|
These release notes provide information about Cisco IOS software Release 12.0(25)SX3 for the Cisco 10000 series router. These release notes are updated as needed to describe new features, memory requirements, hardware support, software platform deferrals, and changes to the microcode and related documents.
Cisco IOS Release 12.0(25)SX3 is based on Cisco IOS Release 12.0(25)S. The Cisco 10000 router supports a subset of the new features in Cisco IOS Release 12.0(25)S. For more information, see the "New Features—Cisco IOS Release 12.0(25)S" section. This section lists the features supported on the Cisco 10000 router.
To view the release notes for the following Cisco IOS software releases, go to the following URLs:
http://www.cisco.com/univercd/cc/td/doc/product/aggr/10000/10krn/120sx/index.htm
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/relnote/xprn120s/index.htm
These release notes contain the following sections:
Cisco routers and switches that are running Cisco IOS software and that are configured to process Internet Protocol Version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device might cause the input interface to stop processing traffic when the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices that are running only IP Version 6 (IPv6) are not affected. A workaround is available.
To correct the problem, Cisco has made software available free of charge. For more information, refer to the Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet , located at the following URL:
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
This release requires that you have the performance routing engine (PRE), part number ESR-PRE1 installed in the Cisco 10000 router chassis. To verify which PRE is installed in the router, use the show version command.
The following table lists memory requirements for the Cisco 10000 router:
For specific information about upgrading your Cisco 10000 series router to a new software release, refer to the C isco 10000 Series Router Software Configuration Guide located at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/aggr/10000/config/10ksw/index.htm
For general information about how to upgrade to a new software release, refer to the product bulletin Cisco IOS Upgrade Ordering Instructions located at the following URL:
http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/957_pp.htm
For information about how to order Cisco IOS software, refer to the Cisco IOS Software Releases located at the following URL:
http://www.cisco.com/warp/public/cc/pd/iosw/iore/index.shtm
If you are upgrading your software from Cisco IOS Release 12.0(14)SL or from earlier releases based on Cisco IOS Release 12.0(x)SL to Cisco IOS Release 12.0(25)SX3, save your current configuration file. If you decide to reinstall Cisco IOS Release 12.0(14)SL or an earlier release, you must also reinstall the configuration file associated with that release because some Border Gateway Protocol (BGP) configuration file entries in Cisco IOS Release 12.0(25)SX3 are not compatible with Cisco IOS Release 12.0(14)SL or earlier releases.
When you upgrade software on redundant Cisco 10000 router performance routing engines (PREs), be sure to download the software to both the active PRE and the standby PRE before you reload both PREs. For more information, refer to the "Upgrading Software on Redundant PREs" section at the following URL. This section is in the "System Startup and Basic Configuration Tasks" chapter of the Cisco 10000 Series Router Software Configuration Guide.
http://www.cisco.com/univercd/cc/td/doc/product/aggr/10000/config/10ksw/startos.htm#1035847
The procedure included in the "Upgrading Software on Redundant PREs" section instructs you to tell the Cisco 10000 router the location in which the new boot image resides. Be sure to specify c10k-p10-mz instead of the c10k-p6-mz image name indicated in the documentation.
Cisco IOS Release 12.0(25)SX3 contains no new features, but includes all of the new features and performance enhancements introduced in Cisco IOS Release 12.0(25)SX1 and Cisco IOS Release 12.0(25)SX, which is based on Cisco IOS Release 12.0(25)S.
For more information, see the following sections in this document:
Cisco IOS Release 12.0(25)SX1 provides the following performance enhancements, but contains no new features.
This release improves the performance of the VTMS Link Utilization feature. The default queue size is based on link bandwidth instead of queue bandwidth as in previous releases.
The QA Error Recovery feature enables the router to recover quickly from problems known as QAERRORs, which can be caused by hardware or software issues. When a QAERROR occurs, the router might stop responding while it tries to recover from the problem. QA error recovery reduces the router down time to as little as one second. Previously, a fully loaded router might be down for up to five minutes (300 seconds).
The QA error recovery feature is enabled by default. To disable the feature, issue the following command:
When QA error recovery is successful, the router displays a console message indicating success. In addition, the show controllers cbus command indicates the number of QAERROR recoveries.
The following sample console messages show an occurrence of a QAERROR and the router's recovery from the error. The router might display additional messages during error recovery (which can help service technicians diagnose the cause of the problem).
The following example shows QA error recovery information in show controllers cbus command output:
Cisco IOS Release 12.0(25)SX introduces support on the Cisco 10000 series router for the following features:
The Policy-Map Scaling feature increases the system-wide number of quality of service (QoS) policy maps that you can configure. In Cisco IOS Release 12.0(25)SX, the Cisco 10000 router supports up to 4,096 policy maps. Each policy-map command counts as one policy map. The policy-map command syntax is unchanged. The maximum number of classes that you can configure in a policy is 32 classes.
The Percent-Based Policing feature enables you to specify the police rate as a percentage of the bandwidth of the network interface on which policing is applied. To specify the police rate as a percentage, use the percent percent option of the police command:
The percent argument is a value from 1 to 100 and is required when you use the percent keyword.
When you use a percent-based police command within a nested policy, the police percent is based on the policy's topmost, class-default, shape rate. Otherwise, the police percent is based on the bandwidth of the network interface on which the police command is applied.
For more information, refer to the "Defining QoS Policies" section of the "Creating Service Policies" chapter in the Cisco 10000 Series Router Quality of Service Configuration Guide .
The Random Early Detection (RED) with Queue-Limit feature expands your ability to customize the size of a RED queue. In Cisco IOS Release 12.0(25)SX, you can simultaneously use the queue-limit and random-detect commands in the same class of a policy.
For more information, refer to the "Defining QoS Policies" section of the "Creating Service Policies" chapter in the Cisco 10000 Series Router Quality of Service Configuration Guide .
The Enhanced RED Statistics feature maintains RED drop statistics for each IP precedence or differentiated services code point (DSCP) value.
Note In releases earlier than Cisco 12.0(25)SX, RED drop counts were maintained only for each class. |
For more information, refer to the "Displaying Enhanced RED Statistics" section of the "Monitoring and Maintaining Quality of Service" chapter in the Cisco 10000 Series Router Quality of Service Configuration Guide.
The 3-Level Policies feature increases the hierarchical levels of a nested QoS policy from two to three levels. A 3-level policy is typically used to define the transmission capacity of a virtual circuit in the top level, class-based queuing at the middle level, and marking or metering in the bottom level.
The service-policy command configured inside a policy map is used to define a hierarchical policy. The syntax of the command is unchanged. You can use the service-policy command in the top and middle levels of a 3-level policy.
For more information, refer to the "Defining QoS Policies" section of the "Creating Service Policies" chapter in the Cisco 10000 Series Router Quality of Service Configuration Guide .
The Virtual Circuit (VC) Oversubscription feature enables service providers to improve network utilization of otherwise underutilized shared networks by leveraging statistical multiplexing on ATM, Frame Relay, and IEEE 802.1Q networks. Instead of supporting only unconditional reservation of network bandwidth to VCs, the Cisco 10000 router offers VC oversubscription to statistically guarantee bandwidth to VCs.
To configure VC oversubscription for Frame Relay and IEEE 802.1Q, use the service-policy command. You can optionally use the service-policy class configuration command, creating a nested policy to manage traffic within a virtual circuit. For this reason, the term Nested Policy-Map Oversubscription is sometimes used to refer to VC Oversubscription.
To enable oversubscription of ATM VCs, you must configure the following interface configuration command in service-internal mode:
Note You do not need to use the service-policy command to specify the ATM VC oversubscription, because a variable bit rate (VBR) ATM VC uses sustained cell rate (SCR) to define the VC's average transmission rate. |
For more information, refer to the "Defining QoS Policies" section of the "Creating Service Policies" chapter in the Cisco 10000 Series Router Quality of Service Configuration Guide .
The External Border Gateway Protocol (EBGP) Label Distribution feature enables you to configure a carrier supporting carrier network that uses BGP to distribute routes and MPLS labels between the provider edge (PE) and customer edge (CE) routers of a backbone carrier and a customer carrier. The backbone carrier offers BGP and MPLS VPN services. The customer carrier can be one of the following:
For information on how to use BGP to distribute MPLS labels and routes for both types of customer carrier, refer to the MPLS VPN Carrier Supporting Carrier —IPv4 BGP Label Distribution, Release 12.0(21)ST feature module and the Inter-Autonomous Systems for MPLS VPNs , Release 12.1(5)T feature module.
The following is a brief list of the new features in Cisco IOS Release 12.0(25)S on which Cisco IOS Release 12.0(25)SX is based. Only new features that are supported by the Cisco 10000 router are listed here. New features for other platforms (such as the Cisco 12000 series router) are not listed.
Introduced on the Cisco 10000 router in Cisco IOS Release 12.0(23)SX, the Link Fragmentation and Interleaving (LFI) feature reduces delay and jitter on slower-speed links by breaking up large datagrams and interleaving low-delay traffic packets (such as voice) with the smaller packets resulting from the fragmented datagram. The feature supports Frame Relay (FRF.12) end-to-end and Multilink PPP (MLPPP).
Introduced on the Cisco 10000 router in Cisco IOS Release 12.0(23)SX, the single rate 3-Color Marker feature meters an IP packet stream and marks its packets different colors, based on the Committed Information Rate (CIR) and two associated burst sizes: Committed Burst Size (CBS) and Excess Burst Size (EBS). This feature is useful, for example, for ingress policing of a service, where service eligibility is determined only by the burst's length, and not its peak rate.
The Multicast for Multiprotocol Label-Switching (MPLS)/Virtual Private Network (VPN) feature enables service providers to offer multicast services over their MPLS core network. This feature was introduced on the Cisco 10000 router in Cisco IOS Release 12.0(23)SX.
This feature enables you to limit the number of routes that can be redistributed into the Open Shortest Path First (OSPF) protocol. The feature helps to eliminate the potential for flooding that might occur when a large number of routes are accidentally redistributed into OSPF.
This feature enables you to limit the number of routes that can be redistributed into the Intermediate System-to-Intermediate System (IS-IS) protocol. This feature helps to eliminate the potential for flooding that might occur when a large number of routes are accidentally redistributed into IS-IS.
This feature enables you to slow down the rate at which the Open Shortest Path First (OSPF) protocol sends Link State Advertisement (LSA) updates during periods of network instability. This feature uses a back-off algorithm to perform the LSA throttling.
The following limitations and restrictions apply to the Cisco 10000 router 3-Level Policies feature:
Note The actual shape rate applied to nested-policy traffic might differ from that specified in the policy. For example, a specified shape rate of 10.5 Mbps might be mapped to 11 Mbps. Use the command show policy-map interface to determine the actual shape rate. |
Ensure that the Fast Ethernet NME port on the PRE is configured for auto-negotiation mode, which is the system default. Duplex mode can cause problems, such as flapping. If the port is experiencing such problems and has been configured for duplex mode, use the no half-duplex or no full-duplex command to disable duplex mode.
It is important that you limit the rate that system messages are logged by the Cisco 10000 router. This helps to avoid a situation in which the router becomes unstable and the CPU is overloaded. To control the output of messages from the system, use the logging rate-limit command.
Cisco recommends that you configure the logging rate-limit command as follows. This limits the rate of all messages to the console to 10 per second, except for messages with critical priority (level 3) or greater.
For more information, refer to the logging rate-limit command in the C isco IOS Configuration Fundamentals and Network Management Command Reference, Release 12.3.
The following limitations apply to the Cisco 10000 router implementation of Frame Relay:
Cisco IOS software running on the Cisco 10000 series router has multiple queues for all classes of traffic over high-speed interfaces. The software selects a queue based on the source and destination address for the packet. This ensures that a traffic flow always uses the same queue and the packets are transmitted in proper order.
When the Cisco 10000 series router is installed in a real network, the high-speed interfaces work efficiently to spread traffic flow equally over the queues. However, using single traffic streams in a laboratory environment may result in less-than-expected performance.
Therefore, to ensure accurate test results, you should test the throughput of the gigabit Ethernet, Packet over SONET (POS), or ATM uplink with multiple source or destination addresses.
Tip To determine if traffic is being properly distributed, use the show hardware pxf cpu queue command. |
Table 1 describes the caveats that are open in Cisco IOS Release 12.0(25)SX3.
Table 1 Open Caveats in Cisco IOS Release 12.0(25)SX23
This section describes caveats that were fixed in Cisco IOS Release 12.0(25)SX3.
For information about caveats fixed in other Cisco IOS releases, refer to the appropriate Release Note document at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/aggr/10000/10krn/index.htm
In a network configured to carry multicast over VPN (MVPN) traffic, excessive multicast control traffic might occur due to the use of the mtrace command by VPN customers. The mtrace packets loop over the default Multicast Distribution Tree (MDT), causing a traffic storm. This storm might cause a performance degradation on some routers. The Cisco 10000 router might fail under extremely heavy traffic storms. To stop mtrace packets from entering the network core, use access control lists on the customer edge (CE) interfaces.
If a routing loop is present in the network, a similar condition might occur in regular multicast (for example, without MVPN configured).
(Duplicate of CSCeb15624) A 1-port channelized OC-12 POS line card and a 4-port channelized STM1-1 line card would reset every 10 minutes with the following errors:
This occurred because the line cards were using improper FPGA firmware files for building images. This has been fixed.
Cisco provides several ways to obtain documentation, technical assistance, and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
You can access the most current Cisco documentation on the World Wide Web at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
International Cisco web sites can be accessed from this URL:
http://www.cisco.com/public/countries_languages.shtml
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may have shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.
Registered Cisco.com users can order the Documentation CD-ROM (product number DOC-CONDOCCD=) through the online Subscription Store:
http://www.cisco.com/go/subscription
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
http://www.cisco.com/en/US/partner/ordering/index.shtml
http://www.cisco.com/go/subscription
You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click Feedback at the top of the page.
You can e-mail your comments to bug-doc@cisco.com.
You can submit your comments by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883
Cisco provides Cisco.com, which includes the Cisco Technical Assistance Center (TAC) Website, as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from the Cisco TAC website. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC website, including TAC tools and utilities.
Cisco.com offers a suite of interactive, networked services that let you access Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world. Cisco.com provides a broad range of features and services to help you with these tasks:
To obtain customized information and service, you can self-register on Cisco.com at this URL:
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two levels of support are available: the Cisco TAC website and the Cisco TAC Escalation Center. The avenue of support that you choose depends on the priority of the problem and the conditions stated in service contracts, when applicable.
We categorize Cisco TAC inquiries according to urgency:
You can use the Cisco TAC website to resolve P3 and P4 issues yourself, saving cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software:
All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC website. Some services on the Cisco TAC website require a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register:
http://tools.cisco.com/RPF/register/register.do
If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC website, you can open a case online at this URL:
http://www.cisco.com/en/US/support/index.html
If you have Internet access, we recommend that you open P3 and P4 cases through the Cisco TAC website so that you can describe the situation in your own words and attach any necessary files.
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before you call, check with your network operations center to determine the level of Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, have your service agreement number and your product serial number available.
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
http://www.cisco.com/en/US/products/products_catalog_links_launch.html
http://www.cisco.com/go/packet
http://www.cisco.com/go/iqmagazine
http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html
http://www.cisco.com/en/US/learning/le31/learning_recommended_training_list.html
CCIP, CCSP, the Cisco Arrow logo, the Cisco Powered Network mark, Cisco Unity, Follow Me Browsing, FormShare, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, MGX, MICA, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, Stratm, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0304R)
Copyright © 2003, Cisco Systems, Inc.
All rights reserved.
Posted: Fri Feb 6 15:04:55 PST 2004
All contents are Copyright © 1992--2004 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.