-demand-only option triggers a resend only when a negative acknowledgement [NACK] is issued. In this instance, you want to trigger the resend without a NACK from the receiver.)
After the first multicast carousel pass is complete (whether you manually triggered the resend using the distribution multicast resend command or whether the primary sender completed the pass automatically), the primary sender then determines whether the next carousel pass for content will follow a fixed schedule or whether it will be triggered by NACKs from receiver Content Engines.
In ACNS 5.1 software, you can configure the primary sender to disregard NACKs from receiver Content Engines and send content based on a fixed schedule of carousel passes. To enable this behavior, use the multicast fixed-carousel enable global configuration command. In contrast, a backup multicast sender cannot be enabled for fixed carousel passes; on backup senders, carousel passes must always be triggered by NACKs from receiver Content Engines.
Note
The multicast fixed-carousel enable command is only available for the ACNS 5.1 software primary multicast sender. The default is no fixed carousel; the first carousel pass is automatic and future carousel passes are ondemand only, that is, they are triggered by NACKs.
Caveats
This section lists and describes the open and resolved caveats in ACNS 5.1.3 software. Caveats describe unexpected behavior in ACNS 5.1.3 software. Severity 1 caveats are the most serious; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats.
Open Caveats - ACNS Software, Release 5.1.3
This section lists and describes caveats that are open in ACNS software, Release 5.1.3.
•
Symptom: Content cannot be acquired using strong authentication from secure origin servers that use certificates from nonstandard certificate authorities (CAs). If strong authentication was chosen for content acquisitions from such a site, the acquirer error statistics will contain a 401 (Unauthorized) error code, and the acquirer error log contains the following error message:
Strong Cert Authentication rejects certificate due to error: ssl error codeCondition: This problem occurs if the origin server uses a certificate that is not known as a standard certificate to the ACNS software acquirer. For content acquisition from secure sites over HTTPS using strong authentication, only sites with certificates from standard certificate authorities are supported.
Note
Workaround: Use one of these workarounds:
–
–
•
Symptom: The Content Engine model CE-565 shows lower HTTP performance when it is attached to a Storage Array SA-7 device.
Condition: This problem occurs when the CE-565 has Windows Media Technologies (WMT) enabled and is attached to an SA-7 device.
Note
Workaround: Allocate less space to the cfs if a Storage Array is attached to the Content Engine.
•
Condition 1: The ACNS network is set up for multicast distribution with Content Engines subscribed to multicast-enabled channels. Multicast sender and receiver Content Engines are running mixed versions of ACNS software. All Content Engines have been successfully enabled for multicasting. The Content Distribution Manager is running ACNS 5.1.x software.
Symptom:
–
–
Note
Case 1: The primary sender is using an ACNS software release earlier than ACNS 5.1.x. The backup sender is using ACNS 5.1.x software, as is the receiver.
–
–
–
Case 2: Both the primary sender and the backup sender are using ACNS 5.1.x software. The receiver is using an ACNS software release earlier than ACNS Release 5.1.x.
–
–
Case 3: Both the primary sender and the receiver are using an ACNS software release earlier than ACNS Release 5.1.x. The backup sender is using ACNS 5.1 software.
–
–
–
Condition 2: Although you may have received a warning message from the Content Distribution Manager, you can still configure a Content Engine as a backup sender if the Content Engine is registered with a Content Distribution Manager running ACNS 5.1.x software and the Content Engine is running ACNS software earlier than ACNS Release 5.1.x. Cases 4 through 6 discuss the backup sender operating under these conditions.
Symptom: The Content Distribution Manager does not send related configuration information and configuration changes to the Content Engine running the earlier software version. This results in the the Content Engine not being able to identify itself as the multicast backup sender. This scenario might also occur if a backup sender using ACNS 5.1.x software is downgraded to an earlier software version through the Content Engine CLI.
Case 4: Both the primary sender and the backup sender are using an ACNS software release earlier than ACNS Release 5.1.x. The receiver is running ACNS 5.1 software.
–
–
Case 5: The primary sender and the receiver are using ACNS 5.1 software. The backup sender is using an ACNS software release earlier than ACNS Release 5.1.x.
–
–
Case 6: The primary sender is using ACNS 5.1.x software. Both the backup sender and the receiver are using an ACNS software release earlier than ACNS Release 5.1.x.
–
–
Condition 3: The Content Distribution Manager is using an ACNS software release earlier than ACNS Release 5.1.x. In software releases earlier than ACNS Release 5.1.x, only one sender is configurable for each multicast cloud.
Case 7: The sender is using ACNS 5.1.x software. The receiver is using a software release earlier than ACNS Release 5.1.x.
The sender behaves like a primary sender running ACNS 5.1.x software. That is, it sends the first round of content without requiring a NACK to trigger the carousel pass. However, the sender is unable to continue making carousel passes because the receiver is unable to send NACKs.
Workarounds for Case 7:
–
–
Case 8: Both the sender and the receiver are using ACNS 5.1.x software.
The sender is able to perform carousel passes and the receiver is able to send NACKs for missing content; however, there is no support for a backup sender or for configuring the NACK interval multiplier.
Case 9: The sender is using an ACNS software release earlier than ACNS Release 5.1.x. The receiver is using ACNS 5.1.x software.
–
–
Workaround for Cases 1 through 9: Upgrade both senders and receivers to ACNS 5.1.x software. Upgrade the sender first, and then upgrade the receivers.
•
Symptom: When IP address changes are made on a WCCP-enabled Content Engine, existing connections break, and new connections are not accepted for 30 seconds.
Condition: This problem occurs when you change IP addresses on a Content Engine that has WCCP enabled.
Workaround: Disable WCCP on the Content Engine before changing IP addresses on the Content Engine.
•
Symptom: The Content Engine displays the following error message:
KERNEL: assertion (atomic_read(&sk->wmem_alloc) == 0) failedCondition: The Content Engine displays this error message during normal operation.
Workaround: Ignore the error message.
•
Symptom: Users do not receive the requested page, or the requested page loads very slowly.
Condition: This problem occurs when the origin server sends back a response with "Connection: close," but does not close the connection. The Content Engine waits for the server to close the connection, until the Content Engine times out. Subsequent requests are affected and are not processed until the previous request is completed, thus causing the delay.
Workaround: Configure the Content Engine with a static bypass entry for the server.
•
Symptom: The HTTP proxy cache hit response time increases dramatically over time.
Condition: The Content Engine is overloaded (200 requests per disk spindle is the maximum for the CE-7305 and CE-7325).
Workaround: Reduce the load.
•
Symptom: When you use Windows XP with Windows Media Player 9.0.0.3008 installed, embedded Microsoft media files (for example, .asf files) cannot be retrieved over HTTP from a Content Engine that has the media files pre-positioned.
Condition: When the Content Engine has media files pre-positioned, and the Content Engine is not configured for either WMT or HTTP proxy services, media files must be retrieved over HTTP from a pre-positioned store on the Content Engine.
Workaround: To avoid this problem, do one of the following:
–
–
•
Symptom: The CE-7325 does not respond to a console or Telnet session.
Condition: This situation can occur if the CE-7325 is experiencing a heavy WMT proxy load (approximately 3000 concurrent sessions of 300-kbps media requests) and the majority of the requests are cache misses. Even after the heavy load no longer exists, the CE-7325 does not respond to a console or Telnet session for another few minutes.
Workaround: Reboot the device.
•
Symptom: The CLI shell (in EXEC or configuration mode) exits unexpectedly in ACNS software.
Condition: This is very rare. When it occurs, there is a core.XXXX file in the /local1/core_dir directory, where XXXX is a number.
Workaround: Log in to the CLI shell again.
•
Symptom: Windows Media Technologies (WMT) is enabled with no media file system (mediafs) after you downgrade from ACNS 5.1b300 software to ACNS 5.0.7b8 software.
Condition: This occurs if you upgrade from ACNS 5.0.7b8 to ACNS 5.1bx software, configure the disk, and then downgrade to ACNS 5.0.7b4.
Workaround: Reconfigure the disk with a mediafs partition and reload the software.
•
Symptom: You cannot configure the Content Engine TACACS+ client to authenticate administrative users if the TACACS+ encryption key is not defined.
Condition: This problem is reported for a TACACS+ server configuration in conjunction with a Rivest, Sharmir, Adelman (RSA) token server. The problem occurs when the TACACS+ encryption key is not defined and the TACACS+ authentication server configuration involves an RSA server. There are no problems if the encryption key is configured. There are no authentication problems if the encryption key is not defined and the RSA token server is not involved in the configuration.
Workaround: Configure the TACACS+ encryption key for secure authentication.
•
Symptom: Rarely, core dumps from the login program may occur.
Condition: This problem appears to occur only very rarely when you try to use Telnet to access the Content Engine.
Workaround: There is no known workaround.
•
Symptom: Content Engines in an ACNS network delete acquired on-demand content when IP/TV Broadcast Server, which is configured to serve the program, does not have the media file available in its IP/TV media root directory.
Condition: This occurs when the media file is not available in the IP/TV media root directory, either because of a change in the IP/TV media root directory path or because the media file was renamed or deleted for the exported ACNS program. This problem also occurs if IP/TV Broadcast Server fails or is deliberately removed from operation.
Workaround: Make sure the media file for an exported ACNS program is available in IP/TV Broadcast Server even if the media root directory is changed. Also ensure that the media file is not deleted or renamed after the creation of the program.
•
Symptom: A configured on-demand program is not listed in the IP/TV Program Manager OnDemand Program Listing window if the associated media file is not available.
Condition: The problem occurs only when the associated on-demand program media file is not available in the configured IP/TV Broadcast Server after the program was created.
Workaround: We recommend that you do not remove or the change media file location in IP/TV Broadcast Server after you configure on-demand programs that use the media file. If you must remove or change the media file location, then you must edit all the programs that use that file on that server to use either another file or another server.
•
Symptom: The audio stream sounds discontinuous when you listen to a rebroadcast or video-on-demand (VOD) of a recorded MP4 file.
Condition: The symptom occurs with IP/TV-generated MP4 files that are streamed from a Cisco Streaming Engine. The problem only occurs with MP4 files that contain an MP3 audio track sampled at 8000 Hz. Streaming the file directly from IP/TV Server does not result in this problem.
Workaround: Use a sampling frequency of 11025 Hz or 22050 Hz while creating a live program with MP3 audio if the recorded file is to be deployed in an ACNS network. Alternatively, use the AAC codec instead of MP3.
•
Symptom: The Content Engines fill up the / file system, and components then start to fail.
Condition: This problem may be related to SmartFilter configurations.
Workaround: There is no known workaroud.
•
Symptom: In rare circumstances the bypass counters may be incorrect.
Condition: This problem is likely to be seen under the following conditions:
–
–
Workaround: If the first condition is true, change the IP address assignments on the router so that the IP address assigned to the router interface from which packets are redirected to the Content Engine becomes the WCCP router ID. If the second condition is true, there is no known workaround.
•
Symptom: Earlier versions of IP/TV supported encoding of Japanese characters in Windows native Shift JIS encoding. For IP/TV 5.1 software, Shift JIS Japanese data is applied to the following data items:
–
–
Japanese characters are corrupted on all on-demand program data items. For scheduled program data items, only certain characters are corrupted but not all.
Microsoft Internet Explorer and Netscape Navigator support UTF-8 encoding in which Japanese characters are available. With UTF-8, all Japanese data is corrupted for both on-demand and scheduled programs, though they are corrupted in different ways.
Condition: Multibyte Japanese text for on-demand program information (category name and program name) is corrupted. Also for scheduled programs, certain Shift JIS Japanese characters are corrupted (channel name, program name), although other characters are saved or restored correctly.
Workaround: Do not use multibyte character sets.
•
Symptom: The MPEG-4 Microsoft codec has a pixilation problem. Irrespective of the resolution and bit rate, pixilation is seen.
Condition: This problem occurs when the MPEG-4 Microsoft codec and the Video for Windows codec are used at higher resolutions.
Workaround: Use the MPEG-4 ISO codec instead of the MPEG-4 Microsoft codec.
•
Symptom: The Content Engine WMT server sends WMT streaming packets at a rate faster than it should.
The problem occurs only if the stream file is generated by the Windows Media Player Version 9 encoder. The higher the bit rate, the more serious the problem. For a 1500-kbps stream, the Content Engine sends it at 1600 kbps; for a 2100-kbps stream, the Content Engine sends it at 3100 kbps.
Condition: This problem causes both Windows Media Player Version 8 and Windows Media Player Version 9 to exhaust the receiving buffer and to start dropping packets, which will cause inferior audio and video quality. Windows Media Player Version 7 experiences the same problem when using MMSU. However, Windows Media Player Version 7 operates better when using MMST or HTTP instead because it stops receiving packets instead of dropping them, which triggers the TCP flow control on the Content Engine side to pause sending.
Workaround: Use either of the following workarounds:
–
–
•
Symptom: Pre-positioned content is proxied to the origin server.
Condition: When content is acquired, the manifest file has an item AuthFlag=True. For content to be authenticated, the request is proxied to the origin server.
Workaround: Do not set the AuthFlag to true. If you need to authenticate content, then there is no known workaround for users of ACNS 5.1.x software.
•
Symptom: The device pauses indefinitely in all processing tasks. The kdb (kernel debugger) prompt appears.
Condition: This problem occurs when Windows Media Technologies (WMT) live splitting is used with WMT video-on-demand (VOD) on a Content Engine.
Workaround: Use the no wmt fast-live-split enable global configuration command to disable the high-performance live splitting feature on the Content Engine. This should bypass some kernel work. However, this workaround is not recommended if the highest WMT live-split performance is required from this Content Engine.
•
Symptom: The Centralized Management System (CMS) becomes unresponsive on a Content Distribution Manager or reports a timeout error.
Condition: This problem occurs if the CMS locks up on the Content Distribution Manager because of massive device registration and activation within a short time.
Workaround: Restart the CMS on the Content Distribution Manager.
•
Symptom: The DNS cache setting on the Content Engine does not affect the DNS behavior of the HTTP proxy.
Condition: This occurs if both the DNS cache and an HTTP proxy are being used.
Workaround: There is no known workaround.
•
Symptom: Although SNMP is configured, traps are sent for a cold restart but not for disk failures.
Condition: This problem can occur if you have SNMP configured and are using ACNS software, Release 5.1.x or Release 5.0.7 (or later), and a disk failure occurs.
Workaround: There is no known workaround.
•
Symptom: When you attempt to edit the list of locations through the Content Distribution Manager GUI, a processing error for the request occurs.
Condition: This problem can occur when there are a large number of locations and you try to edit the list of locations before the entire list is populated in the Content Distribution Manager GUI.
Workaround: Wait until the list of locations is fully populated in the Content Distribution Manager window before you make any changes to the list.
•
Symptom: A user sends an HTTP request to a browser in order to obtain a web page from an origin server; however, the user receives a web page from a different origin server.
Condition: This problem occurs when the following conditions exist:
–
–
This problem can occur if the user's machine is running a web browser that has been infected with the Qhosts virus. The Qhosts virus modifies the DNS resolution mechanism on the user's machine so that the origin server host name resolves to an IP address other than the one associated with the origin server host name. This mismatch between the value of the "Host" header and the IP address of the destination origin server in the request that is redirected to the Content Engine causes this problem.
Workaround: Some occurrences of this problem can be alleviated by upgrading to ACNS software build 5.1.3b7 or later, which contains a fix for CSCed40688. Upgrading to ACNS build 5.1.3b7 or later corrects this problem if the request results in a cache hit on the Content Engine. However, there is no known workaround if the request results in a cache miss on the Content Engine.
•
Symptom: TV-out playback fails with media files that are larger than 2 GB.
Condition: This problem can occur when the Content Engine with TV-out capabilities attempts to play back media files that are larger than 2 GB.
Workaround: There is no known workaround.
•
Symptom: Non-HTTP requests are blocked by the Content Engine.
Condition: This problem can occur if the client sends a non-HTTP request to the Content Engine.
Workaround: There is no known workaround.
•
Symptom: The node manager fails to clean up the start_log files if too many files already exist.
Condition: If inodes of the /local1 partition are unavailable, then applications can encounter various errors. These errors occur because the applications are unable to write to the /local1 partition because there are no more unused inodes to assign to a new file.
Note
Workaround: Use the delfile EXEC command to delete the old start_log files manually (use a regular expression to expedite this process).
•
Symptom: The Content Engine's error log file under /local1/errorlog/errlog-cache* contains many of the following error messages
Thu Dec 18 14:41:59 2003: 257: dir(0x91c5440) val 5937736 link list length 13where the link list length is greater than 5.
Note
Condition: This problem occurs when there are duplicate cache disk file system object entries for the same object. When a record is inserted into the hash table, there can be slower performance for a long list of duplicates because the entire list is searched.
Workaround: There is no known workaround.
•
Symptom: If you edit a file-based scheduled program and the Quality of Service (QoS) feature is configured, the revised program retains the QoS configuration even if you disable the QoS feature.
Condition: This problem occurs only with file-based scheduled programs; it does not occur with live programs.
Workaround: The only known workaround is re-creation. To remove the QoS configuration, delete the program and then re-create the program without configuring the QoS feature.
•
Symptom: An SNMP request that is sent to a physical interface address is returned to the SNMP manager with the IP address of the virtual (standby) group.
Condition: This occurs when you are running ACNS software with a standby IP group and the default gateway is on the subnet that belongs to the virtual IP address, without a closer matching "ip route" statement. Because no other route is configured, the network layer of the Content Engine uses the default gateway and the virtual IP address.
Workaround: Use the ip route dest_addrs net_addrs gateway_addrs global configuration command to add a more specific IP route to the Content Engine. Configure this more specific IP route so that the returned request uses the intended physical interface and the intended Content Engine IP address instead of the default gateway and the virtual IP address.
•
Symptom: The following error messages occur after you enter the write memory EXEC command:
CE# write memoryopen cli lock tmp_uids: Permission deniedexec_copy: Copy adm_b_db to SS failed. status = (1,12).Ignore if you didn't change RealServer config.After these errors occur, the configuration for the system's nonadministrative users, who have a privilege level of 15, is lost after the reload.
Condition: This problem occurs if the following conditions exist:
–
–
Workaround: Log in to the Content Engine as a user who is configured for a privilege level of 15 before you issue the write memory command.
•
Symptom: When a scheduled program that contains a Web Presenter stream is unicast, the audio and video streams are properly unicast but the Web Presenter stream is not unicast to the forwarding server.
Condition: This problem occurs if the unicast program contains a Web Presenter stream.
Workaround: There is no known workaround.
•
Symptom: In all rules specified with the group-type option, the OR rules are changed to AND rules if you move from one release of ACNS 5.1.x software to another ACNS 5.1 software release (for example, if you upgrade from ACNS Release 5.1.1b3 software to ACNS Release 5.1.3b18 software).
Condition: The rule postinstallion script runs irrespective of the version of ACNS software. The script is intended for upgrades from ACNS 5.0 software to ACNS 5.1 software, but is executed even when you upgrade or downgrade in other versions.
Note
Workaround: If you are upgrading from ACNS software Release 5.1.x to Release 5.1.3, use either of the following workarounds.
–
–
ContentEngine(config)# rule pattern-list 512 group-typeThis dummy configuration is only needed if there you have rules that use the group-type option.
•
Symptom: When you click links from the table of contents or the index of the ACNS Content Distribution Manager online help, the links open in the same pane, that is, the left pane, which contains the table of contents and the index, instead of opening in the right pane, which contains the help topics.
Condition: This problem occurs after you install Microsoft security update MS05-026. This security patch disables cross-frame navigation features that are based on HTML Help ActiveX control (HHCTRL).
Workaround: To reenable cross-frame navigation features that are based on HHCTRL, modify your Windows registry as explained in Microsoft Knowledge Base article 896905, which is available at this URL:
http://support.microsoft.com/kb/896905/
•
Symptom: Websense Manager cannot connect to the local Websense server (the Websense server runs as a separate process on the Content Engine instead of running on a separate system).
Condition: This problem occurs if you connect to the Content Engine with the local Websense server Version 5.0.1 using an external IP address from Websense Manager Version 5.0.1.
Workaround: There is no known workaround.
•
Symptom: A pre-positioned content object is lost after you configure a disk and reload the Content Engine.
Condition: If the amount of cdnfs content approaches the amount of disk space allocated to the cdnfs, then cdnfs content is removed to ensure that the cdnfs file system can be resized properly to hold the saved content. In ACNS 5.0.x software, the content is moved out of the file system (if other file systems that can hold the content are detected) or is deleted (if other file systems that can hold the content are not detected) when a disk configuration is performed and 90 percent or more of the cdnfs file system is used.
Workaround: Choose one of the following workarounds:
–
–
–
•
Symptom: The Websense policy server and user server generate core files.
Condition: This problem occurs when the Websense server is running on ACNS 5.1.x software with a version of the Websense Manager that is earlier than Version 5.0.1 build 20030722. This problem does not exist when the Websense server is running on ACNS 5.0.3 software.
Workaround: Download Websense Manager Version 5.0.1 build 20030722.
•
Symptom: If there is a WCCP transparent proxy between the ACNS network root Content Engine and the content origin server, and the proxy requires NTLM authentication, then the ACNS network acquirer may fail to acquire content in the following scenario:
1.
2.
3.
Condition: This occurs with ACNS 5.1.x software.
Workaround: Restart the acquirer through the acquisition-distribution stop and acquisition-distribution start commands.
•
Symptom: In ACNS 4.2 software, rules are configured only for HTTP and not for streaming protocols. If a Content Engine that is configured with rules and is running ACNS 4.2 software is upgraded to ACNS 5.1.x software, then these rules are configured with the protocol type "all."
Condition: This occurs when the software is upgraded to ACNS Release 5.1.x from ACNS Release 4.2.
Workaround: If you do not want the rule to be applied for some of the rule actions, you can change the rule configuration as required.
•
Symptoms: In HTTPS acquisition with directory indexing crawling, when the starting URL lacks a forward slash (/) at the end, the acquirer fails with a 700 error message.
Condition: In HTTPS acquisition with directory indexing crawling, when the starting URL lacks a forward slash at the end, the server returns a 302 Redirect message and redirects the request to the starting URL with a forward slash at the end. However, some servers may return some data in addition to the headers in the HEAD request. In such scenarios, the acquirer fails with a 700 error message.
Workaround: Add a forward slash to the starting URL in the manifest file.
•
Symptom: An FTP client application stops receiving data for a data transfer operation such as a directory listing (ls) or file transfer (GET). The same symptom can occur for FTP-over-HTTP data transfers from the FTP server to the Content Engine.
Condition: For FTP client applications, the Content Engine must be using the FTP proxy through WCCP redirection, configured for following the FTP client's mode for establishing a data connection. The FTP client application must have also been set to use active mode to the FTP server.
ContentEngine(config)# wccp ftp router-list-num numberContentEngine(config)# wccp version 2ContentEngine(config)# ftp proxy active-mode enableFor FTP-over-HTTP data transfers, the Content Engine must be configured for an FTP incoming proxy and configured to use active mode to the FTP server. The client browser must be configured to use the Content Engine FTP proxy for FTP URLs.
ContentEngine(config)# ftp proxy incoming portContentEngine(config)# ftp proxy active-mode enableThe symptoms can occur with the configurations described above and when the FTP server starts sending data packets that are received out of order by the Content Engine before the Content Engine sends the TCP connection establishment SYN-ACK packet to the FTP server.
Workaround: Remove the Content Engine active mode configuration by issuing the following configuration command:
ContentEngine(config)# no ftp proxy active-mode enableWhen this symptom occurs on an FTP client application, press Ctrl-C simultaneously to stop the partial data transfer operation.
When this symptom occurs on a browser configured for FTP-over-HTTP, click the STOP button to stop the partial data transfer operation.
•
Symptom: When you have numerous pattern lists configured (ORed together) and you downgrade from ACNS 5.1.x software to ACNS 5.0 software, then the first pattern list configuration is used. All other pattern lists are lost.
Condition: This problem occurs when you downgrade from ACNS 5.1.x software to ACNS 5.0 software and you have multiple pattern lists configured (ORed together). If you upgrade from ACNS 5.0 software to ACNS 5.1.x software, then the rules are converted properly. If you then downgrade to ACNS 5.0 software (without changing the rules; for example, not using ACNS 5.1.x software-specific syntax such as ORing) then there is no problem; all rules are converted properly.
Workaround: There is no known workaround.
•
Symptom: When you have numerous pattern lists configured (ORed together) and you downgrade from ACNS 5.1.x software to ACNS 4.2 software, then the first pattern list configuration is used. All other pattern lists are lost.
Condition: This occurs when you downgrade from ACNS 5.1.x software to ACNS 4.2 software and you have multiple pattern lists configured (ORed together). If you upgrade from ACNS 4.2 software to ACNS 5.1.x software, then the rules are converted properly. If you then downgrade to ACNS 4.2 software (without changing the rules, for example, not using ACNS 5.1.x software-specific syntax such as ORing) then there is no problem; all rules are converted properly.
Workaround: There is no known workaround.
•
Symptom: IP/TV Program Manager maintains and displays stale files from servers that are not managed anymore. These stale files are maintained in the IP/TV Content Manager database (iptvcmdb) and displayed.
Condition: This occurs when the server is not managed by IP/TV Program Manager anymore but stale files are being retained for over a day.
Workaround: Ignore the stale files.
•
Symptom: The cache process crashes while passing traffic for both the standard and the dynamic HTTPS service.
Condition: This problem can occur when heavy HTTPS traffic is passing through the Content Engine. Using standard and dynamic WWPC services and having the debug function enabled when the HTTPS traffic is heavy may contribute to this problem.
Workaround: There is no known workaround. However, the cache process will restart and work normally after such a crash.
•
Symptom: You are unable to disable the local Websense server that is running on the Content Engine.
Condition: The no websense-server enable global configuration command does not generate an error, and the local Websense server still operates. The show websense-server EXEC command shows that all the Websense server ports are unconfigured in ACNS 4.0 software but the Websense server is still running. The show services ports and show services summary EXEC commands do not list the Websense server ports.
Workaround: Disabling the Websense server means turning off the URL filtering functionality (subject to allow mode configuration). In the case of not being able to disable the local Websense server, you can turn off the Websense client configuration. To turn off URL filtering for the local Websense server, disable the Websense URL filtering client in the Content Engine. Also if the local Websense server was used by some other Websense clients, disable Websense URL filtering on these clients. Alternatively, you can use the reload EXEC command on the Content Engine.
•
Symptom: When a rule with the redirect action is configured with a URL of 0 and with a matching pattern (no replacing pattern), the cache process crashes if the request matches the pattern.
Condition: This occurs when you configure a numeric value of 0 for the redirected URL (for example, if www.yahoo.com is redirected to 0). If you want the Content Engine to redirect URL x to URL y, then you can configure the rule redirect action. While doing so, you must configure URL x and URL y.
Workaround: There is no known workaround.
•
Symptom: IP/TV Program Manager should prevent the user from entering a very low value for the Audio/Video Bandwidth field because low bit rates result in poor-quality audio and video.
Condition: This problem occurs if you create a program in IP/TV Program Manager and specify a very low value in the Audio/Video Bandwidth field.
Workaround: To obtain good-quality audio and video, configure the Audio/Video Bandwidth field with the specified ranges at the following URL:
/en/US/docs/app_ntwk_services/waas/iptv/v35/administration/guide/appa.html#1003842
•
Symptom: The concurrent file transfer setting in the IP/TV Program Manager Preferences window does not take effect.
Condition: This problem occurs if you attempt to specify the concurrent file transfer option through the IP/TV Program Manager Preferences window.
Workaround: There is no known workaround.
•
Symptom: IP/TV Program Manager uses the wrong password when transferring (FTPing) media files from one IP/TV Server to another.
Condition: IP/TV Program Manager has a per server configuration for login and password for FTPing to that IP/TV Server. When an FTP job is created in IP/TV Program Manager, IP/TV Program Manager uses the login and password information of the source server and creates an FTP session to obtain the media file. IP/TV Program Manager then uses the login and password of the destination server and opens another FTP session to send the media file to the destination server.
If there are any login problems for either the source or destination IP/TV Server, the FTP operation is retried after a specified interval. If the wrong password is specified in IP/TV Program Manager for either the source or destination IP/TV Server, the FTP operation fails. If you specify the correct password during the retrieval period, the password correction is not accepted and the FTP operation continues to fail.
Workaround: Delete the FTP job, and then create a new FTP job after you have corrected the password.
•
Symptom: IP/TV Program Manager generates a database inconsistency error.
Condition: This problem occurs when a pound sign (#) is entered as part of the username.
Workaround: There is no known workaround.
•
Symptom: Repeat schedules are ignored when you use FTP to transfer a media file within 5 minutes after creating it.
Condition: When you use the IP/TV Program Manager option to use FTP to transfer a media file immediately (that is, within 5 minutes after the creation of the transfer job) and if you configure repeat schedules for that transfer, the repeat schedules are ignored. The repeat schedules are not seen in the IP/TV Program Manager Review or Edit windows, and the transfer does not occur.
Workaround: There is no known workaround.
•
Symptom: A null pointer exception is generated.
Condition: This problem occurs when there is an addition to the program list in the initial Question Manager (QM) window.
Workaround: Close and open a new browser window.
•
Symptom: Revisions to the multicast range do not take effect.
Condition: This problem occurs if you revise the multicast range by changing the Time To Live (TTL) value in the IP/TV Program Manager Preferences window.
Workaround: Delete the program and then re-create the program.
•
Symptom: When MPEG-2 is specified as the preferred format in a channel, programs cannot be created in that channel.
Condition: This problem occurs only if MPEG-2 is the preferred format.
Workaround: When MPEG-2 is chosen as the preferred format for a channel-based program, the default bandwidth is set to 1150 (the default for non-MPEG-2 programs). The default bandwidth for MPEG-2-based programs should be 2000 for MPEG-2 half duplex, and 3000 for MPEG-2 full duplex. Manually set the bandwidth while creating the program as follows:
–
–
•
Symptom: If you set Quality of Service (QoS) for MP2T audio-only programs, QoS parameters are not included in the Session Description Protocol (SDP) information for the program. Consequently, the MP2T stream is streamed without the intended QoS characteristics.
Condition: The problem is observed with MP2T audio-only programs and when the audio QoS option is specified.
Workaround: There is no known workaround.
Resolved Caveats - ACNS Software, Release 5.1.3
•
The new format of the syslog messages in the ACNS 5.1 release is compatible with Cisco IOS software syslog messages and CiscoWorks 2000 (CW2K) syslog messages. Consequently, the logging cw2k global configuration command was removed from the set of ACNS 5.1 CLI commands because it is no longer needed in the ACNS 5.1 release.
•
When the FTP proxy on the Content Engine had many FTP sessions open (for example, 40 sessions) and the cache process was intentionally restarted because of a configuration action to enable or disable WMT, then the FTP Control Proxy process unintentionally stopped and restarted.
•
An advanced program that used a file having three streams (audio, video, and web presentation) launched the Web Presenter server. (When creating, duplicating, or editing a program, you must indicate the type of program. A program can be one of three types: live, file-based, or advanced. Advanced programs allow you to combine file-based and live information.) This problem occurred only when an advanced program was file-based and included a web presentation.
•
A constraint error occurred if you created more than 24 bandwidth settings of the same type for a particular Content Engine.
•
The Content Distribution Manager now caches the user authentication information for an authenticated administrative user.
•
During a pause in a multicast transmission, a small amount of network traffic from the multicast sender continued on the advertised multicast address. This condition occurred when you used multicasting to distribute content.
•
A user initiated a data transfer (such as a GET operation). The user canceled the data transfer by simultaneously pressing Ctrl-C. If the network connection between the client and the FTP proxy was on a very slow link compared to the proxy-to-FTP server link, then the cancellation took a long time to return control to the FTP client. This problem only occurred on systems that were running ACNS 5.1 software that had the FTP transparent WCCP service enabled. This behavior was seen only if the file was a cache miss and the network connection between the client and the FTP proxy (the Content Engine) was very slow compared to the WAN connection (for example, the connection between the Content Engine and the origin FTP server).
•
HTTPS requests showed a 500 error code in the transaction log.
•
When the cdnfs remaining option was used with the disk add diskname EXEC command, the following erroneous output was displayed:
dc: stack emptydc: dc: dc: stack emptydc: stack emptydc: stack emptydc: stack emptydc: stack emptydc: dc: stack emptyruby_disk - manipulate disks on Ruby platform•
The SNMP agent process (snmpced) crashed on a CE-7320 that was running ACNS 5.1 software.
•
A Windows Media Server (WMS) pull event (client-initiated request for content) from a Content Engine did not work if the source to the Content Engine was the Windows Media Server. For example, if the path for a live event was encoder > WMS > Content Engine > WMS > player, the event failed to play, whereas if the path was encoder > Content Engine > WMS > player, the event played properly.
•
Rules configured in the Rules Template did not change the host header correctly for the rewrite and use-server actions.
•
The first network attached storage (NAS) attachment that failed at bootup was not recovered by the health probe.
•
The acquirer stopped and the root Content Engine displayed a message that a remote procedure call (RPC) to the acquirer failed. The syslog also reported the following:
65-1#Service 'acquirer' died due to signal 3: QuitOct 22 11:36:24 565-1 Nodemgr: %CE-NODEMGR-5-330027: pid 3576 exits Oct 22 11:36:24 565-1 Nodemgr: %CE-NODEMGR-3-330025: Service 'acquirer' died due to signal 3: QuitOct 22 11:36:24 565-1 Nodemgr: %CE-NODEMGR-5-330032: Stopping service: 'acquirer'.•
CPU usage on the Content Engine periodically spiked (every half minute).
•
Statistics reported by the show statistics tcp EXEC command might have been inconsistent and incorrect under rare circumstances.
•
A FreeBSD FTP client received a "connection reset by peer error" message after it initiated a command that required a data connection, such as a DIR, GET, or PUT operation.
•
When a user attempted to create an exported video-on-demand (VOD) program, the following warning message could be displayed after the user clicked Submit:
Internal ErrorIP/TV Content Manager has encountered an internal error.Contact Technical Support at Cisco Systems at the URL:http://www.cisco.com/iptv/support.htmlThis problem only occurred if the user had specified a malformed manifest URL on the Content Distribution Manager when the user was creating or editing the channel.
•
The disk health checking operation caused a CPU spike to occur every 30 seconds.
•
When using the ACNS 5.1 Content Distribution Manager GUI to specify the Export Server directory (the transaction log export path name), you were required to enter a full path name that started with a leading slash from the root. The Content Distribution Manager GUI would not allow you to enter a path unless it started with a forward slash (/) or backward slash (\).
•
If you were using a Content Engine that had persistent connections enabled and were using NTLM authentication, a 400 Bad Request error message was displayed when you accessed certain sites through the Content Engine.
•
The cache process restarted when proxy request authentication was enabled on a Content Engine.
•
If the community string that was used for sending SNMP traps was not the same as the community string for SNMP read or read-write access, the Content Engine did not send traps.
•
The media player could not play smoothly if there was a proxy chain and a partial cache hit occurred during the initial playing of a cacheable file.
•
When the Content Engine was not able to contact the default gateway that was configured on the Content Engine, the syslog would display messages such as the following.
%CE-STDBY-4-522003: Unable to reach the gatewayAlthough this error message could have indicated that the Content Engine had fallen off the network, it is also possible that transient network failures caused this syslog error message.
•
The cache process restarted when it received a username longer than 50 characters, and both proxy authentication and SmartFilter URL filtering were enabled.
•
The Centralized Management System (CMS) restarted on the Content Distribution Manager, and the syslog had the following entries:
va.lang.NullPointerException: java.lang.NullPointerException at com.cisco.unicorn.util.Asserter.notNull(Asserter.java:29) at com.cisco.unicorn.messaging.DistributionMessage.sendAsync(DistributionMessage.java: 590)•
The syslog on the Content Distribution Manager displayed the following warnings:
java.lang.NullPointerExc eption: java.lang.NullPointerException at com.cisco.unicorn.controller.ProxyInfoHelper.getConfigList(ProxyInfoH elper.java:31) at com.cisco.unicorn.controller.AServant.getListEntryTripleUpdates(AServant.java:1763) at com.cisco.unicorn.controller.ServantCe.calculateUpdates(ServantCe.jav a:352)•
An SNMP cold start trap was not generated when the Content Engine booted up.
•
When an HTTP outgoing proxy was enabled through the Content Distribution Manager GUI, a "transaction not completed" error message was displayed.
•
When a Content Engine that was running ACNS 5.1.1b3 software was used with the TrendMicro Linux server Version 1.02 and a virus was found on any request, the browser received a Page not found/DNS not resolved error message instead of receiving a 403 Access Denied message.
•
Under certain conditions, several CLI commands might not work properly.
ce1# show wccp routersCould not connect to socket for WCCP err=Connection refused(111)ce1# show cms processesService cms_ce not running ce1Some core files could be generated, and the default gateway configuration could be lost from the running configuration.
•
When multiple LDAP authentication servers were configured, the Content Engine would check the secondary LDAP server even if the primary LDAP server was reachable. This caused a delay for users who were accessing the Internet on a first authentication attempt.
•
There was a possible disruption of Windows Media Technologies (WMT) streams because of MMS_SERVER crashes. The MMS_SERVER would restart on its own.
•
The Content Engine generated a core file if the icap service error-handling return-error global configuration command was used and the Content Engine received bad data from an ICAP server.
•
If Websense was enabled on the Content Engine, the Content Engine's CPU was at 100 percent.
•
A URL was not filtered when the following conditions existed:
–
–
•
The Windows Media Player stopped playing a stream and closed the connection with the Content Engine for a long period; however, the show statistics streamstat EXEC command indicated that the entries were paused. This problem occurred if the player was Windows Media Player Version 8 and WCCP redirect proxy mode was being used.
•
With FTP-over-HTTP, the cache process would crash if the PORT command to the FTP server failed. The cache process would automatically restart, and the cache service was usually down temporarily (usually less than a minute).
•
Although rules were enabled to cache dynamic URL references, some URLs (with dynamic content) were not cached if NTLM authentication was enabled on the origin server and the proxy server.
•
The ACNS 5.0.1 software DNS process hung and consumed from 50 to 60 per cent of the CPU. DNS resolution failed on the Content Engine.
•
Websense filtering stopped working when Websense was configured to use custom filters. For example, the LDAP user attribute was changed from uid to employeenumber in the Websense advanced directory settings. This allowed users to authenticate using their employee number; however, LDAP expression filtering would stop working.
•
Under certain situations, an HTTP request that contained a Range request could cause the cache process to shut down. This problem could occur on systems that were running ACNS 5.0.x or ACNS 5.1.x software.
•
ACNS software can now determine that the connection is an NTLM connection and enable persistence for the NTLM connection. This allows you to use persistence for NTLM connections even though HTTP persistent connections are disabled.
•
The disk add EXEC command did not set the path environment variable correctly if you were logged in through Secure Shell (SSH).
•
CLI requests issued from the Content Distribution Manager or the command line could fail locally because the RAM disk space on the Content Router was full and the CLI temporary output files could not be written to the Content Router /tmp directory.
•
Under certain conditions, the ContentRouter process was restarted on a Content Router; this caused a core file to be generated on the Content Router.
•
When you created a scheduled program with IP/TV Program Manager, if the Suppress Multicast RTCP Feedback option in the IP/TV Program Manager Preferences window was selected, a Time To Live (TTL) hop count of 1 was passed to the ACNS network. The stream was unable to pass through the router because the packet was being dropped when the TTL hop count became zero.
•
The syslog contained the following type of message:
uns-server: %CE-CDNFS-3-480000: gen_userfilename: missing ECDNFS file for url <u>where <u> is a url.
This problem occurred if all of the following conditions existed:
–
–
–
–
–
•
Execution of a CLI command on a remote Content Engine or Content Router failed if the /tmp directory on the target device was full.
•
The cache process was restarted if you accessed an HTTPS URL from a Windows Media player. This problem occurred on systems that were running ACNS 5.0.x and ACNS 5.1 software.
•
During a device boot, if you pressed <Enter> at the boot flags prompt, there was no apparent way for you to exit without bypassing either the NVRAM or login. The boot flags prompt now lists 0x0000 as a boot flags option that allows you to exit without bypassing either the NVRAM or login.
•
If the DNS client was unable to successfully read from a socket, an arithmetic violation occurred in the DNS process and caused the DNS process to restart. This occurred on systems that were running ACNS 4.x, ACNS 5.0, or ACNS 5.1 software.
•
The playback of Windows Media Technologies (WMT) content failed if Content Router (CR) routing was used to play back the content and if the content was not yet pre-positioned or was deleted because the expiration period had elapsed. This problem only occurred when the origin server was listening on the MMS port but not the HTTP port. This problem did not occur if the WMT content was pre-positioned and the content was residing on the Content Engine.
•
A core file was generated if a requested streaming file did not have any content (the block count of the requested file was zero) and the Content Engine was being used as the WMT HTTP proxy.
•
When IP/TV Server and the root Content Engine were in the same multicast domain and you created a scheduled program for these devices, IP/TV Viewers that were tuned to these multicast IPs would receive duplicate packets from IP/TV Server and root Content Engine. This occurred because both devices were in the same multicast domain and used the same multicast IPs and ports. This could cause problems with IP/TV Viewers that were playing the scheduled program.
•
When a live-split only program was configured in IP/TV Program Manager, IP/TV Server would continue to use multicast-out to send the selected streams for a live-split only program.
•
When web clients were accessing certain websites through WCCP as opposed to a forward proxy, these web clients were going to the wrong IP address. If multiple requests occur for the same IP address that did not resolve to that web page, other clients using that same Content Engine cache would receive the wrong page.
•
If the HTTP caching process crashed repeatedly and the node manager restarted this process, a slowdown in Content Engine services occurred. The HTTP caching process would repeatedly crash if a Content Engine that was running ACNS 5.1.x software was downgraded to ACNS 5.0.x software.
•
The ACNS network file system (cdnfs) stores pre-positioned ACNS network content that is to be delivered by all of the supported protocols, including HTTP, WMT, MMS, and RTSP. The cdnfs cleanup EXEC command, which can be used to clean up unused unified name space (UNS) content, did not work properly in the following situations:
–
–
Note
•
In the ANCS software, Release 5.1.1, if you used WCCP for WMT interception and to serve pre-positioned WMT content, the content might not play back properly with Windows Media Player Versions 6, 8, and 9. (This playback problem did not occur with Windows Media Player Version 7.)
If the origin server of the pre-positioned content was functioning and could serve WMT content, then the Content Engine would serve the content through the proxy cache (not from the cdnfs). If the origin server of the pre-positioned content was not functioning, then the playback failed. In both cases, content was not played from pre-positioned content. This problem occurred because Windows Media Player Version 6, 8, and 9 did not provide the host header in the request, so the Content Engine was not able to determine whether the request was for pre-positioned content.
•
When the receiver Content Engine was replicating content through multicast distribution and the object had been updated, it would indicate that replication was completed for the entire channel. However, the Content Engine would not save and serve the updated version of a pre-positioned object; it would retain and serve the out-of-date version of the pre-positioned object.
•
The caching process generated core files and restarted on Content Engines when the SmartFilter plug-in was enabled and there was a high load on disk memory.
•
After you upgraded from ACNS 5.0.x software to ACNS 5.1.x software, a 403 Access Denied message was displayed when a user attempted to access pre-positioned content.
•
The RTSP gateway generated a core file because of heavy performance load.
•
Configurations from the Content Engine GUI SNMP Version 3 window were not accepted, and core files were generated. This problem occurred when you configured SNMP Version 3 through the Content Engine SNMPv3 window.
•
A java.lang.IllegalArgumentException occurred when you clicked the Refresh button in the IP ACL window of the Content Distribution Manager.
•
The CPU usage on the Content Engine spiked to 100 percent, and the MMS record consumed more CPU. This occurred when WMT was not enabled, HTTP authentication was enabled, content preload had started an MMS record, and there was a proxy between the client and the server. The MMS record went into an infinite loop when its request was intercepted by a proxy that needed authentication from the client.
•
With ACNS 5.x software, if rules were configured, the redirect action did not occur in certain configurations. This occurred in ACNS 5.0 software and ACNS 5.1 software when the Rules Template was enabled.
•
The cache process was unintentionally restarted because of a problem closing the network endpoint associated with an FTP proxy data transfer. This problem occurred when the FTP proxy was under load with many open sessions and the WCCP feature was disabled through the no wccp version 2 command.
•
The configurable proxy error message download failed when the URL was an HTTPS URL. This occurred when the URL that the file was being downloaded from was an HTTPS URL.
•
Under certain conditions, the IP/TV Program Manager went into a loop when you attempted to create a scheduled program or channel through the IP/TV Program Manager GUI. For example, this problem occurred if the IP/TV Program Manager's Preferences window had the Admin Scoped Address option configured and a small range of addresses (for example, six addresses) specified.
•
For URL filtering, attempts to delete the device HTTP, RTSP, and WMT good and bad site settings through the Content Distribution Manager failed. This occurred if the HTTP, RTSP, and WMT good and bad site settings were originally added through the CLI, and the local central management (LCM) feature was enabled on the Content Distribution Manager.
•
The authentication cache on the Content Engine crashed during the NTLM authentication of an HTTP request. This problem occurred if the following conditions existed.
–
–
–
–
–
•
A WCCP L2 redirect (an FTP proxy with Layer 2 redirection) did not work.
•
When you created a scheduled program based on an MP2T file and then edited this program, the viewer would crash when you tried to view the edited program. This problem only occurred with MP2T file-based scheduled programs that had been edited. (The program would play without any problems if it was not edited.)
•
The http_authmod process crashed if a user who was attempting to be authenticated belonged to a large number of groups. This problem occurred only if the user's list of groups exceeded 750 characters.
•
When a large number of requests were redirected to the Content Engine and more than 200 open connections were concurrently required to serve the authentication requests, the http_authmod process crashed and generated a core file.
Documentation Updates
This section describes documentation updates.
•
•
•
•
•
•
•
•
•
•
TACACS+ Enable Password Attribute
This documentation update applies to the following three ACNS Release 5.1 software guides:
•
•
•
The ACNS software CLI EXEC mode is used for setting, viewing, and testing system operations. It is divided into two access levels, user and privileged. To access privileged-level EXEC mode, enter the enable EXEC command at the user access level prompt and specify a privileged EXEC password (superuser or admin-equivalent password) when prompted for a password.
In TACACS+ there is an "enable password" feature that allows an administrator to define a different enable password for each user. If an ACNS user logs in to the Content Engine with a normal user account (privilege level of 0) instead of an admin or admin-equivalent user account (privilege level of 15), the user must enter the admin password in order to access privileged-level EXEC mode.
ContentEngine> enablePassword:
This caveat applies even if these ACNS users are using TACACS+ for login authentication.
Pre-Positioned Content
This documentation update applies to the Cisco ACNS Software Deployment and Configuration Guide, Release 5.1.
In ACNS 5.1.x software earlier than Release 5.1.5, pre-positioned content is served only on ports that are standard for the protocol. If the incoming URL contains a port number other than the standard port for that protocol (for example, HTTP uses port 80, RTSP uses port 554, and WMT uses port 1755), then the Content Engine does not attempt to serve the content from the pre-positioned file system (cdnfs). Instead, the Content Engine tries to serve the content from the cache file system (cfs) or tries to fetch the content from the origin server, depending on the existing configuration of the Content Engine.
In ACNS software, Release 5.1.5, the ignoreOriginPort attribute was added to support the playback of pre-positioned content using nonstandard ports. The ignoreOriginPort attribute controls content playback and allows the use of nonstandard ports to play back pre-positioned content. In releases of ACNS software prior to Release 5.1.5, playback of pre-positioned content using nonstandard ports was not supported.
The ignoreOriginPort attribute is supported under the following tags in the manifest file:
•
•
•
•
The ignoreOriginPort attribute is optional. Valid values for the ignoreOriginPort attribute are true or false. The default is false. In the following example, the ignoreOriginPort attribute is specified in the <item> tag and is set to true.
<item scr="<http//10.77.155.211/abc.html>http//10.77.155.211/abc.html" ignoreOriginPort="true" />If an item is acquired with the attribute set to true (ignoreOriginPort=true), then the content is played back even if the incoming URL that was used to request the content contains a nonstandard port. For example, if content is acquired as:
<http//www.foo.com/abcd.xml>http//www.foo.com/abcd.xmlthen the content can be played back as:
<http//www.foo.comXXXX/abcd.xml>http//www.foo.comXXXX/abcd.xmlwhere XXXX is the port number.
For more information about using a manifest file to acquire and distribute content in an ACNS 5.1 network, refer to Chapter 7, "Creating Manifest Files," in the Cisco ACNS Software Deployment and Configuration Guide, Release 5.1.
Configuration Requirements for Managed Live Events
This documentation update applies to the Cisco ACNS Software Deployment and Configuration Guide, Release 5.1.
If you have channels for live programs configured in your ACNS 5.1 network, make sure that there are no external proxy servers physically located between your ACNS 5.1 receiver Content Engines and your ACNS 5.1 root Content Engine that require proxy authentication. Also, make sure that proxy authentication is not enabled on any receiver Content Engines that might be in the logical, hierarchical path between the root Content Engine and the receiver Content Engine that is going to serve the live stream to the requesting clients. If a live stream encounters any device that requires proxy authentication, the stream will be dropped before it reaches its destination.
If your network is set up with intermediary devices that require proxy authentication, you can work around the problem by configuring rules to bypass authentication on these devices.
For example, to enable the formation of a unicast splitting tree and, in turn, enable live broadcasting from all receiver Content Engines, you can specify the following rule on all of the parent Content Engines in the channel:
ContentEngine(config)# rule pattern-list 1 downstream-CE-ipaddressContentEngine(config)# rule no-auth pattern-list 1cdn-url Attribute Description
This documentation update applies to the Cisco ACNS Software Deployment and Configuration Guide, Release 5.1.
With ACNS software, you can use cdn-url as an optional attribute of distributed content. This option only works when the media is pre-positioned on the Content Engine and the origin server does not have to be contacted for any reason to fulfill the request. You cannot use the cdn-url attribute if the origin server needs to be contacted to fulfill the request, for example, in such situations as the following:
•
•
•
Note
On page 7-44, replace the bulleted item under the "Item" section with the following.
•
The cdn-url attribute is optional and is used when content needs to be acquired from one URL (the content acquisition URL) and published using another URL (the publishing URL). The cdn-url attribute is the relative ACNS network URL that end users use to access this content. If no cdn-url attribute is specified, then the src attribute is used as the relative ACNS network URL.
In the following sample manifest file, the content item being acquired contains the file path /RemAdmin/InternalReview/firstpage.htm. By specifying a new file path (RemAdmin/Production/firstpage.htm) using the cdn-url attribute, the publishing URL disguises the fact that the content originated from an internal review.
<CdnManifest><server name="ultra-server"><host name="http://ultra-server" /></server><item src="RemAdmin/InternalReview/firstpage.htm" cdn-url="RemAdmin/Production/firstpage.htm" /></CdnManifest>In the preceding example, src is the content acquisition URL and cdn-url is the publishing URL.
Note
If the content is live or requires playback authentication, the origin server from which the content is acquired must be contacted. Therefore, two URLs must exist for the same content item, and the URL specified in the cdn-url attribute must exist on the origin server at all times.
For example, if the content item "RemAdmin/Production/firstpage.htm" requires playback authentication, this content must exist on the "ultra-server" origin server. Otherwise, pre-positioned content playback will fail.
In general, you should not use the cdn-url, cdnPrefix, or srcPrefix attributes if playback authentication is required or if the content is live.
If you use FTP to acquire content and the content type is not specified in the manifest file and the cdn-url attribute is used to alter your publishing URL, the cdn-url attribute must have the correct file path extension (for example, .jpg). Otherwise, the incorrect content type will be generated and you cannot play the content.
The following example correctly shows the publishing URL with the same file path extension (.jpg) as that of the origin server URL.
<item src="ftp://ftp-server.abc.com/pictures/pic.jpg" cdn-url="pic.jpg" />The following example is incorrectly written, because it does not specify the file path extension (.jpg) in the cdn-url attribute.
<item src="ftp://ftp-server.abc.com/pictures/pic.jpg" cdn-url="pic" />Multicast Sender Interoperability
This documentation update applies to the Cisco ACNS Software Deployment and Configuration Guide, Release 5.1. The following is additional information regarding multicast sender interoperability.
•
Symptom:
–
–
Note
Case 1: The primary sender is using an ACNS software release earlier than ACNS 5.1.x. The backup sender is using ACNS 5.1.x software, as is the receiver.
–
–
–
Case 2: Both the primary sender and the backup sender are using ACNS 5.1.x software. The receiver is using an ACNS software release earlier than ACNS Release 5.1.x.
–
–
Case 3: Both the primary sender and the receiver are using an ACNS software release earlier than ACNS Release 5.1.x. The backup sender is using ACNS 5.1 software.
–
–
–
Condition 2: Although you may have received a warning message from the Content Distribution Manager, you can still configure a Content Engine as a backup sender if the Content Engine is registered with a Content Distribution Manager running ACNS 5.1.x software and the Content Engine is running ACNS software earlier than ACNS Release 5.1.x. Cases 4 through 6 discuss the backup sender operating under these conditions.
Symptom: The Content Distribution Manager does not send related configuration information and configuration changes to the Content Engine running the earlier software version. This results in the the Content Engine not being able to identify itself as the multicast backup sender. This scenario might also occur if a backup sender using ACNS 5.1.x software is downgraded to an earlier software version through the Content Engine CLI.
Case 4: Both the primary sender and the backup sender are using an ACNS software release earlier than ACNS Release 5.1.x. The receiver is running ACNS 5.1 software.
–
–
Case 5: The primary sender and the receiver are using ACNS 5.1 software. The backup sender is using an ACNS software release earlier than ACNS Release 5.1.x.
–
–
Case 6: The primary sender is using ACNS 5.1.x software. Both the backup sender and the receiver are using an ACNS software release earlier than ACNS Release 5.1.x.
–
–
Condition 3: The Content Distribution Manager is using an ACNS software release earlier than ACNS Release 5.1.x. In software releases earlier than ACNS Release 5.1.x, only one sender is configurable for each multicast cloud.
Case 7: The sender is using ACNS 5.1.x software. The receiver is using a software release earlier than ACNS Release 5.1.x.
The sender behaves like a primary sender running ACNS 5.1.x software. That is, it sends the first round of content without requiring a NACK to trigger the carousel pass. However, the sender is unable to continue making carousel passes because the receiver is unable to send NACKs.
Case 8: Both the sender and the receiver are using ACNS 5.1.x software.
The sender is able to perform carousel passes and the receiver is able to send NACKs for missing content; however, there is no support for a backup sender or for configuring the NACK interval multiplier.
Case 9: The sender is using an ACNS software release earlier than ACNS Release 5.1.x. The receiver is using ACNS 5.1.x software.
–
–
Workaround for Cases 1 through 9: Upgrade both senders and receivers to ACNS 5.1.x software. Upgrade the sender first, and then upgrade the receivers.
Workarounds for Case 7 only:
–
–
FTP Caching Support
This documentation update applies to the following three ACNS 5.1 software guides unless otherwise stated:
•
•
•
A Content Engine that is running ACNS 5.1 software can be configured for FTP caching in either of the following two usage modes:
•
•
In both of these usage modes, the Content Engine uses the FTP protocol to retrieve and locally cache the content of the FTP requests. These two usage modes differ in the protocol used by the client to issue the FTP request. In FTP-over-HTTP mode, clients use their browsers (the HTTP protocol) to issue FTP requests. In native FTP mode, clients use the native FTP protocol to issue FTP requests, as shown in the following example:
ContentEngine# ftp server.cisco.com
Note
Native FTP requests are logged in the HTTP transaction log on the Content Engine.
FTP-over-HTTP Caching Support
The ACNS 5.1 software supports proxying and caching of FTP URL client requests using proxy-mode HTTP requests when URLs specify the FTP protocol (for example, ftp://ftp.mycompany.com/ftpdir/ftp_file). For instance, the following is an example of an FTP-over-HTTP request that allows the end user to use a browser to access public files from an FTP server:
ftp://ftp.funet.fi/pub/cbm/crossplatform/converters/unix/For these requests, the client uses HTTP as the transport protocol with the Content Engine, whereas the Content Engine uses FTP with the FTP server. When the Content Engine receives an FTP request from the web client, it first looks in its cache. If the object is not in its cache, it fetches the object from an upstream FTP proxy server (if one is configured), or directly from the origin FTP server.
The FTP proxy supports anonymous as well as authenticated FTP requests. Only base64 encoding is supported for authentication. The FTP proxy accepts all FTP URL schemes defined in RFC 1738. In the case of a URL in the form ftp://user@site/dir/file, the proxy sends back an authentication failure reply and the browser supplies a popup window for the user to enter login information.
The FTP proxy supports commonly used MIME types, attaches the corresponding header to the client, chooses the appropriate transfer type (binary or ASCII), and enables the browser to open the FTP file with the configured application. For unknown file types, the proxy uses binary transfer as the default and instructs the browser to save the downloaded file instead of opening it. The FTP proxy returns a formatted directory listing to the client if the FTP server replies with a known format directory listing. The formatted directory listing has full information about the file or directory and provides the ability for users to choose the download transfer type.
Native FTP Caching Support
On page 2-8 of the Cisco ACNS Caching and Streaming Configuration Guide, Release 5.1, and on page 2-120 ("Usage Guidelines") of the Cisco ACNS Software Command Reference, Release 5.1 publication, replace the information about native FTP caching with the following information.
The Content Engine operating as an FTP proxy supports passive and active mode for fetching files and directories. In native FTP caching mode, if the ftp proxy active-mode enable global configuration command is used, then the Content Engine uses the same mode with the FTP server for the data connection as the client used to reach the Content Engine, which can be either active or passive. If the ftp proxy active-mode enable command is not used, the Content Engine uses passive mode with the FTP server for the data connection.
As the following partial output of the show ftp command shows, if you have used the ftp proxy active-mode enable command, the Content Engine (the nontransparent proxy server that is functioning as a native FTP proxy server) adheres to the client's mode (active or passive):
•
•
ContentEngine# show ftpFTP Configuration-----------------WCCP FTP service status: ENABLEDMaximum size of a FTP cacheable object: 204800 KBytesFTP data connection mode with Server: Adhere to Client's mode (active or passive)Note that the format of the URL that the Content Engine (nontransparent proxy server that is functioning as a native FTP proxy server) creates for a native FTP request depends on the FTP login name and the transfer mode (binary or ACSII file transfer mode).
•
•
ftp://*user*:*password*@10.100.200.5/home/myhome/mybinfile.obj;type=iThe URL for an "anonymous" user login and an ACSII file transfer mode will not have any fields embedded in the URL, as shown in the following example:
ftp://10.100.200.5/home/myhome/mytextfile.txtThe following two examples demonstrate the use of native FTP with a Content Engine. In the first example, the user logs in with an actual username name ("huff") and is able to retrieve the requested file (test.c) from the FTP server. Note that in this case, the current directory for the user named "huff" is "/home/huff."
ContentEngine# ftp server.cisco.comConnected to server.cisco.com.220 server.cisco.com FTP server (Version wu-2.6.0(1) Mon Feb 28 10:30:36 EST 2000) ready.Name (server:huff): huff331 Password required for myserver.Password:230 User huff logged in.Remote system type is UNIX.Using binary mode to transfer files.ftp> pwd257 "/home/huff" is current directory.ftp> get /tmp/test.c200 PORT command successful.150 Opening BINARY mode data connection for /tmp/test.c (645 bytes).226 Transfer complete.645 bytes received in 0.00077 seconds (8.2e+02 Kbytes/s)ftp> quitContentEngine#In the second example (shown below), the user logs in as an anonymous user and cannot retrieve the requested file (test.c) because the file is not located in the document root directory of the FTP server ("/"), which is the current directory for any anonymous user.
ContentEngine# ftp server.cisco.comConnected to server.cisco.com.220 server.cisco.com FTP server (Version wu-2.6.0(1) Mon Feb 28 10:30:36 EST 2000) ready.Name (server:huff): anonymous331 Guest login ok, send your complete e-mail address as password.Password: test@cisco.com230 Guest login ok, access restrictions apply.Remote system type is UNIX.Using binary mode to transfer files.ftp> pwd257 "/" is current directory.ftp>ftp> passivePassive mode onftp> get(remote-file) /tmp/test.c(local-file) test.clocal: test.c remote: /tmp/test.c227 Entering Passive Mode (172.31.255.255)550 /tmp/test.c: No such file or directory.ftp>ContentEngine#In ACNS 5.1 software, the wccp ftp router-list-number and wccp ftp mask global configuration commands were added to support native FTP caching on a Content Engine that is operating in transparent proxy mode.
The wccp ftp command is used to configure the WCCP interception of FTP protocol traffic from FTP clients to FTP servers.
ContentEngine(config)# wccp ftp ?mask Specify mask used for CE assignmentrouter-list-num Router list numberContentEngine(config)# wccp ftp mask ?dst-ip-mask Specify sub-mask used in packet destination-IP addresssrc-ip-mask Specify sub-mask used in packet source-IP addressContentEngine(config)# wccp ftp router-list-num ?<1-8> Router List NumberThe following example shows how to configure native FTP caching on a WCCP Version 2 router:
1.
Router(config)# ip wccp 602.
Router(config)# interface type number3.
Router(config-if)# ip wccp 60 redirect out
The associated show wccp services EXEC command was modified in ACNS software, Release 5.1 to show the configuration information associated with the FTP proxy.
ContentEngine# show wccp servicesServices configured on this Content EngineWeb CacheCustom Web CacheFTP CacheRTSPThe show wccp modules EXEC command was modified in ACNS software, Release 5.1 to include an entry for the FTP caching service:
ContentEngine# show wccp modulesModules registered with WCCP on this Content EngineModule Socket Expire(sec) Name Supported Services------ ------ ----------- --------------- ------------------5 6 3 FTP Proxy FTP Cache1 7 3 RTSP Proxy RTSP0 8 3 HTTP Proxy Web CacheReverse ProxyCustom Web CacheWCCPv2 Service 90WCCPv2 Service 91WCCPv2 Service 92WCCPv2 Service 93WCCPv2 Service 94WCCPv2 Service 95WCCPv2 Service 96WCCPv2 Service 97ContentEngine# show wccp masks ?custom-web-cache Custom web caching serviceftp FTP Proxy caching servicereverse-proxy Reverse Proxy web caching servicertsp Media caching serviceweb-cache Standard web caching serviceFor more information about these commands, refer to the Cisco ACNS Software Command Reference, Release 5.1.
Restrictions Regarding Native FTP Caching in ACNS 5.1 and 5.1.x Software
Restrictions regarding native FTP caching support in ACNS 5.1 and 5.1.x software are:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
FTP Caching Support in the Cisco ACNS Caching and Streaming Configuration Guide, Release 5.1
Updates to the Cisco ACNS Caching and Streaming Configuration Guide, Release 5.1 regarding FTP caching support are:
•
•
•
•
The ftp proxy active-mode global configuration command applies to FTP (native FTP) caching as well as to FTP-over-HTTP caching.
–
–
•
•
ContentEngine# show ftpFTP over HTTP Configuration---------------------------FTP heuristic age-multipliers: directory-listing 30% file 60%Maximum time to live in days: directory-listing 3 file 7Minimum time to live for all objects in minutes: 30Incoming Proxy-Mode:Configured Proxy mode FTP connections on ports: 80 8080Outgoing Proxy-Mode:Not using outgoing proxy mode.Active mode of FTP transfer is enabledMaximum size of a FTP cacheable object is 204800 KBytesNo object is revalidated on each requestFTP Configuration-----------------WCCP FTP service status: ENABLEDMaximum size of a FTP cacheable object: 204800 KBytesFTP data connection mode with Server: Adhere to Client's mode (active or passive)•
0
Web caching
53
DNS caching
60
FTP caching
80
RTSP
81
MMST
82
MMSU
90-97
User-configurable
98
Custom web caching
99
Reverse proxy web caching
•
1.
Router(config)# ip wccp 602.
Router(config)# interface type number3.
Router(config-if)# ip wccp 60 redirect outFTP Caching Support in the Cisco ACNS Software Command Reference, Release 5.1 Publication
Updates to the Cisco ACNS Software Command Reference, Release 5.1 publication regarding FTP caching support are:
•
•
The ftp proxy active-mode command applies to FTP (native FTP) caching as well as FTP-over-HTTP caching.
–
–
•
•
ContentEngine# show ftpFTP over HTTP Configuration---------------------------FTP heuristic age-multipliers: directory-listing 30% file 60%Maximum time to live in days: directory-listing 3 file 7Minimum time to live for all objects in minutes: 30Incoming Proxy-Mode:Configured Proxy mode FTP connections on ports: 80 8080Outgoing Proxy-Mode:Not using outgoing proxy mode.Active mode of FTP transfer is enabledMaximum size of a FTP cacheable object is 204800 KBytesNo object is revalidated on each requestFTP Configuration-----------------WCCP FTP service status: ENABLEDMaximum size of a FTP cacheable object: 204800 KBytesFTP data connection mode with Server: Adhere to Client's mode (active or passive)•
ContentEngine# show wccp servicesServices configured on this Content EngineWeb CacheCustom Web CacheFTP CacheRTSP•
ContentEngine# show wccp routersRouter Information for Service: FTP CacheRouters Configured and Seeing this Content Engine(1)Router Id Sent To Recv ID0.0.0.0 10.1.94.1 00000000Routers not Seeing this Content Engine10.1.94.1Routers Notified of but not Configured-NONE-Multicast Addresses Configured-NONE-•
Note
•
Group-Type Patterns in Rule Pattern Lists
A group-type pattern is one of the types of rule patterns that you can add to a pattern list. The default operation for the group-type pattern is an OR operation.
In the "List of Rule Patterns" section on page 14-4 of the Cisco ACNS Caching and Streaming Configuration Guide, Release 5.1, replace the syntax description for the group-type pattern with the following description:
In the "Patterns" section on page 2-281 of the Cisco ACNS Software Command Reference, Release 5.1 publication, replace the bulleted description for the group-type pattern with the following description:
•
SmartFilter Software and the rule action no-auth Command Rule Interaction
This documentation update applies to the following three ACNS 5.1 software guides:
•
•
•
The rule action no-auth global configuration command permits specific login and content requests to bypass authentication and authorization features such as LDAP, RADIUS, SSH, or TACACS+. In the following example, any requests from the source IP address (src-ip) 172.16.53.88 are not authenticated.
ContentEngine(config)# rule enableContentEngine(config)# rule action no-auth pattern-list 1 protocol allContentEngine(config)# rule pattern-list 1 src-ip 172.16.53.88 255.255.255.255If ACNS 5.1 software is configured for authentication and SmartFilter URL filtering, requests that are allowed to bypass authentication will also bypass the SmartFilter URL filter.
Bandwidth Configuration for Interfaces and Content Services
On page 3-19 of the Cisco ACNS Caching and Streaming Configuration Guide, Release 5.1, the tip states that Gigabit Ethernet interfaces run only at 1000 Mbps. This restriction only applies to a Content Engine CE-7320 model that has an optical Gigabit Ethernet interface; the speed of this interface cannot be changed.
For newer models of the Content Engine (for example, the CE-510, CE-565, CE-7305, and CE-7325) that have a Gigabit Ethernet interface over copper, this restriction does not apply; you can configure these Gigabit Ethernet interfaces to run at 10, 100, or 1000 Mbps. Note that on these newer Content Engine models, the 1000 Mbps setting implies autosense (for example, you cannot configure the Gigabit Ethernet interface to run at 1000 Mbps and half duplex). The ACNS 5.x software automatically enables autosense if the speed is set to 1000 Mbps.
pace Command
The pace global configuration command is no longer supported as a separate command in ACNS software, Release 5.1 and later. The functions of the pace command have been incorporated into the bitrate and bandwidth global configuration commands.
Updates to the Cisco ACNS Software Command Reference, Release 5.1 publication are as follows:
•
•
Note
•
pre-load Command
In the pre-load url-list-file path global configuration command, the value for path can be a URL as well as a local file path.
In the Cisco ACNS Software Command Reference, Release 5.1 publication, in the "pre-load" section on page 2-238, replace the syntax description for path with the following description:
In ACNS 5.1.5 software, the pre-load depth-level-default command was enhanced to support 0 as a preload depth level. Setting the depth level default to 0 would be useful if you have specified URLs in preload.txt files and you do not want the Content Engine to try to preload other URLs.
In the Cisco ACNS Software Command Reference, Release 5.1 publication, in the "pre-load" section on page 2-236, replace the syntax description for path with the following description if you are using ACNS 5.1.5 or later software:
depth-level-default
Configures the default depth level.
level_number
Depth level of URL download (0-20). The default is 3.
For ACNS 5.1 or 5.1.3 software, the valid values for the preload depth level default are still 1 to 20; 0 is not supported.
NTLM Preload Support
This documentation update applies to the following ACNS 5.1 software guides:
•
•
In ACNS 5.1 software, support for preloading NTLM authenticated objects was added. This feature allows NTLM authenticated objects (authenticated objects that reside on the servers that authenticate NTLM only) to be preloaded on a Content Engine.
An entry in a URL list file has the following format:
URL [depth] [domain-name:host-name:host-domain-name]
hostname and host-domain-name can be null; however, domain name is required if NTLM credentials have been configured. (The separator is required.)
http//www.cisco.com 3 apac::If NTLM-related information is not present in the preload URL list file entry, the authentication scheme falls back to basic authentication.
To preload authenticated content on the Content Engine, you must specify the username and password in the URL list file as follows:
http://username:password@www.authenticatedsite.com/depth_level
Note
show statistics icap Command
This documentation update applies to the Cisco ACNS Software Command Reference, Release 5.1 publication.
In ACNS software, Release 5.1, the show statistics icap EXEC command was added. You can use this command to display ICAP related statistics for the Content Engine. This command has no arguments or keywords. There is no default behavior or values.
The following is an example of the output of the show statistics icap command.
ContentEngine# show statistics icapICAP-client statistics (http proxy)---------------Total requests for V1 via RPC: 0Time per ICAP request (last 1k reqs): 0ICAP daemon connection error: 0Bad packets from ICAP daemon: 0Error parsing HTTP req hdr from ICAP: 0ICAP daemon internal error: 0Total requests via outgoing proxy: 0ICAP daemon overloaded: 0Other errors: 0ICAP Daemon statistics---------------Total requests served: 0Total requests served: 0Average latency in milliseconds: 0.000000ICAP Service statistics-----------------------Service -- servforicapService Errors: 0Service Bypasses: 0Server -- icap://1.2.3.4/servforicapTotal Reqmods (0), Total Respmods (0)Modifications (Reqmod - 0), (Respmod - 0)No Modifications (Reqmod - 0), (Respmod - 0)Error Responses (Reqmod - 0), (Respmod - 0)Server Errors: 0Server Bypasses: 0Options Req Success: 0Options Req Failed: 8569Max Conn Available 0Used Connections: 0Total Bytes sent: 0Total Bytes received: 0Total BPS sent: 0.000000Total BPS received: 0.000000Server State: DISCONNECTEDContentEngine#Default Port of the Content Engine GUI
On page 12-28 of the Cisco ACNS Caching and Streaming Configuration Guide, Release 5.1, replace the tip with the following:
Tip
Playing Nonhinted IP/TV On-Demand Programs over an ACNS Network
This documentation update applies to the Cisco ACNS Software Deployment and Configuration Guide, Release 5.1.
The Cisco Streaming Engine supports only hinted files (MOV and hinted MP4 files) for streaming.
Note
If you are creating a file-based IP/TV program for streaming over an ACNS network, make sure that you use only hinted files such as those with .mov or .mp4 extensions. However, you can pre-position on-demand programs based on nonhinted files such as .mpg files on Content Engines in an ACNS network. Pre-positioned on-demand programs based on nonhinted files are not listed in the IP/TV Viewer program listings or in the web-based program guide.
To watch IP/TV on-demand programs based on nonhinted files when IP/TV is integrated with an ACNS network, use the TV-out feature of the ACNS software. For more information on enabling the TV-out feature and creating playlists, refer to Chapter 11 of the Cisco ACNS Software Deployment and Configuration Guide, Release 5.1.
Restriction on IP/TV Program Manager Configuration
This documentation update applies to the following ACNS 5.1 software guides:
•
•
If a program that you want to deliver over an ACNS network uses live multicast mode, you must use the same multicast IP address for the audio, video, and SlideCast streams.
This restriction on IP/TV Program Manager configuration does not apply if the Content Engine used for live splitting is running ACNS 5.1.5 or later software. However, this restriction still applies if the Content Engine is running ACNS 5.1.1 software, even if you are running IP/TV 5.1.5 or later software on IP/TV Program Manager.
Related Documentation
Your product shipped with a minimal set of printed documentation. The printed documentation provides enough information for you to install and initially configure your product.
Product Documentation Set
In addition to these release notes, the product documentation set includes:
•
•
Refer to the Documentation Guide for a complete documentation roadmap and URL documentation links for this product.
Hardware Documentation
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Software Documentation
•
•
•
•
•
•
•
•
Online Help
•
•
Note
The Content Distribution Manager GUI and the Content Engine GUI both have context-sensitive online help that can be accessed by clicking the HELP button.
Obtaining Documentation
Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
Cisco.com
You can access the most current Cisco documentation at this URL:
http://www.cisco.com/techsupport
You can access the Cisco website at this URL:
You can access international Cisco websites at this URL:
http://www.cisco.com/public/countries_languages.shtml
Product Documentation DVD
Cisco documentation and additional literature are available in the Product Documentation DVD package, which may have shipped with your product. The Product Documentation DVD is updated regularly and may be more current than printed documentation.
The Product Documentation DVD is a comprehensive library of technical product documentation on portable media. The DVD enables you to access multiple versions of hardware and software installation, configuration, and command guides for Cisco products and to view technical documentation in HTML. With the DVD, you have access to the same documentation that is found on the Cisco website without being connected to the Internet. Certain products also have .pdf versions of the documentation available.
The Product Documentation DVD is available as a single unit or as a subscription. Registered Cisco.com users (Cisco direct customers) can order a Product Documentation DVD (product number DOC-DOCDVD=) from the Ordering tool or Cisco Marketplace.
Cisco Ordering tool:
http://www.cisco.com/en/US/partner/ordering/
Cisco Marketplace:
http://www.cisco.com/go/marketplace/
Ordering Documentation
Beginning June 30, 2005, registered Cisco.com users may order Cisco documentation at the Product Documentation Store in the Cisco Marketplace at this URL:
http://www.cisco.com/go/marketplace/
Cisco will continue to support documentation orders using the Ordering tool:
•
http://www.cisco.com/en/US/partner/ordering/
•
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
•
Documentation Feedback
You can rate and provide feedback about Cisco technical documents by completing the online feedback form that appears with the technical documents on Cisco.com.
You can send comments about Cisco documentation to bug-doc@cisco.com.
You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate your comments.
Cisco Product Security Overview
Cisco provides a free online Security Vulnerability Policy portal at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
From this site, you can perform these tasks:
•
•
•
A current list of security advisories and notices for Cisco products is available at this URL:
If you prefer to see advisories and notices as they are updated in real time, you can access a Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed from this URL:
http://www.cisco.com/en/US/products/products_psirt_rss_feed.html
Reporting Security Problems in Cisco Products
Cisco is committed to delivering secure products. We test our products internally before we release them, and we strive to correct all vulnerabilities quickly. If you think that you might have identified a vulnerability in a Cisco product, contact PSIRT:
•
An emergency is either a condition in which a system is under active attack or a condition for which a severe and urgent security vulnerability should be reported. All other conditions are considered nonemergencies.
•
In an emergency, you can also reach PSIRT by telephone:
•
•
Tip
Never use a revoked or an expired encryption key. The correct public key to use in your correspondence with PSIRT is the one linked in the Contact Summary section of the Security Vulnerability Policy page at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.htm
The link on this page has the current PGP key ID in use.
Obtaining Technical Assistance
Cisco Technical Support provides 24-hour-a-day award-winning technical assistance. The Cisco Technical Support & Documentation website on Cisco.com features extensive online support resources. In addition, if you have a valid Cisco service contract, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not have a valid Cisco service contract, contact your reseller.
Cisco Technical Support & Documentation Website
The Cisco Technical Support & Documentation website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, at this URL:
http://www.cisco.com/techsupport
Access to all tools on the Cisco Technical Support & Documentation website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:
http://tools.cisco.com/RPF/register/register.do
Note
Submitting a Service Request
Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool provides recommended solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco engineer. The TAC Service Request Tool is located at this URL:
http://www.cisco.com/techsupport/servicerequest
For S1 or S2 service requests or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.
To open a service request by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447For a complete list of Cisco TAC contacts, go to this URL:
http://www.cisco.com/techsupport/contacts
Definitions of Service Request Severity
To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.
Severity 1 (S1)—Your network is "down," or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.
Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.
Severity 3 (S3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.
Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
•
http://www.cisco.com/go/marketplace/
•
•
•
http://www.cisco.com/go/iqmagazine
or view the digital edition at this URL:
http://ciscoiq.texterity.com/ciscoiq/sample/
•
•
http://www.cisco.com/en/US/products/index.html
•
http://www.cisco.com/discuss/networking
•
http://www.cisco.com/en/US/learning/index.html
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R)
