The Catalyst 8540 multiservice switch router (MSR) is a 13-slot, modular chassis featuring dual, fault-tolerant, load-sharing AC or DC power supplies. The ATM switch router provides a 20-Gbps full-duplex nonblocking switch fabric with switched ATM connections to individual workstations, servers, LAN segments, or other ATM switches and routers using fiber-optic, unshielded twisted-pair (UTP), and coaxial cable.
The Catalyst 8540 CSR switch router belongs to a class of high-performance Layer 3 switch routers and is optimized for the campus LAN or the intranet. The Catalyst 8540 CSR switch router provides both wirespeed Ethernet routing and switching services.
Cisco IOS Release 12.0(20)W5(24a) and later releases require a minimum of 16 MB of contiguous boot Flash memory. The Catalyst 8540 route processor now ships by default with a 16-MB boot Flash SIMM.
Earlier releases of the Catalyst 8540 switch router shipped with an 8-MB boot Flash SIMM. The 8-MB boot Flash SIMM is not large enough to store system images for Cisco IOS software releases 12.0(4a)W5(11a) and later.
To check that your system has a 16-MB boot Flash SIMM, enter the show hardware EXEC command. The part numbers for route processors with a default 16-MB boot Flash SIMM are as follows:
73-2644-06 Rev. A0 for the Catalyst 8540 MSR
73-3775-03 Rev. A0 for the Catalyst 8540 CSR
If you have an 8-MB boot Flash SIMM, and have no additional memory installed, we recommend that you order a spare Flash PC card programmed with the latest version of the system image, part number MEM-8540M-FLC20M=.
Alternatively, you can use one of the following options to accommodate the larger image:
Option 1If you already have a Flash PC card, download the system image to the Flash PC card.
Note If you have a Smart Modular, Sharp, or Intel 2+ Flash PC card that was formatted using a Cisco IOS software release prior to 12.0(4a)W5(11a), reformat it with Cisco IOS Release 12.0(20)W5(24a) prior to downloading the image (you might need to boot the image from a TFTP server to format the PC Flash card). Do not erase the system image on the boot Flash SIMM. If the procedure fails, you will need it to recover. (See caveat CSCdm47012 later in these release notes for more information.)
Then do the following:
Enter the config-register 0x2102 global configuration command to change the configuration register to boot from the Flash PC card, instead of booting from the system-code SIMM (default).
Note If you have a redundant route processor configuration, you need ROMMON image 12.0(4.6)W5(13) or
later. See caveats CSCdm81581,
CSCdm54297, and
CSCdm43664, which are described later
in these release notes, for more information.
Enter the boot system slot0:filename global configuration command to specify the system image to boot on the Flash PC card.
Enter the copy system:running-config nvram:startup-config privileged EXEC command to save the configuration changes to NVRAM.
An example follows:
Switch(config)# config-register 0x2102
EHSA:Syncing confreg: 256 to secondary
Switch(config)# boot system slot0:cat8540m-wp-mz.120-4a.W5.11a
Switch(config)# end
Switch# copy running-config startup-config
Option 2Download the system image to a TFTP server and boot the system image from the TFTP server. Enter the boot system tftpfilenameip-address global configuration command to boot the system image from the TFTP server, instead of booting from the system-code SIMM (default).
An example follows:
Switch(config)# boot system tftp cat8540m-wp-mz.120-4a.W5.11a172.20.52.3
Note You can boot only the primary route processor from a TFTP server, not the secondary.
Note The boot ROM on the Catalyst 8540 can be field-upgraded via the reprogram command. For more
information about upgrading the boot ROM, see the
ATM Switch Router Command Reference.
For more information about downloading system images and changing the default boot image, refer to the "File Management" chapter of the Configuration Fundamentals Configuration Guide in the Cisco IOS software documentation set.
Table 1 and Table 2 list the hardware modules supported on the Catalyst 8540 in the Cisco IOS Release 12.0(20)W5(24a). They also include the minimum software release requirements for the hardware.
Table 1 lists the hardware modules supported by the Catalyst 8540 MSR.
Table 2 lists the hardware modules supported by the Catalyst 8540 CSR.
Note Although minimum software versions are listed, we strongly recommend that you use the
latest available software release for all Catalyst 8540 hardware.
To determine the version of Cisco IOS software currently running on the Catalyst 8540, log into the switch and use the show version privileged EXEC command. The following sample output is from the show version command. The version number is indicated on the second line as shown below:
Cisco Internetwork Operating System Software
IOS (tm) PNNI Software (cat8540m-WP-M), Version 12.0(20)W5(24a)
Additional command output lines include more information, such as processor revision numbers, memory amounts, hardware IDs, and partition information.
Most of the port adapters and interface modules supported on the Catalyst 8540 have upgradeable FPGA and functional images. The FPGA and functional images include caveat fixes, but in most cases, it is not necessary to upgrade. The release notes that describe the caveats from the FPGA and functional images are available on the World Wide Web at the following URL:
For information describing the firmware update process, refer to the section "Maintaining Functional Images (Catalyst 8540)" in the chapter "Managing Configuration Files, System Images, and Functional Images" in the ATM Switch Router Software Configuration Guide.
The Cisco IOS Release software is packaged in feature sets (also called software images) depending on the platform. Each feature set contains a specific set of Cisco IOS features. Table 3 lists the Cisco IOS software feature sets available for the Catalyst 8540 MSR. Table 4 and Table 5 lists the Cisco IOS software feature sets available for theCatalyst 8540 CSR.
Table 6 lists the release names, versions, and part numbers used with the Catalyst 8540 MSR. Table 7 lists the release names, versions, and part numbers used with the Catalyst 8540 CSR.
This section lists new features that appear in this and previous releases of Cisco IOS Release 12.0. The new features are sorted by release number. Some releases include both platforms, others only include one platform.
The following new features are available for the Catalyst 8540 MSR in Cisco IOS Release 12.0(4a)W5(11a):
2-Port ATM Router Module
Note For additional caveats that apply to this feature, refer to the Release Notes for the Catalyst 8500 Campus Switch Router, Cisco IOS Release 12.0. See the "Open Caveats" and "Caveats Corrected" sections for Release 12.0(4a)W5(11a).
Support for all Catalyst 8540 CSR Interface Modules
This section lists the caveats and corrected caveats for each release. Use Table 8 to determine the status of a particular caveat and its relevancy to your software release for the Catalyst 8540 MSR switch router. Use Table 9 to determine the status of a particular caveat and its relevancy to your software release for the Catalyst 8540 CSR switch router. In the tables, "C" indicates a corrected caveat, and "O" indicates an open caveat.
This section contains listings of the caveats for the Cisco IOS software:
With some OC-12c single-mode fiber line modules, the link might fail after inserting the fiber cable. Make sure that the fiber cables are completely seated by pushing on the strain reliefs of the individual fibers until they click into place to complete the optical connection. In some cases, the small metal septum on the front panel of the transceiver obstructs the connection.
The maximum number of ELAN LES/BUS pairs supported is 10.
The Catalyst 8540 does not support Token Ring LANE.
The ATM router module does not support Fast Simple Server Redundancy Protocol (FSSRP).
Symptom: A high number of cells stuck in the memory buffer causes the CPU to miss the periodic poll of a certain module or interface, leading to a port stuck message. Occurrences are random and there is no predetermined sequence of events that causes this to happen.
Workaround: None.
CSCdv70086
Symptom: A Catalyst 8510 CSR might produce power supply error messages when writing to the bootflash:
kockopes#copy slot0:cat8510c-in-mz_120-18_W5_22.bin bootflash:
Destination filename [cat8510c-in-mz_120-18_W5_22.bin]?
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCCC
00:08:37: %CI-3-PSFAIL: Power supply 1 failureCCCCCCCCCCCCCCCCCCCCCCCC
00:08:40: %CI-6-PSOK: Power supply 1 OKCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
Symptom: A Catalyst 8500 switch rejects SVC video calls. After first video call is built, all other video calls are rejected, and a message similar to the following is generated when a debug atm sig-all atm x/y/z command is entered:
ATMSIG(0/0/0:11 11,35 - 0023/00):
(vcnum:0) building cause code - cause = (0x23)requested VPCI/VCI not available,
IE_cause = (0x23)requested VPCI/VCI not available, location = Private Network 1d02h:
ATMSIG(0/0/0:11 11,35 - 0023/00):
(vcnum:0) Output Release Complete msg, Call Initiated(N1) state 1d02h: SIG->CC: Svc
Event Release Completed, State Dead 1d02h:
ATMSIG(0/0/0:11 11,35 - 0023/00): (vcnum:0) Call Initiated(N1) -> Dead
Workaround: Upgrade the 8500 switches to Cisco IOS Release 12.1(7a)EY.
Symptom: A crash occurs while configuring Bridge Group Virtual Interface (BVI)/Enhanced Interior Gateway Routing Protocol (EIGRP), or while powering off the redundant power supply.
Symptom: When running Cisco IOS Release 12.0(18)W5(22) on a Catalyst 8540 MSR, or on a LightStream 1010, interoperability problems occur when peers run an older IOS version, and tunnels and SVC/Soft VCs are used.
Workaround: Upgrade all switches to the most current IOS release.
Symptom: When a Catalyst 8540 MSR system has a large number of inverse multiplexing over ATM (IMA) port adapter modules, a message similar to the following is generated:
-Process= "IMAPAM Onesec", ipl= 6, pid= 70
-Traceback= 600D8280 600D8644 6049F928 600C03CC 600C03B8
%SCHED-3-THRASHING: Process thrashing on watched message event.
Symptom: A Catalyst 8540 MSR and Catalyst 8510 MSR connected via 8-port inverse multiplexing over ATM (IMA) port adapter modules change clocking configuration after the T1 interfaces bounce, resulting in a loss of synchronous clocking over the T1 IMA links. If synchronous clocking is required for circuit emulation service (CES), the CES circuit might report overruns or underruns.
Workaround: The Catalyst 8540 MSR and Catalyst 8510 MSR can be reloaded to return the clocking configuration to the original values. The T1 interfaces can be removed from the IMA group, and then can be added back and bounced. The txtiming values under the show controllers will change back to 0x2 and synchronous clocking is restored.
Symptom: The Management Information Base (MIB) object "ifAdminStatus" shows "UP" for an ADMIN DOWN E1 Controller after a reload or a route processor switchover.
Workaround: Enter the no shutdown/shutdown command sequence on the controller.
Symptom: When Frame Relay ATM Soft-VC is set up in Frame Relay/ATM Network Interworking (FRF.5), the usage parameter control (UPC) on the passive side always sets to PASS, irrespective of the setting on the serial interface that is set by entering the frame-relay upc-intent tag-drop command. The default is PASS; when this is changed to tag-drop, the configuration does not reflect the change, and entering the show vc int serial command always shows the UPC intent as PASS.
Symptom: When the shutdown/no shutdown command sequence is entered for a port in a CES card, a burst of bit errors can be observed on the circuit on some other port of the same port adapter.
Symptom: When an E1 IMA (inverse multiplexing over ATM) adapter is inserted into a chassis in which several other IMA adapters have already been added, the clock cannot be derived from the network.
Symptom: Some point-to-multipoint crossconnnect entries are missing from the atmVcCrossConnectTable when the point-to-multipoint root if-index is higher than the if-index of the leaves.
Symptom: During TagVC installation, if the switch driver returns an error, the Connection Manager leaves the TagVC in the wrong FSM state. This can lead to TVCs existing on an interface when there are no tag bindings.
Workaround: None; reload the switch to clear such unused TVCs.
Symptom: When running Cisco IOS Release 12.0(13)W05(19), a bus error causes the system to restart. This occurs when an 8-port Gigabit Ethernet card with control traffic is at or near its traffic capacity.
Symptom: When a Catalyst 8540 with a network clock module is connected to an external clock supply, changing the clock supply from BITS 0 to system causes the system to crash.
Symptom: After reloading core switches, all neighboring switches running 12.0(16)W6(21) and 12.0(16)W6(21a) crash and a message similar to the following is generated:
Jul 14 02:48:23: %ATMSIG-3-FAILXCONN: Xconnect failed, xconn fail -Traceback= 6054A204
6054C0A0 60556188 60545538 6054561C 6009930C 600992F8 Jul 14 02:48:23: ATMSIG(9/1/0:0
0,78 - 0209/62): (vcnum:0) XConnected failed To Jul 14 02:48:23: ATMSIG(ATM13/0/0 0,64
- 0018/62): (vcnum:64) Jul 14 02:48:23: ATMSIG: CONNECTION MANAGER/CAC Xconn install
request Port A - (9/1/0) : 0 vpi = 0; vci = 78 Port B - (13/0/0) : 0 vpi = 0; vci =
64; new vpi = 0; new vci = 64 existing vpi/vci for leg B Jul 14 02:48:23: ATMSIG:
CONNECTION MANAGER/CAC Xconn install result CONN_INSTALL_RESULT_HW_FAIL
Symptom: A port of a 4-port DS3 port adaptor for LS1010s and 8540s is in a yellow or red alarm state, and stops sending DS3 framing for a brief time when the alarm is cleared from the interface and the interface transitions to an up/up state. The loss of frame (LOF) can be seen when the Acterna tool TBERD is connected to the TX port of the DS3 port.
Symptom: When using Cisco IOS Release 12.0(16)W5.21, a system crash with a bus error at imapam_mmcport_init occurs after the creation of the 131st interface.
Workaround: Remove any unused modules from the chassis so that additional virtual interfaces can be created.
Symptom: After an online insertion and removal (OIR) of a carrier module in the 8540 MSR, the input/output packet counters for the corresponding interfaces show incorrect values.
Workaround: Do not perform OIRs, or clear the counters on that interface.
Symptom: The command line interface (CLI) no negotiation auto command is not preserved in the running configuration after an OIR (or "hot swap") of an 8-port Gigabit Ethernet card.
Workaround: Configure the CLI no negotiation auto command again.
Symptom: When a user specifies a Soft PVP Configured as VBR-NRT Service category in the ingress port, the service category at the egress interface of that switch is seen as UBR rather that VBR_NRT.
Symptom: A Catalyst 85xx running Cisco IOS Release 12.0(13)W5(19c) experiences high multiservice route processor utilization when Internetwork Packet Exchange (IPX) networks are added to Bridge Group Virtual Interface (BVI) interfaces; as more IPX networks are added, multiservice route processor utilization increases.
Workaround: If configuring bridging over ATM router module subinterfaces, configure a map-list for the bridged virtual circuit, using the keyword "bridge".
For example:
interface ATM3/0/0.50 multipoint
no ip directed-broadcast
map-group b50
atm pvc 2 50 pd on interface ATM0/0/0 1 50
bridge-group 50
map-list b50
bridge atm-vc 50 broadcast
Symptom: On ATM switches, the loopback IP address is not exchanged during ILMI negotiation with the neighboring switches. Consequently, the output of the show atm ilmi-status command indicates 0.0.0.0 as the peer IP address, even though a loopback address is configured.
Workaround: Configure the IP address on an Ethernet interface.
Symptom: When running cell-mode MPLS on a network of switch routers with redundant paths, conversion to MPLS after a routing change might take up to 4.5 minutes. OSPS converges normally.
Symptom: On a Catalyst 8540 performing an ATM-Frame Relay internetworking function, the ATM-Frame Relay does not propagate when the Local Management Interface (LMI) indicates a permanent virtual connection (PVC) as inactive.
Symptom: The entry for atmSoftPVccRetryThreshold feature has an incorrect default value of 0, rather than the default value of 1 that is shown in the ATM Soft PVC Management Information Base (MIB). A value of zero indicates that an infinite number of call attempts are required to increment the atmSoftPvcCallFailures object and thus disables alarms for the Soft PVCC.
Workaround: Set the atmSoftPVccRetryThreshold value to 1.
Symptom: When the routing table exceeds 50,000 entries and one or more eight-port Gigabit Ethernet interface modules are installed in the switch router, the CAM full condition might be seen. This condition will cause ports to stick.
Workaround: Perform an OIR of the module. The eight-port Gigabit Ethernet interface module is not designed to handle more than 50,000 entries.
CSCdt86157
Symptom: The SNMP polling of the MIB object atmVplOperstatus (in Virtual Path MIB) for VP tunnels shows that the VPL is DOWN, even when the tunnel is UP (as shown by the CLI).
Symptom: The one-Port OC12 port adapter module might cause cell corruption. This will inevitably lead to packet corruption wherever segmentation and reassembly is performed to put the cells back into frames.
Symptom: When a static route is added to and deleted from an interface that already has a static route connected to it, the packets are process-switched.
Symptom: Online Diagnostic Snake tests might send ILMI traps when an interface becomes active. This can cause clients on other inter-faces to reset ILMI.
Workaround: Disable the snake test by entering the no diagnostics online snake command in global configuration mode.
Symptom: Cell memory might get stuck when ABR, IMA, and hierarchical VPs are combined.
Workaround: Enter the shutdown command on the IMA interface. Take the first link on the IMA interface out of IMA group. Enter the no shutdown command followed by the shutdown command on the interface. Enter the no shutdown command on the IMA interface.
Symptom: If a switch processor switch over occurs, the IMA interface will remain in a waiting state. After this, entering the shutdown command and then the no shutdown command on the IMA interface will bring it to the "going down" state.
Workaround: To avoid this issue, disable online diagnostics before a switch processor switch over.
Symptom: If a route processor switch over is done continuously more than two times by entering the redundancy force-failover main-cpu command or once entering the EHSA null_ptr command, the new primary route processor will issue the following error message continuously:
%FRPAM(pciread):returned error 0x2000000!
%FRPAM(pciread): pci addr 0x02080208! read failed!!
%FRPAM(pciread): time taken to read 0x02080208! is 8
loop_count 1
Workaround: An online insertion and removal of the FR port adapter will stop this error message.
Symptom: When using PNNI, another vendor's equipment might send an invalid PTSE update. If the switch router receives one of these invalid updates, the PNNI neighborship might not re-establish.
Symptom: An ARM port configured for transparent bridging and in blocking state might forward certain frames.
Workaround: Depending on the topology, the work-around might be to ensure that a non-ARM port is in blocking state. Where this is not feasible, you need to physically shutdown the ARM port that is in the blocking state.
Symptom: A switch router might show additional atm interfaces than the number of interfaces present in the chassis. This does not affect functionality.
Symptom: On the OC-3c port adapter module, ILMI might remain in the "waitdevtype" state after a redundancy fail over.
Workaround: If the problem is seen on port 1-3, bring up port 0. If the problem is seen on port 5-7, bring up port 4. If the problem is seen on port 9-11, bring up port 8. If the problem is seen on port 14-15, bring up port 12. The port can be brought up by connecting a loopback cable, or just by using that port.
Symptom: A switch router with OC3 port adapters and five Fast Ethernet interface modules might boot up with the following error message:
epif_aal5_fastsend: bad vcinfo This message may appear 100s
of times and slow down the boot process. Normal operation does not seem affected
once the 8500 has finished booting.
Symptom: When a switch router sends a tag distribution protocol (TDP) bind request and does not receive an answer, the TVC remains unconnected. This might cause scalability problems in large networks because over time these TVCs might use up a large number of resources.
Symptom: Switch routers running Cisco IOS Release 12.0(13)W5(19) or earlier might experience a memory leak when used with an NMS (Network Management System) running SNMP whenever it accesses PNNI tables.
Workaround: Turn off NMS polling of PNNI tables and instead use the CLI or determining any PNNI information.
Symptom: ILMI might not properly learn the ip addresses of peer switches. After entering the show atm ilmi-status command, the interface of the peer switch is learned but its ip address is not.
Symptom: The ARM might set the CLP of all cells to one when bridging is configured over a PVC. This happens for cells being transmitted over the 1483 PVC only.
Symptom: The telnet response over an ISL trunk might be very slow. This is because small ISL frames (under 94 bytes) are not padded, and some devices drop ISL frames that are smaller than 94 bytes.
Symptom: The switch router might lose traffic on its LANE/1483/1577 interfaces on an ARM. Frame interfaces (like Fast Ethernet) or non-lane interfaces on ARM (with configured PVCs) pass traffic without any problems.
Workaround: Perform an OIR on the ARM or reload the switch router.
Symptom: IP and IPX routing over BVI on an 8-port Gigabit Ethernet port or a port channel might fail when the 8-port Gigabit Ethernet interface is removed from the bridge group.
Symptom: On a switch router performing the Frame Relay/ATM Network Internetworking function, when the Local Management Interface (LMI) indicates a PVC is inactive on an NNI interface, this information is not propagated by the Frame Relay/ATM software.
Symptom: A system running PNNI with Cisco IOS release 12.0(7)W5(15c) will reject an ATM call SETUP if the setup includes the 5a information element coded with associated signaling, explicitly the VPCI and any VCI.
If another ATM switch sends a setup that includes the 5a information element coded with the associated signalling, explicit VPCI and any VCI, the system will release the call with cause code 35: requested VPCI/VCI not available.
Call setups that include the 5a information element coded with the associated signalling, explicit VPCI, explicit VCI signalling, including those made by Cisco ATM switches are not affected by this problem.
This interoperability issue exists between Cisco ATM switches and other vendor's switches that do not explicitly request the VCI value in the call SETUP.
Symptom: The ATM User-Network Interface (UNI) does not include a cumulative round-trip time parameter in the ABR call setup. This situation might cause interoperability issues with different vendor products.
Symptom: The circuit emulation service (CES) address does not change when the switch router address is changed. When the global switch ATM address prefixes are added or deleted (via the atm address command), addresses registered for existing CES circuits are not changed.
Symptom: The show hardware detail command does not show the actual version of the FPGA for any of the daughter cards. This shows the version of the FPGA motherboard which is misleading.
Symptom: If you save the running configuration, you may see the following error:
ROUTER# copy run start
Destination filename [startup-config]?
startup-config file open failed (File table overflow)
This happens when you issue a write mem command or a copy running-config startup-config command. Issue a show file command to show the 127 entries of private configuration.
Workaround: Save the running configuration in a file, reload the router, and then issue a write mem command or copy running-config startup-config command.
Symptom: Although packets are being sent out from an ATM OC-12 interface module, the 5-minute output rate shown using the sh int atm command indicates 0 bits/sec output. This is not consistent with the output rate shown under the sh atm traffic command.
Symptom: A simultaneous encapsulation change on both sides of a link when the force-link up mode is used presents a 50 percent chance of bringing the line-protocol down. This problem does not happen when encapsulation change is done one side at a time. Problem is usually not seen when auto-negotiation is enabled.
Workaround: Issue a shutdown and no shutdown to bring the line protocol up.
Symptom: When the show atm interface traffic command is entered on a subinterface, the total number of cells that has passed might show incorrectly as zero.
Symptom: The Xconnect setup fails for unidirectional TVC if there is another one with different direction and same vpi/vci on particular interface of the Catalyst 8540 MSR. This can be seen only if VC merge is disabled.
Symptom: When the primary clock source is in the "unlockable" state, and the clock fails over to the secondary clock, the router never reverts to the primary clock source, even when the connection is clean and the clock source is present.
Symptom: The output of the command show epcif-entry is limited to 20 characters. This limits the command from showing specific port information when the module or slot combination causes the output to go beyond 20 characters. For example, when Gigabit Ethernet interfaces are installed in slot 10 or greater, the output is truncated.
Symptom: The present configuration does not work properly for frame reject (FRMR) and acknowledgement timeout messages. Occasionally a file transfer works normally, but most of the time it does not.
Symptom: Traffic pointing to an unknown route goes to the route processor even with ip unreachable disabled on the Gigabit interface input port. The traffic is dropped if the input port is an Ethernet interface port and ip unreachable is disabled.
Symptom: When HSRP is configured on the eight-port Gigabit Ethernet interface module, HSRP connectivity might be disrupted after a remote link failure is followed by a link restoration.
Workaround: Configure another HSRP group with a higher number and move the standby configuration to that group.
Symptom: The output errors counter is incorrect on Gigabit Ethernet show interface command. They have a high value 4xxxxxxxxx and a clear counter command does not change it back to 0. This value can increase or decrease over time.
Symptom: IP traffic is not sent over PVC if AAL5 MUX encapsulation is used on a point-to-point subinterface on the Catalyst 8540 MSR. If the deb atm errors command is enabled, the following error messages will appear:
Symptom: The system is not completing a route processor failover. The secondary route processor (redundant), as it assumes function from a failover will display the following error message:
%Secondary CPU Detected
remove_conn_from_fabric: Error close party failed for . . .
This does not affect operation of the system but will prevent the secondary route processor from booting successfully if the primary crashes.
Symptom: On an MSR switch router with enhanced Gigabit interface cards, the switch router crashes when loading a CSR image because of the CES card in the switch router.
Symptom: IPX load-balancing on IPX packets sourced from enhanced Gigabit Ethernet ports or sent out of ATM uplink ports will work only if IPX max-paths are set to 1 or an even value (i.e. 2, 4 or 6). An odd value of 3 or 5 can cause some of the IPX packets to not go out of the ATM uplink ports. This problem is seen only with SVCs over 1483 not PVCs with 1483.
Workaround: When IPX packets are sourced from enhanced Gigabit Ethernet ports, set the IPX maximum paths to 1, 2, 4 or 6. If there are an odd number of paths, change the administrative weight of one path so that there are always an even number of equal cost paths.
Symptom: The ATM router module (ARM) does not strip the Ethernet pad when switching data from Ethernet to ATM. This may occasionally lead to connectivity issues since some end-systems do not expect to see the pad.
Symptom: When an enhanced Gigabit Ethernet interface module sends out ISL packets with packet sizes 1531 to 1548, the output error counter on the egress port increases.
Symptom: The hierarchical VP tunnel configuration fails on a WAI-OC3-1S3M mixed mode port adapter module when it is in slot 0 subslot 1 of the C85MS-SCAM-2P carrier module. Slot 0 subslot 0 of the carrier module can either be empty or have another card in it, and hierarchical VP tunnel configuration will still fail. However, if the mixed mode pam is inserted in slot 0 subslot 0 of the carrier module, then the hierarchical VP tunnel can be configured.
Symptom: The switch router might be vulnerable to the successful prediction of TCP Initial Sequence Numbers. This vulnerability only applies to the security of TCP connections that originate or terminate on the affected Cisco device itself; it does not apply to TCP traffic forwarded through the affected device, in transit between two other hosts.
Workaround: Update to Cisco IOS Release 12.0(13)W5(19c).
Symptom: When IPX packets are sourced from fast Ethernet interface based ports and sent out of ATM uplink ports, IPX load balancing will work only if the IPX max-path is set to 2. A value greater than 2 can cause some of the IPX packets to not go out of ATM uplink ports. This problem is seen only with SVCs over 1483 not with PVCs over 1483. However, if all IPX traffic is sourced only from enhanced Gigabit interface ports then this problem is not seen. Six-path load balancing will work correctly.
Workaround: When IPX packets are sourced from fast Ethernet interface based ports, set IPX max-paths to less than or equal to 2.
Symptom: When serial interfaces on a Frame Relay/ATM internetworking port adapter are oversubscribed, and significant data bursts occur simultaneously on multiple VCs on multiple serial interfaces, one serial interface might get stuck.
Workaround: Enter the hw-module slot/subslotcommand.
Symptom: After replacing an ATM 155-Mbps multimode port adapter with an ATM 155-Mbps single-mode port adapter, the SNMP agent might not correctly refresh the AtmIftable: it still returns the old ciscoAtmIfPortType information for the new module. Stopping SNMP and then restarting the SNMP agent does not correctly refresh the table.
Symptom: Due to a hardware limitation, any packets larger than 6K could potentially cause a port stuck. After a port is stuck, the normal port stuck recovery mechanism applies.
Symptom: When a Catalyst 5500 connected to a Catalyst 8540 CSR is powered down, the BVI interface does not receive EIGRP and ospf multicast hello packets.
Symptom: The system crashes when more than 80 VCs are configured on an ATM uplink port and the port is added to a bridge group. Avoid this configuration.
Symptom: Enhanced Gigabit Ethernet ports learn MAC addresses of all zeros for packets with source MAC addresses with all zeros. This does not cause any problems.
Symptom: If you have more than 900 VCs on any interface or subinterface on the Gigabit Ethernet port with ATM uplink interface modules and you perform an online insertion and removal (OIR), a BROUTE VC release/setup failure will be indicated.
Symptom: When the ingress is a fast Ethernet interface, and the egress is an ATM uplink interface and is one of several parallel paths to a destination IPX network, shutting down this interface will cause the packets sent to this destination to use the first of the remaining parallel paths.
Workaround: The correct path will be chosen after issuing the clear ipx route* command.
Symptom: If HSRP over BVI is configured and a standby MAC address is explicitly configured on the BVI, this MAC address will not be reflected in the patricia table of the interface.
Workaround: None. The recommended option is to not use a standby MAC address and let the system choose the address.
Symptom: The two-port Gigabit Ethernet is part of a port channel, which has HSRP configured on it. Even after the two-port Gigabit Ethernet is removed from the port channel, the HSRP MAC address is retained.
Workaround: Issue the shutdown and no shutdown commands, add an IP address, or add the MAC address to a bridge group to delete the entry.
Symptom: The ATM router module microcode for RFC1483 did not have the ability to understand CLNS topology updates forcing the card to drop packets. This also effected the IS-IS routing updates.
Workaround: Upgrade to the Cisco IOS release 12.0(11)W5(19).
Symptom: Subinterfaces with the same VLAN color cannot be present in different bridge groups. This check is done when a bridge group configuration is being created or removed, not when the encapsulation is being changed.
Symptom: The router reloads when handling internetworking packet exchange (IPX) access-logging-messages. This situation may still occur if access-logging is not enabled.
You may exceed the 200 IPX network limit when the hardware is activated after being removed. When the hardware is reactivated, the interfaces that were not counted while the hardware was removed cause the limit to exceed.
Symptom: The Gigabit Ethernet interface is part of a port channel; one of the port channel subinterfaces is a member of the bridge group. The BVI MAC address is retained on the interface even after it is removed from the bridge group.
Workaround: Issue the no mac-address command under the interface.
Symptom: Option access-list under the show controllers command returns nothing when the interface is configured for bridge address access-list. Option mac under the show controllers command for the enhanced Gigabit interface port returns nothing when it finds a match in the Layer 2 database.
Symptom: MAC addresses are missing in the two-port Gigabit Ethernet port part of the bridge group when many MAC addresses are learned over the POS link and the POS link goes down.
The calculations for determining the limits of PCR and SCR that can be used for a VBR-NRT VC traversing through a VP tunnel using the CAC algorithm at the following URL:
00:04:37: %ALIGN-3-CORRECT: Alignment correction made at 0x60674830 reading 0x62017DB3
00:04:37: %ALIGN-3-TRACE: -Traceback= 60674830 60674A90 600993A4 60099390 00000000
00000000 00000000 00000000
Symptom: The alignment correction might occur with the clear bridge or show bridge commandswith the ATM uplink. The system recovers from the alignment correction.
Symptom: When the module is removed from the switch, the interfaces continue to show as inserted and also the IDB's are not deleted. The problem occurs with different kinds of modules in different slots.
This was noticed when a module is inserted into a slot and another is removed almost immediately. This is not seen when a good amount of time is given between the act of insertion and removal of the modules.
To prevent this, before inserting a new module into switch, wait 2 minutes after OIR.
Symptom: The ATM router module cannot remove interfaces bvi8 thru bvi11 and cannot unconfigure bridge groups 8 thru 11. This problem occurs with a configuration of 20-30 bridge groups. Some bridge groups which had BVIs enabled could not be unconfigured with the command line interface (in this case it was bridge groups 8 thru 11). The command for removing a particular BVI is not recognized, and the bridge-group could not be deleted.
This does not affect any bridging or routing functionality on the device. It is a configuration issue only.
Symptom: The output of the show ethernet command might display a `lost carrier' count that is the same as that for the collision counter on that Ethernet interface. This is a counter error only, and does not actually indicate a lost carrier.
Symptom: When two Catalyst 8540 CSRs with two-port Gigabit Ethernet interface modules are connected back-to-back, packets are lost. On one side the counters might show input and output increasing, but the other side shows only output packets increasing. The Address Resolution Protocol (ARP) from the other side is lost, and the ability to ping the other side is lost.
Symptom: The above message might appear when changing the trunk encapsulation type of a Gigabit EtherChannel (GEC) from ISL to 802.1q, when GEC is configured for novell-ether encapsulation and ports are receiving IPX wire speed traffic. No functionality problems are observed.
Symptom: Due to a hardware limitation, any packets larger than 6K could potentially cause a port stuck. After a port is stuck, the normal port stuck recovery mechanism applies.
Symptom: When reloading a new image into the enhanced two-port Gigabit Ethernet interface module the ATM uplink enhanced Gigabit interface appears to have been reset. The enhanced two-port Gigabit Ethernet interface module download shows no effect on the ATM uplink.
Symptom: If the weighted-fair queueing is configured on an ATM IMA interface of a Catalyst 8540 MSR, the system may go into an infinite loop generating traceback messages.
Symptom: When running Border Gateway Protocol (BGP), the BGP peers of the receiving border router might detect a mismatch in the code, and issue a notification message to reset their session. This does not affect the receiving border router.
Symptom: When reprogramming the switch processor(s) the Catalyst 8540 CSR might crash. No connections should be installed after reprogramming until the system reboot is complete. However, some interface modules create connections before the system reboot is complete so only the interface modules are recognized in the system crash.
Symptom: When more than one loopback interface needs to be configured, the interfaces are assigned the incorrect number, so they are all created as Loopback0. The interfaces cannot be removed.
Symptom: Under heavy multicast traffic, cells might stick in the switch fabric. This happens when a race condition occurs in the switch processor and the output VC (OVC) is not present in the active list or idle list. In this situation, the OVC is never taken up for further scheduling, and all the cells in the VC are stuck.
Workaround: Enter the clear ip multicast-routing command or enter the shutdown/no shutdown commands to the root interface.
Symptom: With an encapsulation change on a two-port Gigabit Ethernet interface module, the interface no longer sends packets. It seems that it is receiving packets and sending packets to the route processor when necessary, but the packets are not sent.
Symptom: When the switch router is reloaded, you must enter the shutdown command followed by the no shutdown command on the CBR ports in order to activate the CBR ports.
Symptom: When two 8540 CSR switch routers are directly connected by a two-port Gigabit Ethernet interface module, a reset of one switch router does not cause the remote switch router's interfaces to go down too. The problem is caused by the reset switch router's interfaces not going down, so remote interfaces do not go down.
Workaround: Physically remove the cable from the ports or issue the shutdown command.
Symptom: When running the Cisco IOS release 12.0(7)W5(14.74) software on a switch, it is possible that the atmVcCrossConnectAdminStatus entries will disappear.
Symptom: When the Catalyst 8540 CSR has both Protocol Independent Multicast (PIM) joins and IGMP joins coming in, one of the interfaces in the outgoing interface list of the IOS multicast table might not forward traffic. This is caused by a disconnect in the sequence of events between IOS multicast code and the Catalyst 8540 CSR specific light stream inter process communication subsystem (LSS) multicast code.
Workaround: Enter the clear ip multicast-routing command and configure static multicast groups on the interfaces sending PIM joins.
Symptom: After a route processor switchover, the microcode for a Fast Ethernet (FE) interface module might not download successfully. This failure occurs infrequently but causes the interfaces on the failed FE interface module to be unusable.
Workaround: Remove and reinsert the affected FE interface module.
Symptom: After a switch processor switchover, the microcode for an 8-port Gigabit Ethernet (GE) interface module might not download successfully. You will see the following error message:
epif_port_write_mii: Timeout for response message GigabitEthernet
This failure occurs infrequently but causes the interfaces on the failed 8-port GE interface module to be unusable.
Workaround: Enter an skmgmtreset command. When this command is entered, you might see BROUTE-VC SETUP FAILURE messages. These messages are harmless and can be ignored.
Symptom: When issuing the shutdown/no shutdown command on an ATM interface with a large number of VCs, the route processor utilization stays high for a long period of time. For example, for an 8K VC, the route processor stays high for around 720 seconds and for 4K VCs, it is around 300 seconds.
Symptom: The switch router will crash and hang when the ip http server command is configured and a browser connects to http://<router-ip>/%%. This defect can be exploited to produce a denial of service (DoS) attack. This information has been announced on public Internet mailing lists which are widely read both by security professionals and by security "crackers," and should be considered public information.
Workaround: Disable the IP http server with the following command:
no ip http server
Alternatively, the administrator can block port 80 connections to the switch router via access lists or other firewall methods.
Symptom: The values for ifInOctets wrap every 15 to 30 seconds on ATM interfaces with very little traffic. The wrapping occurs when the value is about 3,000,000 octets.
Symptom: The message above appears sometimes when an enhanced Gigabit Ethernet port is added or removed from a port channel (PO) with multicast enabled on the PO. This message is harmless and the system recovers from this.
Symptom: There may be spurious memory access in certain tag switching configuration. This does not affect any functionality.
Show alignment data for:
PNNI Software (cat8540m-WP-M), Version 12.0(9.5)W5(17.14) INTERIM TEST SOFTWARE
Compiled Mon 24-Apr-00 01:51 by
No alignment data has been recorded.
Total Spurious Accesses 590, Recorded 1
Address Count Traceback
10 590 0x60409014 0x604093D4 0x603FB810 0x603F63F4
0x603F6A40 0x60099224 0x60099210.
Symptom: The following CPU hog messages might occur after removing an IMA port adapter that has hundreds of SVCs and PVCs configured:
*Apr 21 10:36:40: %OIR-6-REMCARD: Card removed from slot 2, subcard 1, interfaces
disabled
*Apr 21 10:36:42: %SYS-3-CPUHOG: Task ran for 2096 msec (114/0), process = OIR
Handler, PC = 600AA8D8.
-Traceback= 600AA8E0 6035EB40 6035FC90 600988DC 600988C8
*Apr 21 10:36:43: %LANE-5-UPDOWN: ATM9/0/0.5 elan elan_cgr05: LE Client changed state
to down
*Apr 21 10:36:43: %IMAPAM-6-LOG: pam 2/1 changed state to NO_HARDWARE
Symptom: When configuring region sizes you are not considering the ACL region size when checking for the total size. Configuration allows regions sizes exceeding total Tcam size. No error message is printed at the time of configuration but upon next boot you get the following error messages:
ACL cannot be enabled on GigabitEthernet0/0/0 - insufficient TCAMAvailable: 24
Configured for ACL: 2048 Use sdm access-list command to reconfig
Symptom: The ip cef command does not re-enable the CEF switching on the Catalyst 8540 when previously disabled due to lack of memory. The Catalyst 8540 requires CEF switching but this can become disabled if there is insufficient memory available. When insufficient memory is available, the following message appears:
"%FIB-2-FIBDOWN: CEF has been disabled due to a low memory condition.
Symptom: After upgrading from Cisco IOS Release 12.0(5)W5(13) to Cisco IOS Release 12.0(5)W5(13b) code, CSR no longer boots. Restoring the older code corrects the problem. The crash occurs after the file is read. Removing the configuration text file from the TFTP server prevents the router from crashing. If the router is booted from the nvram configuration and the command copy tftp running then is issued, the router will crash. copy startup running does not crash the system.
Symptom: On a switch using the ospf area-range command, the summary link state advertisement created might get stuck in the database and not be flushed after the command is removed.
Symptom: An ima_failure_trap might not be generated when an IMA group gets deleted and the group state change might not be sensed by the switch processor.
Symptom: When ports on the eight-port Gigabit Ethernet interface module are connected to Ethernet interfaces, you get frames with new MAC addresses. Because the ports on the 8-port Gigabit Ethernet interface module send ca-updates to the Cisco IOS, the show bridge command displays the learned MAC addresses. Although the 8-port Gigabit Ethernet interface module has incrementing SkIPC Rx failed counters, there is no side effect. The format of show skmgmt stats command has been modified to take care of this problem.
Symptom: When the existing two-port Gigabit Ethernet interface module is replaced with the enhanced Gigabit Ethernet interface module by online insertion and removal (OIR), the running configuration that is part of the existing two-port Gigabit Ethernet interface module will not be available for the enhanced Gigabit Ethernet interface module.
Workaround: Save the configuration to NVRAM before doing an OIR of the two-port Gigabit Ethernet interface module with the enhanced Gigabit Ethernet interface module. Complete the OIR of all two-port Gigabit Ethernet interface modules with the enhanced Gigabit Ethernet interface modules. Enter the reload command to get the configurations of the two-port Gigabit Ethernet interface module for the enhanced Gigabit Ethernet interface module. The other option is to save the configuration to a TFTP server, edit the configuration so that only those relevant to the replaced two-port Gigabit Ethernet interface module is retained, and do a copy of this edited configuration to the running configuration.
Symptom: DS3 Frame Relay port adapter firmware stops forwarding traffic when 16 channel groups are oversubscribed. The egress port hangs when it receives a frame with a size that is an integral multiple of 48 bytes.
Symptom: When the switch is rebooted, at the point when it is going down, the console is flushed with the following messages:
Note: A random Spanning Tree Bridge Identifier address of 0000.0c00.9a70 has been
chosen for Bridge Group 12 since 00:00:39: %SYS-3-LOGGER_FLUSHING: System pausing to
ensure console debugging output.
00:00:40: %SYS-3-LOGGER_FLUSHING: System pausing to ensure console debugging output.
%SYS-3-LOGGER_FLUSHED:
System was paused for 00:00:00 to ensure console debugging output.
There is no mac address associated with the selected interface.
00:00:40: %SYS-3-LOGGER_FLUSHING: System pausing to ensure console debugging output.
Symptom: If a peer system is reloaded after a route processor switchover, all traffic into the port might be dropped. This prevents well-known VCs from coming up.
Workaround: Enter the shutdown command. To restart the disabled interface, enter the no shutdown command.
Symptom: An IPX packet containing the wrong length in the IPX header and requiring an encapsulation change causes the ingress port to hang. The switch router must be reloaded.
Symptom: The show bridge command might not show all interfaces and the show bridge verbose command might not show all interfaces and hash entries. Entries are not displayed until they are "learned" when traffic is passed through them. If no traffic is ever passed, the entries will not be displayed.
Symptom: The Interim Local Management Interface (ILMI) status of shaped and hierarchical tunnel subinterfaces that are down (not shutdown) may remain in the restarting state after issuing a shutdown/no shutdown command sequence.
Workaround: Enter a shutdown/no shutdown command sequence on the main interface of the subinterface, or bring the interface up by connecting it to a peer system.
Symptom: When snooping is enabled on an ATM or ATM-P port, ATM PVC deletion might fail. If the deletion fails, the system does not recognize the ATM PVC deletion failure and deletes the Frame Relay PVC. This causes the ATM PVC and Frame Relay PVC to go out of sync.
Workaround: Before deleting the Frame Relay PVC, disable snooping on the ATM port.
Symptom: When running 12.0 code with UNI 3.0, the Catalyst 8540 MSR may fail to send poll PDU's. This can result in a no_response_timer expiration and flapping of the sscop link.
Symptom: A LightStream 1010 configured for MPLS (tag switching) and running the Cisco IOS 12.0(9) maintenance software release does not correctly increment counters on outgoing TVCs, although the data are being correctly sent out of the TVC.
Symptom: Sometimes a MAC address learned over a port channel might not be removed from the IOS bridge table, but the entry might age out from the port channel. IPC might not be generated correctly to delete the MAC from IOS. This does not lead to incorrect routing of the packets as the packets are switched by the interface module and the table is consistent in the interface module.
Symptom: Under heavy traffic, if an encapsulation change (for a VLAN) is attempted on a 2-port Gigabit Ethernet interface module, the change might fail because of a uCode download failure.
Workaround: Shutdown the port (or port channel and all members of the port channel) when an encapsulation change is needed on Gigabit Ethernet ports or GEC. Make the encapsulation change, and then bring the port back up (no shutdown).
Symptom: When a snooping interface that is a higher card/subcard than the snooped interface (for example, interface ATM 0/1/1 snooping interface ATM 0/1/0), the snooping interface might be in an up state instead of in a snooping state. In addition, some of the snooping VCs might not be restored. When entering the shutdown command, the high-order snooping interface might get stuck while in the going down state.
01:34:29: %TBRIDGE-4-GIANT: Giant received on Port-channel1, 1504 exceeds 1500 DA
00d0.583f.1b47 SA 0090.214f.9047 [0x08004500]
Symptom: The above message might be seen with trunk interfaces configured in a bridge group with BVI after the clear bridge group or clear bridge command is issued. This is a transient state and the system recovers quickly.
Symptom: Packets coming in on a native VLAN being bridged to a port channel are dropped at the route processor. Untagged packets coming in on an 802.1Q trunk are associated with the native VLAN. Because of microcode limitations of the interface modules, the untagged packets are passed to the route processor to be routed or bridged. Consequently, we recommend that native VLANs not be used for network traffic and that they be limited to overhead traffic that terminates at the route processor (such as routing updates and CDP).
Workaround: Configure the traffic on a non-native VLAN.
Symptom: A no loopback sonet-terminal command entered on an OC-48c interface does not bring the interface down even when no cable is connected to the port.
Workaround: Use the shutdown command to bring down the interface.
Symptom: When a port is temporarily stuck (such as egress starvation for a slightly extended period of time) there might be a memory leak. This happens very rarely when a port is temporarily stuck repeatedly.
Workaround: Schedule a reboot when the available memory goes down to a very low value. This caveat is fixed in Cisco IOS Release 12.0(5)W5(13b) and later releases.
Symptom: Synchronous Digital Hierarchy (SDH) and other standard compliancy is not supported on the OC-48c. Also, LEDs and SONET/SDH alarm signals might not generate properly on the OC-48c. When using the show controller command on the OC-48c, counters might duplicate.
Symptom: If you are using IPX EIGRP, you might experience an inconsistency in SAP updates on a remote router if the serial interface is brought down for a brief time and then brought up.
Workaround: Enter the clear ip eigrp neighbors EXEC command or enter the no ipx linkup-request sap command for the serial interfaces.
Symptom: When unicast and multicast traffic is present on Fast Ethernet ports, the primary route processor might loop when a redundancy prepare-for-cpu-removal command is entered.
Symptom: The show atm status command might show the status of a previously looped back interface as up when it should be showing the status as up only after the line loopback is removed from the interface.
Symptom: When IPX packets are sent to the system, and the system does cross encapsulation for IPX packets, it might lead to a stuck port situation if the IPX protocol length is wrong (or corrupt).
Workaround: Remove the interface module and reinstall it.
Symptom: The display from a show switch fabric command scrolls without stopping when the screen fills. The output just continues to the end of the display.
Symptom: The switch router does not correctly handle extended QoS and end-to-end transit delay IEs. This occurs primarily when interoperating with third-party vendor equipment.
Symptom: The input queue count on a BVI interface configured on the switch router might become larger than queue depth. This will block traffic from the same bridge group.
Workaround: Increase the hold queue on the BVI interface, depending on the rate at which the input queue fills up, or redesign the network to remove BVI.
Symptom: With the eight-port Gigabit Ethernet interface module, spurious memory access occurs when booting the system with the latest image and copying the software configuration from a TFTP server.
Symptom: With the 8-port Gigabit Ethernet interface module, ping fails when changing the VLAN ID of a BVI interface.
Workaround: Take the subinterface out of the bridge group before changing the encapsulation. Then change the encapsulation and add the subinterface back to the bridge group.
Symptom: New SVC or soft PVC calls from a Catalyst 8540 to a Fore ATM switch across a PNNI interface fail to connect. Connections initiated from the Fore switch do not fail.
Symptom: Counter values from the show controllers command are not descriptive enough for troubleshooting purposes. Each counter should have a label indicating the purpose of the counter.
Workaround: The output has been improved in Cisco IOS Release 12.0(5)W5(13b) and later releases.
Symptom: A mechanism is needed to troubleshoot and recover from port stuck failures.
Workaround: To recover from a port stuck failure, perform the following tasks:
Detect port stuck failure.
Isolate the cell stuck failure.
If it is only a port stuck failure, isolate the port from the other functional ports, and inform Cisco that the line is down/down.
Depending on the configuration option for reset of the stuck port, the following action will be taken:
Default behavior
If the switch router is not configured to reset the port upon detecting a port stuck failure the port will be isolated, thus preserving the integrity of the switch router.
Nondefault behavior
If the switch router is configured to reset the port upon detection of a stuck port failure, the switch router will isolate the port from the rest of the functioning ports, and reset the port. This might affect up to three other ports in the case of Fast Ethernet 10/100 modules.
Note If you configure the switch router as described in the nondefault behavior after a port stuck failure is detected, the switch router will not reset the Ethernet ports. The Ethernet interface must be configured to reset before the port stuck failure occurs. Also, the default behavior is to not reset the port if a port stuck failure is detected. If the Ethernet interface is not configured to reset when a port stuck failure is detected, schedule the switch router for downtime to remove and reinsert the module.
Use the following interface configuration commands to troubleshoot port stuck failures:
Command
Purpose
epc port-reload
Enables automatic resetting and reloading of the Ethernet interface module microcode after detecting a port stuck failure.
epc portstuck-wait seconds
Specifies the delay before signalling a port stuck failure (from the time the failure is detected). The default is 180 seconds. The range for seconds is 0 to 1200. A value of 0 seconds causes a port stuck failure to not be detected.
Caution Due to the nature of microcode architecture, do not configure low values for the wait time in the epc portstuck-wait command. The default value of 180 seconds has been carefully chosen, allowing for the hello intervals of protocols such as HSRP, EIGRP, OSPF. Configuring a low value might lead to incorrectly detecting temporary port stuck failures as real port stuck failures and will likely cause temporary connectivity loss. It is highly recommended to keep this value at least at 60 seconds. Lower values are provided to allow for some specific network designs when you can absolutely rule out temporary port stuck failure scenarios, and also as a debugging aid. For most networks, 180 seconds should work very well.
Symptom: A Catalyst 8540 might treat the link between the physical interface and the port channel interface as a multidrop link when the MAC address of the members of a port channel differs from the MAC address of the port channel itself.
Workaround: Delete the members of the port channel and then add them back in.
Symptom: Issue the shutdown and no shutdown commands for the new setting to take effect when you change the port speed from 10 to 100 seconds on a Catalyst 8540 CSR running 12.0(5)W5(13).
Symptom: Permanent virtual circuit (PVC) creation might fail if the virtual channel identifier (VCI) is greater than 24 bits. On a reload this error might happen when the VCI is greater than 12 bits.
Symptom: Some of the interface counters display a lower value for packet counters. Increasing the frequency of poll for statistics resolves the problem. This is needed only in two-port Gigabit Ethernet interface modules because of separate channels. This does not affect functionality.
Workaround: Upgrade to Cisco IOS Release 12.0(5)W5(13b) or later.
Symptom: Cisco IOS Release 12.0(5)W5(13) and later releases boot only on route processors with hardware SAR.
Workaround: If you have a route processor with software SAR (that is, below version 5.4), you must upgrade your route processor to one with hardware SAR (version 5.6 or later). For route processor related issues, see the field notice at http://cco/warp/customer/770/fn5889_06291999.html.
Symptom: A host move under high traffic conditions can result in a missing MAC entry from the IOS bridging table. When routing over BVI, this might cause loss of connectivity.
Symptom: When configuring a port channel, set the hold-queue size of the port channel to 300 and save it to NVRAM. On physical interfaces and port channels, the default hold-queue size is 75. The port channel hold-queue size should be 300. If the queue size of the port channel is not reset, there might be occasional packet drops bound to the route processor.
Symptom: These messages occur when there is IP multicast traffic and the user disables PIM on a physical interface and moves this physical interface to be a member of a port channel that is PIM enabled.
Workaround: Stop the IP multicast traffic, issue the clear ip mroute * command, and make the configuration change. If the assert messages occur, clear ip mroute * should fix the problem.
Symptom: When a member is removed from a bridge group which has HSRP over BVI configured and the router is an active router, active router MAC 0000.0c07.ac00 might not be removed from the interface.
Workaround: Issue the shutdown and no shutdown commands.
Symptom: A Simple Network Management Protocol (SNMP) walk of the ATM virtual channel cross connect table (CCT) might incorrectly show the following for a manually created cross connect:
Symptom: For 10/100 Fast Ethernet interface modules, the internal chip set is designed to give higher priority to ingress tasks than egress tasks because of limited buffer availability on the ingress side. This design leads to a situation of egress starvation under heavy input traffic conditions when continuously scheduled ingress tasks cannot meet the 84-cycles budget requirement under "Auto L2-learning" conditions.
Workaround: Upgrade to Cisco IOS Release 12.0(5)W5(13b) or a later release.
Symptom: When hundreds of TVCs in bidirectional mode are repeatedly configured and unconfigured on a switch router, VC resources might become exhausted.
Symptom: If any bridge-group members are 802.1q subinterfaces on an eight-port Gigabit Ethernet interface module, then protocol specific IRB configuration will not work over these ports because of local-switching ASIC (K1) chip limitations.
Symptom: When configuring the Simple Network Management Protocol (SNMP) trap receiver with the snmp-server host command, the following error message might appear on the console of the switch:
%Bad OID Failed to create host entry.
Workaround: This error message occurs only when SNMP is initially configured on the switch and it is the first time that the snmp-server host command is entered. If the command is entered again the error message does not appear.
Symptom: The facility alarm issues a warning when the secondary route processor is brought down, but the warning goes away if the secondary route processor is initialized at ROMMON without booting.
Symptom: When the color of an encapsulation is changed on a subinterface, the subinterface does not transition through the spanning tree states. In some situations this might result in spanning tree loops.
Workaround: To prevent looping when changing the subinterface color, delete the subinterface and recreate it with the new encapsulation color.
Symptoms: The following error messages might appear on the Gigabit Ethernet interface module with the ACL daughter card during a route processor switchover.
NO ACL Card Detected on the PAM in Slot[0]
FATAL ERROR: ACL-FPGA reset failed
Symptom: On Fast Ethernet ports, untagged packets coming in on the 802.1q native VLAN are not processed by the microcode. Instead, they are transmitted to the route processor and processed. This means that high route processor utilization will be seen if untagged packets are received at a high rate on the native VLAN subinterfaces.
Generally, only management data, transmitted at a very low rate, would be seen on the native VLAN, since it is mainly used for network management purposes.
Symptom: A Catalyst 8540 might have problems with IPX routing using ATM router module ports. Once the LE-ARP entry times out, IPX packets are sent over the BUS. Since the route processor is not aware of the IPX packets anymore, it does not trigger the LE-ARP request and the switch router continues to forward the IPX traffic for the given destination over the BUS. This problem negatively impacts IPX performance. IP performance is not affected.
Workaround: Set the atmidle-timeout command to 0 on all the devices in the affected ELAN before the traffic is started, or move the LES/BUS to a Catalyst 5000 ATM LANE module.
Symptom: If a switch processor switchover is initiated from a console port, some commands might still be able to be entered from a connection through a telnet or a vty session.
Workaround: Wait until the switchover is complete before issuing any commands from a vty port.
Symptom: In large bridge group and bridge group member configurations exceeding supported limits, high route processor utilization from the Tbridge Monitor process might occur. System resumes normally.
Symptom: When multiple 802.1q subinterfaces are configured over interfaces belonging to the same slot of an 8-port Gigabit Ethernet interface module, the traffic will be locally switched (broadcasts, flooding, etc.) among those interfaces, and the front-panel subinterfaces are represented by a single subinterface in the back end. Therefore, it does not consistently represent the proper configuration of front-panel subinterfaces. Because of this, the front-panel port configuration might not always work, depending on the deployment scenario.
Workaround: Configure different encapsulations among the different subinterfaces in the same slot. This makes the Ethernet interfaces in the back end perform bridging and routing.
The above workaround applies only if the subinterfaces are used to perform different switching functions. Multiple subinterfaces with the same encapsulation in the same bridge group might be used to provide local switching capability for trunk ports and possibly routing over BVI.
Symptom: The above messages sometimes appear upon online insertion and removal (OIR) of the route processor or switch processors and also of the 2-port Gigabit Ethernet or 10/100 Fast Ethernet interface modules. This message is harmless and the system should continue to function normally after the message.
Symptom: The redundancy prepare-for-cpu-removal command initiates a route processor switchover through a software forced crash. The forced crash causes the message buffer to flush and display to the console before initiating the switchover.
Symptom: It can take up to 3 minutes to sync up the running configuration to the secondary route processor upon inserting the secondary route processor . This is not a problem. The task is run as a background task and hence runs as a low priority task.
Symptom: The switch processor switchover might generate a route processor HOG message in the Exec process. Console input is blocked until the switchover is complete. The system resumes normally.
Symptom: In bridge group and bridge group member configurations exceeding supported limits, route processor HOGs from the Net Background process might appear. System resumes normally.
Symptom:In bridge group and bridge group member configurations exceeding supported limits, route processor HOG messages from the EPAM Card Manager process might appear. System resumes normally.
Symptom: Route processor redundancy requires a software interface descriptor block for the secondary route processor . If you use up all the interface descriptor blocks through subinterface creation before booting the secondary route processor, interface descriptor block creation failure occurs. Boot the secondary route processor before attempting to configure the maximum number of interface descriptor blocks.
Symptom: After hot-swapping a fast Ethernet interface module, OSPF interfaces are not recognized.
Workaround: Configure a loopback interface before enabling OSPF, so that the IP address of the loopback will be selected as the OSPF router ID. This is the recommended design for OSPF configuration. To minimize the convergence time, use a software interface (which never goes down unless administratively shut down) as the router ID. This will also prevent OSPF restarts upon interface toggling.
Symptom: Ethernet interface modules reset during reinitialization after a switch processor switchover.
On a switch processor switchover, Ethernet interface modules behave as if a system reload occurred, and take the same amount of time to reinitialize as they do for a reload. Before the interface modules come up, and a switchover occurs, timeout messages are entered. This happens because the Ethernet ports are initialized through IPC, and halfway through the process the Ethernet interface modules are reset again by the switchover.
Symptom: Do not hot swap an active switch processor (SP) module before putting it in standby mode.
If an SP module is currently active while the switch router is running IOS, and the module is removed from the chassis before making it a standby module, the connections might hang. This stops switch traffic after an SP switchover.
Workaround: Before removing an active SP module, make it the standby.
First determine whether the SP module to be removed is currently active using either of the following methods:
Use the show preferred-switch-card-slots command.
Look at the LEDs on the SP modules.
If the SP module is active, the active LED on the module is green. If the SP module is standby, the standby LED on the module is green.
If the SP module is currently the standby, remove it without issuing any commands.
If the SP module is currently active, use the following EXEC command to designate the other two SP modules as the active switch processor modules:
The range of the slot value is 5 through 7. This prepares the SP module to be removed as the standby module.
Once the prompt returns, ensure that the SP module is the standby by issuing the following command:
show preferred-switch-card-slots
The SP module should no longer be active, and can be safely removed.
The following example shows how to prepare the switch router to safely remove an active SP module from slot 5:
Switch# show preferred-switch-card-slots The currently preferred switch card slots are slot:5 and slot:7
The currently active switch card slots are slot:5 and slot:7
Switch# redundancy prefered-switch-card-slots 6 7
Switch# show preferred-switch-card-slots
The currently preferred switch card slots are slot:6 and slot:7
The currently active switch card slots are slot:6 and slot:7
Symptom: If an OC-48c interface module is removed and reinserted on an active switch router when NCPD is enabled, and the clock source is set to the OC-48c interface, the ILMI state remains in waiting/restarting on the OC-48c interface.
Workaround: After the OC-48c interface module is reinserted, enter a shutdown command, followed by a no shutdown command on the affected OC-48c interface.
Symptom: CBR interfaces might incorrectly come up when configured as structured services, even though no cables are plugged into the ports. This problem might also occur when removing the configuration of the structured services.
Workaround: Remove and reinsert the CES port adapter.
Symptom: When the secondary route processor is brought to rommon and initialized in the rommon, the redundancy alarm is cleared in the primary route processor even though the secondary route processor is still down.
Symptom: Entering shutdown/noshutdown commands on an ATM router module interface, especially when it has several LANE clients configured, can cause the switch router to issue messages similar to the following:
%LANE-3-LANE_ERROR: lecs finder: ILMI hung on interface ATM1/0/0
This message indicates that an internal timeout occurred. The interface recovers and normal operations are not affected.
Symptom: Under heavy stress conditions with multicast PIM-DM, there can be a situation in which VC allocation failed messages appear. This is a high stress scenario, and it happens when all the VC resources are not freed properly.
Workaround: Stop the traffic for a short time (a few minutes), enter the clear ip mroute * command, and then restart the traffic. This caveat has been resolved by ensuring that the VC resources are cleaned up properly in Cisco IOS Release 12.0(5)W5(13b) and later releases.
Symptom: If an IPX router goes down in a multiple-path topology, the Catalyst 8540 layer might get out of synchronization with the Layer 3 IPX routing table. A lower layer forwarding and switching anomaly might occur if the router first receives a "down" notification for a particular network from the same host that originally notified the router about that network, and then, shortly afterward, the router receives a good route to the network from another host.
Symptom: If a Fast Ethernet interface module is installed on an active switch router, cells become stuck in the switch fabric when a route processor module is inserted into the chassis.
Workaround: Upgrade to Fast Ethernet FPGA 3.3 or later.
Symptom: If an 8-port Gigabit Ethernet interface module is installed on the switch router, switch processor switchover is temporarily unsupported. After issuing a redundancy prefered-switch-card-slots command, the switch router displays the following message:
There is 8 Port Gigabit Ethernet PAM in the Chassis, SP switch over is temporary unsupported
Symptom: A Gigabit Ethernet interface indicates it is in the up state, even though there is no longer connectivity through this interface. Pinging a device through the Catalyst 8540 MSR times out. Pinging a device from the Catalyst 8540 MSR is successful.
The sh epc if-entry int gi 0/0/0 gi 3/0/1 command displays the following message:
Status Down Broute VC - 0
The shutdown/no shutdown command sequence restores the connectivity.
Symptom: A Gigabit Ethernet interface displays its status as up, however, there is no connectivity through the interface. Pinging a device through the Catalyst 8540 CSR times out but pinging a device from the Catalyst 8540 CSR is successful.
Workaround: Issue the shutdown and no shutdown commands on the appropriate interface to restore connectivity.
Symptom: In rare instances, a Catalyst 8510 CSR takes a software forced crash at a program counter value of 0x6004A4D64 when running Cisco IOS Release 12.0(1a)W5(6f). Because the conditions which trigger this crash are not currently known, it is strongly advised that the router be configured to write a core dump if such an instance happens.
Symptom: Even though the route processor capabilities do not match, the switch router still reports full redundancy when it boots up.
When the secondary route processor resources, such as the amount of DRAM, are equal to or greater than the primary route processor resources, the switch router is fully redundant. However, after a route processor switchover, if the new primary route processor resources are more than those of the new secondary route processor, a fully redundant switch router becomes conditionally redundant and the new primary route processor console displays a message such as the following:
00:03:14: %COUGAR_EHSA-4-FLASH_MISMATCH: Mismatch in BOOTFLASH SIMM size between
Primary and Secondary ACPMs
BOOTFLAH SIMM Size - Primary = 16 MB, Secondary = 8 MB
Because of the BOOTFLASH size mismatch, the files that fits in the
Primary ACPM's BOOTFLASH may not fit in the Secondary's BOOTFLASH, if and
when a switchover occurs. This may cause loss of information. The system
is now running CONDITIONALLY REDUNDANT - subject to the above mentioned
mentioned restriction
Workaround: Ensure that both route processors on the switch router have the same resources.
Symptom: When copying a file to a Flash PC card on a secondary route processor, the switch router might return control to the user before the copy process is complete. If a reload is done before the image is completely copied, the file might be lost.
Workaround: Enter the dirsec-slotn: command to verify that the image is completely copied before reloading the switch router.
Symptom: IP multicast counters (S,G) might not be accurate.
The microcode maintains 16-bit packet counters for each (S,G) entry, which are polled every 10 seconds. If the input rate for the (S,G) entry is higher than 6.4K packets/second for a 10-second duration, the counters might overrun.
Symptom: If the configuration register value is set to 0x2102 while autobooting, the system might experience a TLB (translational bridging) exception if the system boot image is not specified using the boot system command. The system continues to boot without problems, despite this exception.
Workaround: When the configuration register is set to 0x2102, specify the system boot image to be autobooted using the boot system command. If the system boot image is specified using the boot system tftp command, also specify the bootloader image using the boot bootldr command. After executing these commands, save the configuration in the NVRAM, using the copy running-config startup-config command.
Symptom: The debug ncdp packets, debug ncdp errors, and debug ncdp events commands do not display any information when accessing the switch router through the Ethernet port.
Workaround: Access the switch router using the console port.
Symptom: Modem access to the console port requires special settings.
The Catalyst 8540 provides support for connecting the modem to the console port. However, the following settings of the modem are required:
1) Enable auto answer mode.
2) Suppress result codes.
You can configure your modem by setting the DIP switches on the modem or by connecting the modem to terminal equipment. Refer to the user manual provided with your modem for the correct configuration information.
Please note there are no hardware flow control signals available on the console port, so the console port terminal characteristics should match the modem settings.
Symptom: The Catalyst 8540 might display a CRC error when it obtains the clock via an OC-3c link from a LightStream 1010 ATM switch and then uses or redistributes the clock over an OC-12c link.
Workaround: Use the internal clock or bring the clock source directly to the Catalyst 8540.
Symptom: PVCs exiting the switch router over a hierarchical VP tunnel are not preserved when the route processor switches over.
The switch router stops switching traffic over such PVCs upon and after the route processor switchover. The hierarchical VP tunnel remains active, however, and after the route processor switchover the VCs defined over the hierarchical VP tunnel (both PVCs and SVCs) function as expected.
Symptom: After shutting down an ATM router module interface which is a member of a port channel, the interface entry is not removed from the port channel. Since removing a member interface from a port channel does not put the port channel into blocking mode, no loss of connectivity should result.
Symptom: When using the Catalyst 8540 usage parameter control (UPC) tag functions (change the CLP=0 to CLP=1), the following ports might not work: For 16-port OC-3c and 4-port OC-12c interface modules, interfaces ATM 0/0/0, ATM 0/0/2, ATM 2/0/0, ATM 2/0/2, ATM 9/0/0, ATM 9/0/2, ATM 11/0/0, and ATM 11/0/2 might fail UPC tag mode.
Note All other interfaces should work.
Workaround: Upgrade the switch processor FPGA image to Version 1.5 (fi-c8540-msp.A.1-5) or later.
Symptom: The ILMI keepalive feature resets the interface on the second retry following a link failure. This behavior might occur despite having configured the system to allow up to five retries.
Symptom: On a system configured with either both power supplies or only power supply 1, issuing the show hardware, show hardware detail, or show tech-support commands might cause the memory corruption. If this memory corruption occurs and the show subsystem command is entered, the Catalyst 8540 might fail unexpectedly.
Workaround: If the system is configured with two power supplies, remove power supply 1 before issuing any of the commands listed in the Symptom text. If the system is configured with one power supply, make sure that you use power supply 0.
Symptom: If the switch router is booted with cleared NVRAM, because the switch router is new, or after a write erase command, and the automatic configuration is skipped, the following messages are displayed:
Symptom: With RMON enabled on Fast Ethernet interfaces, SNMP interface counters begin to grow exponentially. Port utilization might be greater than 100% when the actual utilization might be as low as 1%. This happens with either RMON native or RMON promiscuous. While SNMP counters are erratic, the CLI remains accurate.
Symptom: Following a software reload, the Catalyst 8540 might fail unexpectedly with a write bus error. This failure might occur if the system is configured with one route processor, and the switch processor modules are installed in slots 5 and 6 or in slots 6 and 7.
Workaround: Install the switch processor modules in slots 5 and 7.
Symptom: The router fails to see incoming AppleTalk broadcasts when the router, configured for IRB, is routing and bridging IP and just routing AppleTalk.
Symptom: When powering up and booting the switch router with two route processors, or installing a second route processor in a working switch router, the console port of the secondary route processor might display the following error message:
SECONDARY CPU: *** Failure - Can not sync to other CPUs sync ****
Sys Clock lock and sync failed.
The secondary route processor fails to boot and the switch router is in a non-redundant mode. This problem occurs when the Catalyst 8540 with two route processors and the secondary route processor have an FPGA image version of 4.5 or earlier. To recover, power cycle the switch router or remove and reinsert the secondary route processor.
Workaround: Upgrade the route processor FPGA image to version 4.6 or later.
Symptom: An IPX packet containing the wrong length in the IPX header and requiring an encapsulation change causes the ingress port to hang. The switch router must be reloaded.
Symptom: On the Catalyst 8540 CSR running the W5(11) code or lower, adding logging source-interface and then removing logging source-interface might stop syslogs being sent out on Ethernet 0 (the management port). Syslogs continue to be sent out through the regular interface module ports.
Workaround: Do not configure the source-interface. If you configure the source-interface, do not remove the logging source interface. Rebooting the switch router resolves the state. An error syslog (LINK-3-UPDOWN) also corrects the problem.
Symptom: AppleTalk routing does not work when two connected ports are part of a bridge-group with AppleTalk addresses on the ports and IP addresses on the BVI.
Symptom: The Hot Standby Router Protocol (HSRP) over a Bridge Group Virtual Interface (BVI) configuration is not supported if the BVI encompasses LANE interfaces. This configuration is valid and functional only if the BVI encompasses Ethernet interfaces.
Symptom: Following a change to a spanning tree, inconsistencies might occur in the bridge members information stored in the Ethernet module interface and the IOS.
Workaround: Use the clear bridge command to purge the bridging cache.
Symptom: When the system is configured to autoboot, and the redundancy prepare-for-cpu-removal command is entered, the route processor does not stay in ROMMON mode, but proceeds to autoboot again.
Workaround: Upgrade the ROMMON image to release 12.0(4.6)W5(13) or later.
Symptom: A T1 CES interface does not send out a remote alarm indication (RAI) in the reverse direction upon detecting an alarm indication signal (AIS).
Symptom: Attempting to format the Intel 200 Series Flash PC card that is currently shipping with other platforms (such as the Catalyst 6000) might cause the Catalyst 8540 to fail unexpectedly with a bus error. If this failure occurs, the system will not boot up successfully until the Flash PC card is removed from the switch router.
Workaround: Remove the Flash PC card from the switch router.
Symptom: When a clear bridge command is issued, MAC addresses specified for the access lists are not reprogrammed in the CAM tables.
Workaround: Issuing a shutdown/no shutdown on the bridge port where the access list is configured reprograms the MAC address in all other bridge group members.
Symptom: After an interface timeout is expired, adjacencies for static ARP entries are refreshed every minute, which might cause momentary connectivity loss. This does not apply to dynamically created adjacencies.
Symptom: Following the online insertion of an interface module into a router configured with IGMP static group and running multicast traffic, failures occur when downloading to the interface module.
Workaround: Either shut down any interface configured with IGMP static group before inserting or removing interface modules; or do not insert or remove interface modules online when the switch router is configured with IGMP static group.
Symptom: Path costs on Gigabit Ethernet interfaces shown by the show span command do not match the expected default value of 100.
Workaround: Set the path costs manually. One option would be to set the path cost for Gigabit EtherChannel (GEC) ports to 1 and set the path cost for the non-GEC ports to 2.
Symptom: The interface delay metric is set inappropriately for port channel interfaces where one or more Gigabit Ethernet interfaces or Fast Ethernet interfaces are grouped into a channel. The delay for a single Gigabit Ethernet interface is 10 microseconds. The delay for a port channel consisting of one or more Gigabit Ethernet interfaces is 100 microseconds. The delay for a single Fast Ethernet interface is 100 microseconds. The delay for a port channel made up of one or more Fast Ethernet interfaces is 1000 microseconds.
This incorrect setting has implications for routing protocols that use interface delay as part of the metric, such as IGRP and EIGRP, and might cause the routing protocol to prefer a route through a single interface over a route through a port channel, everything else being equal.
Workaround: Manually configure an appropriate delay on the port channel interface using the delay command.
Symptom: The "Uptime" for the secondary route processor from a show redundancy command might display incorrectly. This problem occurs because the "Uptime" rolls over after about four hours.
Symptom: Job <job name> ran <time> messages appear frequently or at regular intervals.
The job event queue on the 8-port Gigabit Ethernet interface module lets the event manager know, in microseconds, the maximum amount of time a job is expected to run. It also tracks how long each job actually ran. The Job <job name> ran <time> message should alert you that a job ran longer than expected. It is not normal for the message to come often or at a regular interval.
Symptom: Routing protocols take more time to converge after reboot on a router with large ACLs configured on many interfaces.
Workaround: None. When you reboot a router, it can take considerable time to populate large ACLs on many interfaces, resulting in a delay in the convergence of some routing protocols.
Symptom: Configuring interfaces on line aux 0 might cause the redundancy feature to fail. The primary and secondary route processors will boot, but running the show redundancy command on the primary route processor incorrectly indicates that the secondary route processor is down.
Workaround: Remove all configuration commands from line aux 0 and reboot the switch router.
Symptom: IPX ACL on a subinterface of a non-trunk main interface does not filter traffic.
Workaround: Configure the ACL on the main interface instead of the subinterface to achieve the same result. Due to space limitations, IPX ACL cannot be applied directly to a subinterface of a non-trunk main interface.
Symptom: If an interface in subslot 1 of a carrier module is the present active clock source, and an interface in subslot 2 of the same carrier module is the secondary clock source, the clock source of the secondary might be overridden to loop-timed rather than network-derived.
Symptom: After replacing an existing configured ACL on an interface with another ACL, routed packets that should be blocked are forwarded for a very short period of time.
Workaround: Within a short period of time, the ACL is reprogrammed and block packets as required. When you remove an ACL and replace it with another ACL, ACLs are temporarily removed from memory, and the ACL flag is turned off. Some packets that should be blocked by the ACL will temporarily be permitted until the ACL flag is turned on again.
Symptom: On a router with a rev-B1 fast Ethernet interfaces, there is no way to turn off time-stamp refresh during destination address lookup. A source address is learned on a port in the initial spanning tree state. After the port goes into blocking state, a destination address lookup on the received packet keeps the entry alive. This is particularly true where the source and destination address are the same, as in the case of keepalive packets.
Workaround: None. This problem does not occur in routers with fast Ethernet interfaces later than rev-B1.
Symptom: After upgrading the ACL FPGA image using the reprogram command, the system warns you that the image is not compatible with the current IOS version, and the ACL card might become unusable unless you update the IOS image.
Workaround: Ignore this warning for the ACL card, and continue the FPGA download. Do not ignore this warning for other controllers.
Symptom: Cannot receive CDP packets on a trunk port connected to a Catalyst 5000 if CDP packets are coming on a VLAN for which a subinterface is not configured.
Workaround: To receive CDP packets, configure a dummy VLAN subinterface on the trunk port connected to the Catalyst 5000.
Symptom: The soft VCL counter incorrectly reaches its maximum value upon link transition, thus keeping soft VCs from connecting to ports which have incorrect soft VCL numbers.
Symptom: When the switch router is booted after a power cycle, the reload reason in the show version command does not indicate that the "System restarted by power-on."
Workaround: Upgrade the ROMMON image to release 12.0(4.6)W5(13) or later.
Symptom: After performing an OIR on a carrier module, the corresponding port adapter interface counter values displayed in a show interface command might become unreliable.
The LED on the interface module is orange and none of the interfaces will work. The interface module is nonfunctional.
Workaround: Reload the Cisco IOS software, and the interface module will function. The LED should always be green when the 8-port Gigabit Ethernet interface module is functioning.
Symptom: The Catalyst 8540 does not support a PVP tunnel with a VPI value of 0.
The IOS software relates subinterface 0 to the main interface, so interface ATM x/y/z.0 represents the main interface x/y/z. If the user attempts to create a PVP tunnel with a VPI value of 0, the system should return an error on interface ATM x/y/z.0.
Symptom: An unexpected system failure might occur following a show tech-support command when OC-3c interfaces are present. This might also occur with the show controllers command.
Symptom: The versions of the Smart Modular and Sharp Flash PC cards used to store diagnostics and IOS software images might report unrecoverable write errors. Affected cards use a Sharp chip set (LH28F016SCT).
Workaround: If you have a Smart Modular Flash PC card, the fix for this problem is available with the Cisco IOS Release 12.0(4a)W5(11a) software. Netboot the image, reformat the Flash PC card and copy the image to it. You can then autoboot from the Flash PC card.
Note For redundant systems, only the primary route processor can be netbooted.
Symptom: On a PNNI signalling link, the Promina 4000 NET switch sends a message that prompts the system to send a CALL PROCEEDING message and then a RELEASE message. The UNI 3.0 specification, section 5.4.5.15, defines a cause code 8a as "VPCI/VCI unacceptable." When the call goes out on a UNI 3.1 interface, this cause code should be mapped to VPI/VCI assignment failure. This mapping does not occur for PNNI links.
Symptom: A problem in the reinitialization logic might cause the system to fail unexpectedly when a switch processor module in slot 5 is the standby and the switch processor module in slot 7 fails.
Workaround: Do not configure the switch processor in slot 5 as the standby.
Symptom: When the system is configured to autoboot, and the configuration register is set to 0x2102, the secondary route processor crashes during autoboot.
Workaround: Upgrade the ROMMON image to release 12.0(4.6)W5(13) or later.
Symptom: The device might lose its IP OSPF neighbor information and connections over a BVI interface after a few days of running, requiring a system reboot.
Symptom: When forwarding a call setup message from one VP tunnel to another, the Catalyst 8540 might drop certain information elements that are considered mandatory. This problem might cause compatibility problems with third-party equipment.
Symptom: Configuring a channelized E1 (CE1) Frame Relay 2.048-Mbps ATM port adapter for clear E1 might cause the linecode violation and LES counters to increment continually.
Symptom: The command show atm resources shows that the number of cells in the UBR queue in an MSC increases continuously but slowly.This happens when traffic is sent through a Catalyst 8540 MSR at close to line rate.
Symptom: When an FEC is configured as a part of a bridge group and a topology change occurs, the bridge table might get out of sync with the Layer 2 CAM information.
Workaround: Use the clear bridge command to keep the IOS bridge table and the Layer 2 CAM in sync.
Symptom: atmfAtmLayerConfiguredVCCs might not include the soft PVC count.
If a router connects to an ATM interface on a Catalyst 8540 where soft PVCs are configured, the PVC Discovery feature on the router fails to correctly discover all the configured PVCs and soft PVCs from the switch router. This does not happen if only PVCs are configured.
Symptom: Marker cells are not drained after entering the shutdown/no shutdown command on the interfaces.
Under stress conditions, if there are several hierarchical VP tunnels configured and if the tunnel interfaces are transitioned several times, cells might stay in the switch fabric.
This does not occur on interfaces without hierarchical VP tunnels.
Symptom: If you configure BVI, but do not want to do IP routing at the BVI level, and you have IP addresses for the interfaces in the bridge group, then routing protocols might not work.
Workaround: Remove the interfaces from the bridge group and then add them back into the bridge group.
Symptom: When a large number of bridge groups or bridge group members are configured and IRB is enabled on the devices, reloading one of the devices or configurations might lead to high route processor utilization. The side effect of this is temporary spanning-tree loops, leading to AAL5 buffer exhaustion problems.
Workaround: In this case, if IRB is enabled, you might need to increase the number of buffers on the device using the aal5 buffers command.
Symptom: During route processor switchover, LMI times out on peer interfaces.
The Catalyst 8540 requires about a minute to switch over. The Frame Relay interface might take about a minute before it can respond to any LMI activity.
Workaround: To prevent LMI timeouts on peer interfaces during switchover, configure an LMI timeout longer than the time it takes for the Catalyst 8540 route processor to switch over. Configure lmi-n392dce, lmi-n392dte, lmi-t392dce and lmi-n391dte on the Frame Relay interface so that LMI will not bring down the interface if no LMI activity is seen for about a minute.
Symptom: No means to change the default active switch processor modules is available.
Workaround: If a Catalyst 8540 has three switch processor modules, by default the switch processor modules in slots 5 and 7 come up as the active switch processor modules and the switch processor module in slot 6 comes up as the standby. To change this default, use the following privileged EXEC command:
Two preferred slots must be specified and they must be unique. The range of the slot value is 5 to 7. If one of the preferred slots selected is not a currently active switch processor module, you are asked whether the system should change the active switch processor module to the preferred switch processor module. If such a switchover occurs, all the active connections in the system are reinitialized. If you wish to continue, then the preferred switch processor modules become active and the other switch processor module becomes the standby. This configuration remains in effect until one of the active switch processor modules is removed. The preferred switch processor module configuration is preserved across route processor switchovers. However, the preferred switch processor module setting is lost if the system is power cycled or if both route processors are reloaded to ROM monitor mode.
Symptom: The primary route processor should not be hot swapped.
If a route processor that is currently running IOS is removed from the chassis in a skewed manner, such that the left side of the route processor comes out before the right side does, the traffic through the switch router might stop.
Workaround: There are some precautions to take before removing a route processor module controller from a chassis that is powered-up.
If the route processor module is currently in ROM monitor mode, then it is safe to remove it from the chassis. You can put the route processor in ROM monitor mode from IOS by issuing a reload command if the switch router is not configured to automatically boot. If the switch router is configured to automatically boot, it starts booting IOS again. To ensure that the route processor is in ROM monitor mode before removing it, use the following command:
redundancy prepare-for-cpu-removal
Execute this command on the route processor before removing it. Once this command is entered, the route processor goes to ROM monitor mode and stays there even if the system is configured to automatically boot. At this point, it is safe to remove the route processor from the system.
Enter this command after connecting to the console port of the route processor. If the system has a Y cable, then remove the Y cable and obtain a local connection to the route processor before the command is entered. Enter the command only on a route processor that is in IOS mode, even if it is the secondary route processor.
Symptom: Changing the MAC address for a bridge group member causes route processor bound packets on that interface to be discarded. For a port channel, the problem occurs when the first member is removed from the port channel.
Workaround: When an interface's MAC address is changed, remove the interface from its bridge group and then add it back into the bridge group.
Symptom: Srecord integrity checking is not adequate.
If all the Srecord lines are removed from a functional image file, the file is corrupted and causes problems if downloaded. The reprogram command Srecord integrity checking does not catch this problem.
Symptom: Incorrect coding of the information element "call state."
Information element "call state" incorrectly sets the coding standard to 00 (ITU-T coding standard) instead of 11 as specified in the PNNI specification. This can cause compatibility problems with other vendors' implementations.
Symptom: On the Catalyst 8540 MSR it is not possible to use a VCI value higher than 8191 for soft VCs and PVCs on the same interface module or port adapter where more than one VCI is configured.
Symptom: When a peer switch with UPLINK FAST enabled is connected to a Catalyst 8500 bridge group interface, the virtual MAC address of HSRP for an ACTIVE device in one of the member interfaces of the bridge group is programmed as a REMOTE entry.
Workaround: Use the clear bridge command to update the CAM table.
Symptom: Adjacencies are removed when a bridge table entry ages out. This causes traffic to be routed to the route processor, which might lead to high route processor utilization.
Workaround: Set the ARP timeout value to be less than the bridge age timer.
Symptom: When the fiber port is shut, level 1 does not have a mechanism for disabling the transmit signal. Disabling the fiber mode causes the level 1 chip to cut itself from the optical transceiver, which puts the transceiver in a floating state. The remote connection might pick up the bad signal sent by the transceiver as a good one and declare itself as up. The randomness of this signal causes flapping. This is evident when the fiber ports are connected between the following systems:
When the fiber ports on the Catalyst 8540 CSR and Catalyst 8510 CSR are connected, and the port on Catalyst 8540 CSR is shut, link flapping can occur on the Catalyst 8510 CSR fiber port.
When the fiber ports on two Catalyst 8540 CSRs are connected, link flapping can occur on the fiber port of one of the Catalyst 8540 CSRs when the fiber port on the other the Catalyst 8540 CSR is shut down.
When either a Catalyst 8540 CSR or a Catalyst 8510 CSR are connected to a Catalyst 5000, link flapping can occur on the fiber port of the Catalyst 5000 if it does not detect the shutdown on the fiber port of the Catalyst 8540 CSR or the Catalyst 8510 CSR.
Workaround: Change the hardware to send a constant signal (idle) when the port is shut.
Workaround: No workaround is needed; the route processor HOG messages should not affect the functionality of the device.
CSCdm25175
Symptom: The rate scheduler allocation (rsAlloc) update is accurately based on granularity of the mantissa value and might lead to oversubscription.
During the CAC process, for pure or partial rate scheduled connections, the rate actually programmed in the hardware might exceed the rate requested. This is particularly visible at very high rates, and is due to the granularity in the mantissa value (which cannot be fractional). However, the CAC allocates in its software structures only the rate requested. This might lead to an oversubscription of the rate scheduler.
This problem occurs at very high VC rates, where the CAC algorithm allocates slightly less than what the rate scheduler is programmed with (the difference is less than .03%).
Symptom: The switch router rejects calls with extended QoS parameters.
When ATM QoS for CDV is configured and you specify a soft VC (whether CBR or VBR-RT) from a UNI port which has negotiated a UNI 4.0 connection, this soft VC does not come up.
Symptom: Under certain conditions, some Gigabit Ethernet interface module ports will not come up.
Workaround: If you observe this problem, you might need to upgrade your 10/100BASE-T interface module firmware. Contact your Cisco service representative for more information.
Symptom: Under extreme low memory conditions, if a switch is configured with lots of hierarchical tunnels and LANE components are configured on the cpu port of the switch (or ATM interface of a router), removing a few subinterfaces or many several times can result in a crash. This removal without first cleaning up LANE configuration results in the loss of 6400 bytes of memory.
Workaround: Delete LANE configuration on a subinterface before deleting the subinterface itself.
Symptom: The switch router rate scheduler rounds down the rates (when converting from bits per second to cells per second) when they should be rounded up.
Symptom: When a call setup message traverses a switch router running PNNI on the ingress side and IISP (version 3.0 or 3.1) on the egress side, the message might be corrupted.
Symptom: PNNI load balances connections among alternate paths to a common destination as long as they have the same cumulative admin weight or other cost. However, load balancing currently only takes place among alternate paths with the same number of hops. Longer paths that have identical cumulative costs are not used for on-demand route computations.
Workaround: Configure background route computations or, for soft-VCs, explicit paths can be used to manually load balance some connections on longer paths.
CSCdm13967
%IPX-3-BADINSERT: Duplicate SAP entry insert attempted.
Symptom: The switch router returns a %IPX-3-BADINSERT message when a duplicate SAP entry is made.
Symptom: High route processor utilization if multicast traffic is high. When PIM protocol is configured, non-RPF multicast traffic is forwarded to the route processor.
Symptom: Cell loss occurs between unlike bandwidth interfaces, such as DS3 or T1 and OC-3c, that reside on the same carrier module which has functional image version 1.4 or earlier.
Workaround: Upgrade the carrier module FPGA image to release fi-c8540-scam.A.1-5 or later.
Symptom: The switch router might detect discrepancies between the software configuration and the hardware after a route processor switchover.
Across a route processor switchover, if an outdated (older than and different from the running configuration) start-up configuration synchronization is applied, or if the latest running configuration synchronization fails, then discrepancies might exist between software data structures and hardware programming. Any PVCs are preserved.
Workaround: Use the copy running-config startup-config command before a route processor switchover.
Symptom: Circuit emulation service (CES) might show an interface as UP following a loss of signal (LOS). Also, if the interface is shut down or the uplink ATM is not functioning, CES might fail to send an alarm indication signal (AIS).
Symptom: Messages appear when hot swapping a carrier module.
When you hot swap a carrier module into the Catalyst 8540 chassis, traceback messages such as the following appear on the console of the secondary route processor. These messages are harmless and can be ignored:
IDPROM in slot 10 not properly programmed
IDPROM in slot 12 not properly programmed
01:01:55: %SCHED-2-WATCH: Attempt to lock uninitialized watched semaphore (address0).
Symptom: CES port LEDs on the Catalyst 8540 are inconsistent with those of the LightStream 1010 ATM switch.
The Catalyst 8540 has an LED status configuration that is inconsistent with that of the LightStream 1010 ATM switch on CBR ports. When nothing is connected to the CBR port, the LED status on the LightStream 1010 ATM switch is as follows:
S1=red; S2=red; CD=off
When nothing is connected to the CBR port, the LED status on the Catalyst 8540 is:
Symptom: When downloading an IOS image to the slot 0 Flash memory card on the Catalyst 8510 CSR by way of SNMP, the copy operation fails with a "copyUnknownFailure" message, and the formatting information on the Flash memory card is lost.
Workaround: When downloading an IOS image by way of SNMP, such as with the SWIM (Software Image Management) application of CiscoWorks2000, always use slot 1 instead of slot 0 as the target location of the IOS image.
Symptom: Some tx per-vc counters on both point-to-point and point-to-multipoint connections miscount cells. The cells are transmitted but not counted. The number of missed cells is small relative to the total number of cells counted is approximately 1% in the worst case.
Workaround: Upgrade the switch router feature card FPGA image to release fi-c8540-fc.A.4-17 or later.
Symptom: When you hot swap any interface module with an OC-12c interface module, the correct configuration for the OC-12c interface module in the port mode table does not come up properly.
Workaround: Upgrade the switch router feature card FPGA image to release fi-c8540-fc.A.4-17 or later.
Symptom: A software crash might occur on the switch router running software release 11.2(15)WA3(6). The crash is related to PNNI; the crashing function is pnni_link_av.
Symptom: Occasionally, the show controllersinterface-name command can bring down an interface and the line protocol. The condition that leads to this scenario is random and very infrequent. The end result is that routing/bridging stops on this interface.
Symptom: The Frame Relay port adapter firmware might report CRC errors on a PVC if it receives traffic using the same VPI/VCI/DLCI while the PVC is configured.
The errors only occur while the firmware is still configuring the VC. Once the PVC is configured, the CRC errors stop. Since the frames appear like zero-length AAL5 packets while the firmware is still configuring the VC, the firmware does not increment the discard bytes counter, but does increment the discard frames counter due to the CRC errors.
Workaround: Do not allow traffic to pass on the VC while it is being configured.
Symptom: While toggling the interfaces on the peer switch (the LightStream 1010 ATM switch), the following error message is occasionally displayed on the Catalyst 8540:
04:09:08: process_cubi_cell_list: cubi_oam_upcall returned an error
This occurs when a LECS is configured on the route processor port along with 10 LES/BUS/LECs on the 10 subinterfaces on the route processor port.
Symptom: Unpredictable results might occur if the route processor scheduler allocation is changed in the configuration file.
Workaround: Remove the scheduler allocate command from the configuration file. We recommend that you do not change the default values for this command.
Symptom: Point-to-multipoint PVC preservation across a route processor switchover is not fully supported.
If traffic is flowing through a point-to-multipoint connection when a route processor switchover takes place, then some of the leaves of the connection might not be restored properly. Traffic might continue to flow through all the leaves of the connection even after the switchover, but the output of the show atm vc command might show NO HW RESOURCE for some of the leaves of the connection. In the absence of traffic, all the leaves of a point-to-multipoint connection will be restored properly across a route processor switchover.
Workaround: If possible, shut down traffic on all point-to-multipoint connections before a route processor switchover.
Symptom: The sysConfigName MIB variable value is not set correctly.
If the system is set to autoboot and no explicit boot image is specified, the system boots the default image from the bootflash. In this scenario, the show version command displays the image name as "default image" instead of the actual image name. The MIB variable sysConfigName also returns an empty value.
Symptom: PNNI does not correctly clean up and release some of its data structures after process termination. A PNNI process is terminated when the associated node is either disabled or removed. As a result of not freeing the data structures, the associated memory is unavailable until the next reload.
Symptom: Connections might fail when the connect message includes an end-to-end delay IE. A Catalyst 8540 that is an intermediate switch router passes a bad CONNECT message from one side to another. The CONNECT message shows up as a CONNECT packet that is longer than the actual contents, with junk bytes at the end.
Examples of these connections include UNI 4.0, CBR, and VBR-rt.
Symptom: Reprogramming a network clock module causes a processor reset.
Reprogramming the network clock module on the primary route processor causes the route processor to reload after the download is complete. Power cycle the switch router to make the newly loaded image active.
Symptom: Reprogramming a carrier module might cause the Catalyst 8540 to hang and not reboot.
After successfully reprogramming a revision 4.0 carrier module with FPGA 1.4, the Catalyst 8540 might hang. To recover the switch router, remove the carrier module before rebooting.
Symptom: Disabling tag switching on an interface that carries tagged VCs (TVCs) does not remove the TVCs. Reenabling tag switching on that interface will put it in the "not TDP ready" state.
Symptom: On a Catalyst 8540 system configured with 32 MB of RAM, IPC traffic between the port adapter driver and the firmware can experience a transient failure when the port adapter firmware crashes under heavy traffic conditions. The port adapter recovers from this transient failure if it is reset after waiting for about 2 minutes.
This IPC failure, which is due to an unexpected firmware crash under a heavy load, does not occur on a Catalyst 8540 system configured with 64 MB of RAM.
Symptom: Tag switching and Tag Discovery Protocol (TDP) might cause memory fragmentation.
While running tag switching with a very large number of destinations, continuous toggling of VC merge (which forces all the TDP sessions to restart) on the switch router for a period of time (for example, overnight) causes memory fragmentation in the TDP process.
Symptom: When loading a software version 11.3 or later image on a switch router with 11.2 or earlier image, LECs and other LANE components might fail to come up if they are configured using an ATM address whose first 19 bytes are the same as the active ATM address of the switch router.
The ATM address of the switch router along with the first 128 values for its selector byte should be reserved for use by PNNI. Starting with the 11.3 software version, PNNI supports hierarchy and registers an ATM address for all PNNI nodes using the switch router ATM address with various selector byte values.
Workaround: If LANE components fail to come up because their ATM addresses collide with the reserved ATM addresses for PNNI, reconfigure the LANE components using different addresses. It is recommended that LANE applications use the addresses shown by the show lane default-atm-addresses command, which will eliminate this problem.
Symptom: ADD party requests over a VP tunnel do not work.
On a source node, when adding a subsequent leaf to a VP tunnel that is out of bandwidth, PNNI might reject the route request (for the leaf) leading to an eventual rejection of the ADD party by signaling.
Symptom: An unnecessary lookup for a network configuration file occurs after a route processor switchover.
When a route processor switchover occurs, the new primary route processor that is taking over might look for configuration files from a network server that might not exist. These network configuration file lookups will timeout. This causes some delay during the switchover process.
This error message appears because the tunnel specified in the command has been deleted and the structures pertaining to that tunnel have been released.
Symptom: When a large amount of data is sent out of the Ethernet interface, the interface might become overwhelmed and start generating the following error message:
%SONICT-3-INTERNAL_ERROR: sonic_send: no free tbufs
The interface stops sending data and the transmitter remains stuck.
Workaround: Enter a shutdown/no shutdown command sequence on the interface.
Symptom: Funnel VCs can jeopardize quality of service (QoS) for guaranteed services.
The current multipoint-to-point funnel implementation can compromise the QoS guarantees of other connections (guaranteed services) when the application that created the funnel SVC malfunctions. For example, if the application were to transmit traffic on more than one leg of the funnel VC simultaneously, the rate scheduler on the output interface would oversubscribe and, potentially, affect the peak cell rate (PCR), sustained cell rate (SCR), and maximum cell rate (MaxCR) guarantees for other VCs on the interface.
Symptom: When you set the ROM monitor environment variable to boot a nonexistent file (using the Cisco IOS command boot system flash) and the configuration register is set to 0x2102 (autoboot), the switch router hangs during the subsequent reload command issued by the software.
Workaround: Power-cycle the switch router and send a break character to the switch router within 60 seconds to force it to the ROM monitor prompt. You can then manually reboot the switch router and reconfigure the environment variable.
Symptom: The granularity provided by the switch processor scheduling hardware does not allow an exact match of all requested cell rates. To satisfy the traffic contract guarantee, the next higher available scheduling value is used. A shaped VP tunnel is used frequently to pass data to a WAN VP trunk, and limits the traffic transmission to the scheduled rate. This can cause cells to be dropped in the WAN. Any dropping must be done prior to multiplexing onto the VP, so that a packet discard can be performed.
Symptom: Open Shortest Path First (OSPF) does not recognize more than four parallel interfaces. This might cause some tag switching VCs (TVCs) to not switch to other interfaces if a tunnel carrying the TVCs is shut down.
Workaround: Enter a clear ip route command on the switch router for the interface that was shut, or a clear ip route command on all the switch routers to bring everything back up. If the clear ip route command does not bring everything back up, enter a shutdown/no shutdown command sequence on the UNI interfaces of the switch router that had the closed physical interface.
Symptom: The switch router issues CPU hog messages while setting up many calls.
With a large number of connections installed, a show atm vc command may take longer than 2 seconds to complete. This produces a %SYS-3-CPUHOG error message from the scheduler.
Workaround: If information about a specific VC is desired, to specify the interface and the VPI/VCI needed, use the show atm vc interface command card/subcard/port vpi vci
Symptom: If there are multiple parallel paths to the same destination on the ATM switch router with a switch processor feature card installed, the tag switching VCs (TVCs) should be load balanced on a per network prefix basis over these parallel paths (up to a maximum of four parallel paths) instead of being VC merged. Load balancing does not happen insome cases and the TVCs might be VC merged and go out of the switch router as a single VC.
Symptom: When memory is almost or completely exhausted and a soft PVC goes down, it might not come back up, leaving it in a releasing or inactive state.
Symptom: ATM RMON data collection is not supported on subinterfaces or tunnels.
The atm rmon collect command is accepted on hardware interfaces only; it is ignored on subinterfaces. SNMP and NVGEN support (through portSelTable) is not possible until the interfaces MIB (RFC 1573) entries are added for tunnel subinterfaces. ATM RMON counters for a hardware interface do not include any of the traffic through tunnels configured on the interface.
Symptom: The CDP configuration for a LEC cannot be saved to NVRAM.
When disabling CDP on the atm0.x interface, which has been configured as a LEC, the information is not saved to NVRAM and does not appear in the show running-config command display. CDP is disabled, but the setting reverts to enabled after a reload.
Symptom: The call attempt counters for PortSelectGroups might not count the outgoing calls on the NNI interfaces because of switch router crankback attempts. This might result in a discrepancy between the call attempt counters shown on Portselgroup representing the interface on which the call came in and the counters shown on the Portselgroup representing the interface over which an attempt was made to forward the call. This problem might occur when a call fails.
Symptom: You can create variable bit rate (VBR), available bit rate (ABR), and unspecified bit rate (UBR) VCs across the switch router with peak cell rate (PCR) values greater than the interface line rate. However, the actual allocated bandwidth continues to be:
Symptom: A LECS expects all LESs to establish an individual control VC to the LECS to validate clients.
If different emulated LANs (ELANs) are configured on multiple subinterfaces of the same physical interface, then all LESs multiplex the control messages which validates the clients into a single VC.
For example, see the following LES router configuration:
This configuration of a LECS sends the following warning messages to the console stating that a LES of one ELAN is attempting to obtain information about another ELAN:
%LANE-4-LECS_WARNING: interface ATM0: elan 'sysa_70k_31_a1.4_LAN' LES asking for elan
'sysa_70k_31_a1.1_LAN'
%LANE-4-LECS_WARNING: interface ATM0: elan 'sysa_70k_31_a1.4_LAN' LES asking for elan
'sysa_70k_31_a1.2_LAN'
%LANE-4-LECS_WARNING: interface ATM0: elan 'sysa_70k_31_a1.4_LAN' LES asking for elan
'sysa_70k_31_a1.3_LAN'
The clients are still allowed to join the ELAN. Disregard the warning message.
Symptom: When more than 1000 SVCs are active on an interface and the shutdown command is entered, all SVCs on that interface are released and the following message appears:
%SYS-3-CPUHOG
This message indicates that the release process runs for a long time before returning control to the kernel, which can then schedule other tasks. This process does not affect normal operation of the switch router.
Symptom: Remote defect identification (RDI) cells (sent by an endpoint in response to alarm indication signal [AIS] cells generated at an intermediate switch router with a fault condition on an interface) are not propagated beyond the intermediate switch router. The intermediate switch router removes the connection leg entries for both interfaces participating in the connection when a fault is discovered on one of the interfaces, even though the other interface might still be up. As a result, the RDI cells are dropped at the intermediate switch router.
We recommend that you evaluate the level of CPU utilization and performance in your switch router before turning on AppleTalk. Unlike IP and IPX, AppleTalk routing and processing in the Catalyst 8540 is accomplished by the switch processor, not the interface module. This means that routing AppleTalk packets consumes more processing time than routing other protocol packets. In a switch with a sustained high CPU utilization, turning on AppleTalk could result in longer convergence times for routing protocols like EIGRP. AppleTalk packet throughput is dependent on the amount of available CPU processing power.
The four adjacent ports (such as 0-3 or 4-7) on a 10/100 Fast Ethernet interface must all use the same VLAN encapsulation, that is, either 802.1Q and native, or ISL and native.
When assigning Ethernet interfaces to an EtherChannel, all interfaces must be either Fast Ethernet or Gigabit Ethernet. You cannot mix Fast Ethernet and Gigabit Ethernet interfaces within a single EtherChannel.
Catalyst 8540 interface modules support a maximum of 2 paths. To improve EIGRP or OSPF convergence, set the maximum-paths for the router to 2, using the following command:
The eight-port Gigabit Ethernet interface module is supported on the Catalyst 8540 CSR only. This section describes limitations of the eight-port Gigabit Ethernet interface module.
If your Catalyst 8540 CSR has an eight-port Gigabit Ethernet interface module, you cannot create a port channel that has some members on that module and others on other modules. All port channel members must reside on the same Gigabit Ethernet interface module.
Also, if your switch router has an eight-port Gigabit Ethernet interface module, port channel IDs 57 to 64 are reserved, and cannot be assigned to other external interfaces. If you assign a port channel ID number greater than 56, the system will respond with the following message:
Port channel with ID > 56 cannot be created.
If you have already assigned port channel IDs 57 to 64, you must reassign them before installing an eight-port Gigabit Ethernet interface module.
If your switch router does not have an eight-port Gigabit Ethernet interface module, you can assign port channel ID numbers up to 64.
Online diagnostics, such as access tests, online insertion and removal (OIR) tests, and snake tests, detect and report hardware failures in the Catalyst 8540 during system bootup and operation. The following restrictions apply to the OIR (also known as hot swapping) tests and the snake tests on the Catalyst 8500 CSR:
The OIR tests support all Layer 3 interface modules, with the exception of the ATM uplink interface module and the eight-port Gigabit Ethernet interface module.
The snake test on the Catalyst 8540 CSR is supported on the enhanced Gigabit Ethernet interface module, the ATM uplink with enhanced Gigabit Ethernet interface module, and the Packet-over-SONET uplink with enhanced Gigabit Ethernet interface module. Snake tests are not supported on either the Fast Ethernet interface modules or the Gigabit Ethernet interface modules.
Note Access tests are supported on all Layer 3 interface modules. Refer to the
"Configuring Online
Diagnostics (Catalyst 8540)" section in the
Layer 3 Switching Software and Feature Configuration
Guide for additional information.
The Catalyst 8540 MSR switch routers support extra long haul (1000BASE-ZX) GBICs as follows:
Catalyst 8540 MSR: A maximum of 12 1000BASE-ZX GBICs per system to comply with FCC Class A emissions (CFR 47 Part 15), or 8 1000BASE-ZX GBICs per system to comply with EN55022 Class B emissions (CISPR22 Class B).
Catalyst 8540 CSR: A maximum of 12 1000BASE-ZX GBICs per system to comply with FCC Class A emissions (CFR 47 Part 15), or 8 1000BASE-ZX GBICs per system to comply with EN55022 Class B emissions (CISPR22 Class B).
A Bridge-Group Virtual Interface (BVI) is a virtual interface within the campus switch router that acts like a normal routed interface. A BVI does not support bridging, but it actually represents the corresponding bridge group to routed interfaces within the switch router. The interface number is the link between the BVI and the bridge group.
Layer 3 switching software supports the routing of IP and IPX between routed interfaces and bridged interfaces in the same router, in both fast-switching and process-switching paths. BVIs do not support IP multicast routing.
The Catalyst 8540 CSR supports the use of redundant route processors and switch modules. The second route processor would be installed in slot 8, and an additional switch module would be installed in slot 6.
There are some precautions that need to be taken before removing a route processor module from a chassis that is powered-up. If a route processor module that is currently running IOS is removed from the chassis in a skewed manner such that the left side of the processor comes out before the right side does, the traffic flowing through the device might stop flowing.
To avoid this, make sure the route processor module that is being removed is currently at the ROM monitor prompt; it is then safe to remove it from the chassis. One way to get the system into ROM monitor from IOS is to issue a reload command. This will work if the system is not configured to auto-boot. If the system is configured to auto-boot, it starts booting IOS again.
Since you need to ensure that a route processor is in ROM monitor before removing it, the redundancy prepare-for-cpu-removal command has been added to take the system to the ROM monitor prompt. Execute this command on the route processor being removed before removing it. Once this command is issued, the route processor will go to the ROM monitor prompt and stay there even if the system is configured to auto-boot. At this point it is safe to remove the route processor from the system.
If a Catalyst 8540 has three switch modules, then by default the switch modules in slots 5 and 7 come up as active, and the one in slot 6 comes up as the standby. If you wish to change this default, there is a command that lets you select the "preferred" switch module slots. This command is a privileged exec level command with the following format:
Two unique preferred slots must be specified. The range of the slot value is 5 to 7. If one of the preferred slots is not a currently active switch module, you are informed of this and asked if the system should change the active switch modules to the preferred switch modules. If such a switch-over occurs, all the active connections in the system will be reinitialized. If you wish to continue, then the preferred switch modules become active, and the other switch module becomes the standby. This configuration will remain in effect until either one of the active switch modules is removed.
The preferred switch module configuration is preserved across route processor switch-overs. However, the preferred switch modules setting will be lost if the system is power-cycled or if both route processors are reloaded to the ROM monitor.
Beginning with Cisco IOS Release 12.0(5)W5(13) software, the autonegotiation feature for speed and duplex on 10/100BASE-T Ethernet ports defaults to "on." This means that for each port, the Catalyst 8540 CSR automatically detects the port speed (10 Mbps or 100 Mbps) and duplex of the peer port, if that port also autonegotiates.
To override autonegotiation and set a port to 10 Mbps operation, issue the following command:
(config-if)# speed 10
To set a port to 100 Mbps operation, issue the following command:
(config-if)# speed 100
To set the duplex value for a port to full-duplex, issue the following command:
(config-if)# duplex full
To set the duplex value for a port to half-duplex, issue the following command:
(config-if)# duplex half
Caution If you connect a Catalyst 8540 CSR running Cisco IOS Release 12.0(5)W5(13) software to a switch router running in forced full-duplex mode, you might encounter symptoms such as high collision rate or reduced throughput, as the Catalyst 8540 unsuccessfully tries to autonegotiate with the other device. When autonegotiation fails, the Catalyst 8540 defaults to half-duplex operation, which causes a mismatch between it and the other device. Possible workarounds include forcing the Catalyst 8540 CSR to operate in full-duplex mode or removing the full-duplex command from the other device.
When you connect a Catalyst 8540 CSR to a Catalyst 5000 100BASE-FX MM Ethernet interface module using ISL, ensure that the hardware version on the Catalyst 5000 interface module is 1.3 or higher. You might experience connectivity problems between the Catalyst 8540 CSR and the Catalyst 5000 if the hardware version on the Catalyst 5000 Ethernet interface module is lower than 1.3.
You can use Catalyst 8540 CSR interface modules in a Catalyst 8540 MSR chassis with an MSR route processor and switch modules. Use only CSR (Ethernet) interface modules, and load the CSR software image on the MSR.
Starting with the following software releases, hardware and software functionality interoperability exists between CSR interface modules and MSR interface modules by way of the ATM router module on the MSR chassis running an MSR image:
Cisco IOS Release 12.0(4a)W5(11a) supports interoperability between CSR interface modules and MSR interface modules by way of the ATM router module on the Catalyst 8540 MSR running an MSR image.
Cisco IOS Release 12.0(10)W5(18b) supports interoperability between CSR interface modules and MSR interface modules by way of the ATM router module on the Catalyst 8510 MSR running an MSR image.
The Catalyst 8540 MSR system running Cisco IOS Release 12.0(0.6)W5(1) or later have been certified as Y2K Compliant. For more information, see the following URL: http://www.cisco.com/warp/public/752/2000/.
The following sections describe the documentation available for the Catalyst 8540. Typically, these documents consist of hardware installation guides, software installation guides, Cisco IOS configuration and command references, system error messages, and feature modules that are updates to the Cisco IOS documentation. Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online only.
The most up-to-date documentation can be found on the Web via Cisco.com and the Documentation CD-ROM. These electronic documents might contain updates and modifications made after the hard-copy documents were printed.
These release notes should be used in conjunction with the documents listed in these sections:
For service and support for a product purchased from a reseller, contact the reseller. Resellers offer a wide variety of Cisco service and support programs, which are described in the section "Service and Support" in the information packet that shipped with your product.
Note If you purchased your product from a reseller, you can access Cisco.com as a guest. Cisco.com is
Cisco Systems' primary real-time support channel. Your reseller offers programs that include direct
access to Cisco.com services.
For service and support for a product purchased directly from Cisco, use Cisco.com.
For helpful tips on configuring Cisco products, follow this path on Cisco.com:
Service & Support: Technical Documents(button on left margin)
"Hot Tips" are popular tips and hints gathered from Cisco's Technical Assistance Center (TAC). Most of these documents are also available from the TAC's Fax-on-Demand service. To access Fax-on-Demand and receive documents at your fax machine, call 888-50-CISCO (888-502-4726). From areas outside the United States, call 650-556-8409.
The following sections are provided in the Documents Section of the TAC Web page:
Field NoticesDesigned to provide notification of critical issues regarding Cisco products. These include problem descriptions, safety or security issues, and hardware defects.
Hardware Technical TipsRelated to specific hardware platforms.
Software Technical TipsRelated to specific software products.
Internetworking Technical TipsTips on using and deploying Cisco IOS software features and services.
Sample ConfigurationsActual configuration examples complete with topology and annotations.
Software ProductsCisco TCP/IP Suite 100, Network Management, Cisco IOS Software Bulletins, Internet/Intranet Appliances and Software.
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.
Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, in North America, by calling 800 553-NETS(6387).
If you are reading Cisco product documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.
You can e-mail your comments to bug-doc@cisco.com.
To submit your comments by mail, for your convenience many documents contain a response card behind the front cover. Otherwise, you can mail your comments to the following address:
Cisco Systems, Inc. Document Resource Connection 170 West Tasman Drive San Jose, CA 95134-9883
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For Cisco.com registered users, additional troubleshooting tools are available from the TAC website.
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.
Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online technical support, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.
Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.
The Cisco TAC website is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.
If you cannot resolve your technical issue by using the TAC online resources, Cisco.com registered users can open a case online by using the TAC Case Open tool at the following website:
If you have a priority level 1(P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following website: