|
Table Of Contents
Resolved Caveats—Cisco IOS Release 12.0(23)S6
Resolved Caveats—Cisco IOS Release 12.0(23)S5
Resolved Caveats—Cisco IOS Release 12.0(23)S4
Resolved Caveats—Cisco IOS Release 12.0(23)S3
Resolved Caveats—Cisco IOS Release 12.0(23)S2
Resolved Caveats—Cisco IOS Release 12.0(23)S1
Resolved Caveats—Cisco IOS Release 12.0(23)S
Resolved Caveats—Cisco IOS Release 12.0(22)S6
Resolved Caveats—Cisco IOS Release 12.0(22)S5
Resolved Caveats—Cisco IOS Release 12.0(22)S4
Resolved Caveats—Cisco IOS Release 12.0(22)S3
Resolved Caveats—Cisco IOS Release 12.0(22)S2
Resolved Caveats—Cisco IOS Release 12.0(22)S1
Resolved Caveats—Cisco IOS Release 12.0(22)S
Resolved Caveats—Cisco IOS Release 12.0(21)S8
Resolved Caveats—Cisco IOS Release 12.0(21)S7
Resolved Caveats—Cisco IOS Release 12.0(21)S6
Resolved Caveats—Cisco IOS Release 12.0(21)S5
Resolved Caveats—Cisco IOS Release 12.0(21)S4
Resolved Caveats—Cisco IOS Release 12.0(21)S3
Resolved Caveats—Cisco IOS Release 12.0(21)S2
Resolved Caveats—Cisco IOS Release 12.0(21)S1
Resolved Caveats—Cisco IOS Release 12.0(21)S
Resolved Caveats—Cisco IOS Release 12.0(19)S4
Resolved Caveats—Cisco IOS Release 12.0(19)S3
Resolved Caveats—Cisco IOS Release 12.0(19)S2
Resolved Caveats—Cisco IOS Release 12.0(19)S1
Resolved Caveats—Cisco IOS Release 12.0(19)S
Resolved Caveats—Cisco IOS Release 12.0(18)S7
Resolved Caveats—Cisco IOS Release 12.0(18)S6
Resolved Caveats—Cisco IOS Release 12.0(18)S5
Resolved Caveats—Cisco IOS Release 12.0(18)S3
Resolved Caveats—Cisco IOS Release 12.0(18)S2
Resolved Caveats—Cisco IOS Release 12.0(18)S1
Resolved Caveats—Cisco IOS Release 12.0(18)S
Resolved Caveats—Cisco IOS Release 12.0(17)S7
Resolved Caveats—Cisco IOS Release 12.0(17)S6
Resolved Caveats—Cisco IOS Release 12.0(17)S5
Resolved Caveats—Cisco IOS Release 12.0(17)S4
Resolved Caveats—Cisco IOS Release 12.0(17)S3
Resolved Caveats—Cisco IOS Release 12.0(17)S2
Resolved Caveats—Cisco IOS Release 12.0(17)S1
Resolved Caveats—Cisco IOS Release 12.0(17)S
Resolved Caveats—Cisco IOS Release 12.0(16)S10
Resolved Caveats—Cisco IOS Release 12.0(16)S9
Resolved Caveats—Cisco IOS Release 12.0(16)S8
Resolved Caveats—Cisco IOS Release 12.0(16)S3
Resolved Caveats—Cisco IOS Release 12.0(16)S2
Resolved Caveats—Cisco IOS Release 12.0(16)S1
Resolved Caveats—Cisco IOS Release 12.0(16)S
Resolved Caveats—Cisco IOS Release 12.0(15)S7
Resolved Caveats—Cisco IOS Release 12.0(15)S6
Resolved Caveats—Cisco IOS Release 12.0(15)S3
Resolved Caveats—Cisco IOS Release 12.0(15)S1
Resolved Caveats—Cisco IOS Release 12.0(15)S
Resolved Caveats—Cisco IOS Release 12.0(14)S8
Resolved Caveats—Cisco IOS Release 12.0(14)S7
Resolved Caveats—Cisco IOS Release 12.0(14)S3
Resolved Caveats—Cisco IOS Release 12.0(14)S1
Resolved Caveats—Cisco IOS Release 12.0(14)S
Resolved Caveats—Cisco IOS Release 12.0(13)S8
Resolved Caveats—Cisco IOS Release 12.0(13)S6
Resolved Caveats—Cisco IOS Release 12.0(13)S
Resolved Caveats—Cisco IOS Release 12.0(12)S4
Resolved Caveats—Cisco IOS Release 12.0(12)S3
Resolved Caveats—Cisco IOS Release 12.0(12)S
Resolved Caveats—Cisco IOS Release 12.0(11)S6
Resolved Caveats—Cisco IOS Release 12.0(11)S
Resolved Caveats—Cisco IOS Release 12.0(10)S8
Resolved Caveats—Cisco IOS Release 12.0(10)S7
Resolved Caveats—Cisco IOS Release 12.0(10)S
Resolved Caveats—Cisco IOS Release 12.0(9)S8
Resolved Caveats—Cisco IOS Release 12.0(9)S
Resolved Caveats—Cisco IOS Release 12.0(8)S1
Resolved Caveats—Cisco IOS Release 12.0(8)S
Resolved Caveats—Cisco IOS Release 12.0(7)S
Resolved Caveats—Cisco IOS Release 12.0(6)S
Resolved Caveats—Cisco IOS Release 12.0(23)S6
Cisco IOS Release 12.0(23)S6 is a rebuild release for Cisco IOS Release 12.0(23)S. The caveats in this section are resolved in Cisco IOS Release 12.0(23)S6 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•Symptoms: A description of what is observed when the caveat occurs.
•Conditions: The conditions under which the caveat has been known to occur.
•Workaround: Solutions, if available, to counteract the caveat
Basic System Services
•CSCeb66973
Symptoms: A Cisco router or switch may reload when it attempts to read the ifIndex information from an NVRAM file during the bootup process.
Conditions: This symptom is observed when the NVRAM file is corrupt.
Workaround: Disable the ifIndex persistence.
•CSCed32794
Symptoms: Executing the tftp-server slaveslot0: global configuration command, or any configuration commands related to tftp-server being set to access flash devices on the slave, will cause the slave to reload.
Conditions: This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(23)S5 but is not platform dependent.
Workaround: Configure the tftp-server to access flash devices on the master route switch processor (RSP) only.
Interfaces and Bridging
•CSCin34068
Symptoms: Interfaces may not be created when a channel group is configured on a Cisco 7500 series or a Cisco 7600 series.
Conditions: This symptom is observed only if channel groups are created on an 8-port multichannel T1 port adapter (PA-MC-8T1) and the PA-MC-8T1 is replaced with an enhanced 8-port multichannel T1/E1 PRI port adapter (PA-MC-8TE1+) by performing an online insertion and removal (OIR). After the port adapters are switched, the channel-group configuration on the PA-MC-8TE1+ does not work as expected.
Workaround: Remove the channel-group configuration on a port adapter before performing an OIR and replacing the port adapter with another port adapter.
IP Routing Protocols
•CSCea79487
Symptoms: A Cisco router that is configured with IP multicast may reload because of a bus error.
Conditions: This symptom is observed when a router sends (S,G) R join overrides to a neighbor, and the neighbor times out because of link flaps or because of another reason. The symptom is caused by a timing difficulty and is most likely to occur when you enter the ip pim spt-threshold infinity global configuration command on all routers in the network.
For a list of the affected releases, go to the following location: http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCds31596. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: Delete the ip pim spt-threshold infinity global configuration command from all routers in the network to minimize the occurrence of the symptom.
•CSCec29953
Symptoms: A retransmission counter may not be reset when a neighbor is terminated.
Conditions: This symptom is observed on a Cisco platform that is running Open Shortest Path First (OSPF) when the retransmission limit default (12 or 24) is added to the retransmission mechanism.
Workaround: Clear the OSPF process by entering the clear ip ospf process pid privileged EXEC command. Then, enter the limit retransmissions non-dc disable router configuration command.
•CSCec51206
Symptoms: A memory allocation failure (MALLOCFAIL) from the I/O memory pool may occur.
Condition: This symptom is observed on a Cisco router that receives excessive multicast control traffic.
Workaround: Apply a quality of service (QoS) policy map to limit the rate of the multicast control traffic that can be received by the router.
•CSCin52817
Symptoms: A Cisco router may reload unexpectedly when you manually reload the router.
Conditions: This symptom is observed when Open Shortest Path First (OSPF) LSAs are being "maxaged" while you manually reload the router. This situation may occur because of a fluctuating network and is an extreme corner case that cannot be reproduced on demand. The symptom is very unlikely to occur.
Workaround: There is no workaround.
Miscellaneous
•CSCdw33267
Symptoms: The router may not resolve all dependent routes for a path again.
Conditions: This symptom is observed if the shutdown interface command followed by the no shutdown interface configuration command is issued on the next hop router on a Cisco router that has Multiprotocol Label Switching (MPLS) enabled.
Workaround: A clear ip route for the affected prefix would take down all the paths and ensure that they are rebuilt and hence reresolved. Also the problem does not arise if a shutdown is not performed.
•CSCdx83297
Symptoms: A software-forced reload may occur due to an I/O memory corruption and redzone overrun.
Conditions: This symptom is observed on a Cisco 7200VXR or VIPs with the following Port Adaptors installed: PA-MC-2T1, PA-MC-4T1, PA-MC-8T1, PA-MC-8DSX1, PA-MC-2E1,PA-MC-8E1, PA-MCX-4TE1,PA-MCX-8TE1, PA-MCX-8TE1+, PA-MC-8TE1+.
Workaround: There is no workaround.
•CSCea08050
Symptoms: A Cisco router may reload if the show ip access- list access-list-name command is performed on an existing reflexive access-list.
Conditions: This symptom is observed on a Cisco 3620 router that is running Cisco IOS Release 12.3(13).
Workaround: There is no workaround.
•CSCea11455
Symptoms: After applying the maximum of 32 Committed Access Rate (CAR) rules and removing them, subsequent attempts to add any new input CAR (iCAR) rules may not be applied, and the router may generate an error message.
Conditions: This symptom is observed on a Cisco 12000 series Engine (E4) Packet-over-SONET (POS) line card.
Workaround: Reload the router.
•CSCea72540
Symptoms: A Performance Route Processor (PRP) may reload after the following error message is displayed:
PRP-3-ASM_CORRUPT_PTR
Conditions: This symptom is observed on a Cisco 12000 series on which a defective 1-port OC-192 Packet-over-SONET (POS) Enhanced Services (ES) Engine line card is installed. The symptom occurs because error recovery does not function properly.
Workaround: There is no workaround.
•CSCea87364
Symptoms: Distributed Cisco Express Forwarding (DCEF) may become disabled on a Versatile Interface Processor (VIP) or Cisco 12000 series line card (LC), and the following error message may appear on the console:
%FIB-3-FIBDISABLE: Fatal error, slot 12: Window did not open, LC to RP IPC is non-operationa
Conditions: This symptom is observed on a Cisco 7500 series VIP2-50 and VIP4- 80 in which ATM OC-3 port adapters such as the PA-A1-OC3 or PA-A3-OC3 are installed when the Cisco 7500 series is upgraded to Cisco IOS Release 12.0(24) S or Release 12.0(24)S1. This symptom is also observed on a Cisco 12000 series LC during significant, prolonged routing table churn.
Workaround: Reload CEF on the VIP or LC by entering the clear cef linecard slot-number EXEC command.
Alternate Workaround: Restart the VIP by performing an online insertion and removal (OIR). Restart the LC by executing the hw-module slot slot # reload command.
•CSCeb22276
Symptoms: Some Simple Network Management Protocol (SNMP) packets may linger in the input queue while they are processed. However, the packets do exit the queue on their own without any intervention from the user. This fix allows these packets to be removed from the queue more quickly.
Conditions: This symptom is observed on a device that runs Cisco IOS software and that supports SNMP operations. In addition, the SNMP request must contain a valid community string.
Workaround: Protect the SNMP community strings with good password management. Permit SNMP traffic only from trusted devices.
•CSCeb27452
Symptoms: A Cisco router that functions in a Multiprotocol Label Switching (MPLS) environment may reload unexpectedly with a bus error.
Conditions: This symptom is observed under rare circumstances when the router attempts to send an Internet Control Message Protocol (ICMP) packet that was triggered by an MPLS packet.
Workaround: There is no workaround.
•CSCeb56909
Cisco Routers running Internetwork Operating System (IOS) that supports Multi Protocol Label Switching (MPLS) are vulnerable to a Denial of Service (DoS) attack on MPLS disabled interfaces.
The vulnerability is only present in Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. Releases based on 12.1 mainline, 12.1E and all releases prior to 12.1 are not vulnerable.
More details can be found in the security advisory which is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml.
•CSCeb75449
Symptoms: Cisco Express Forwarding (CEF) interface tables may become corrupted on a Cisco 12000 series line card, causing traffic to be dropped and the following error message to be logged by the affected line card:
%ADJ-3-ADJFIBIDB: Adjacency update with invalid fibidb(1)
This situation may cause some or all of the CEF interface information to be removed from the affected line card, which you can verify in the output of the show cef interface EXEC command for the affected line card.
Conditions: This symptom is observed on a Cisco 12000 series that runs Cisco IOS Release 12.0(26)S when a series of clear cef linecard EXEC commands are executed in quick succession.
Workaround: Enter the clear cef linecard EXEC command just once for the affected line card.
•CSCeb79576
Symptoms: An outgoing label may not be installed in the Label Forwarding Information Base (LFIB) for an IP version 4 (IPv4) prefix.
Conditions: This symptom is observed when the prefix is learned via a Border Gateway Protocol (BGP) session. This situation may occur when the prefix is deleted in the Label Information Base (LIB) and not allocated to any local label binding.
Workaround: There is no workaround.
•CSCec07487
Symptoms: An interface may not transmit traffic because the output may be stuck. When this symptom occurs, the console of the Route Switch Processor 4 (RSP4) may display the following error messages:
%ISDN-6-LAYER2DOWN: Layer 2 for Interface Se1/0/2:15, TEI0 changed to down %ISDN-6-LAYER2DOWN: Layer 2 for Interface Se1/0/1:15, TEI0 changed to down %ISDN-6-LAYER2DOWN: Layer 2 for Interface Se1/0/3:15, TEI0 changed to down %RSP-3-RESTART: interface Serial1/0/0:15, not transmitting
Output Stuck on Serial1/0/0:15
%RSP-3-RESTART: interface Serial1/0/1:15, output frozen
%RSP-3-RESTART: interface Serial1/0/2:15, not transmitting
%RSP-3-RESTART: cbus complex
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.1(19)E1 when the compress stac caim interface configuration command is configured on the interface. The symptom may also occur in other releases.
Workaround: Remove the compress stac caim interface configuration command from the interface.
•CSCec11122
Symptom: A Cbus Complex may occur and the packet memory may be recarved, causing a temporary disruption in service.
Conditions: This symptom is observed on a Cisco 7500 series when you install an 8-port multichannel T1/E1 PRI port adapter (PA-MC-8TE1+) or an enhanced 2-port T1/E1 high-capacity port adapter (PA-VXC-2TE1+) and when you configure the port adapter via the command-line interface (CLI) for E1 or T1.
Workaround: There is no workaround. Try to install the port adapter during a maintenance window.
•CSCec32648
Symptoms: A Frame Relay interface line protocol and/or routing protocol states continually go down.
Conditions: The problem occurs on Frame Relay interfaces of 512 Kbps or lower bandwidth with a service-policy output command referring to a policy map that contains the priority command, whenever the interface is congested for more than 30 seconds with packets larger than 512 bytes.
Workaround: There is no workaround.
•CSCec33028
Symptoms: A 1-port E3 serial port adapter (PA-E3) may fail to recover to the "up/up" state even when the original cause of the failure is corrected.
Conditions: This symptom is observed on a Cisco 7500 series.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface of the PA-E3.
•CSCec34274
Symptoms: An Engine 4+ (E4+) Gigabit Ethernet (GE) line card in a Cisco 12000 series that is running Cisco IOS Release 12.0(26)S may reload and display one of the following sets of error messages:
1. %MCC192-3-CPUIF_ERR: Underrun Error: Read Pointer crosses Write Pointer.
2. %FIB-3-FIBDISABLE: Fatal error, slot #: IPC Failure: timeout %CPUIF-3-NO_MEM: sendreq_freeq is NULL.
Conditions: This symptom occurs when the line card receives a bad IP packet whose actual length does not match what the IP header indicates.
Workaround: There is no workaround.
•CSCec45985
Symptoms: Fabric handling may fail because of unknown events.
%FABRIC-0-OPERATIONAL: Fabric handling failed: Unknown eventreceived by the fab process %SCHED-3-THRASHING: Process thrashing on watched boolean нFIA queyrн.
-Process= "Fabric", ipl= 6, pid= 11
-Traceback= 50235770 50235864 50407968 5021E644 5021E630
Conditions: This symptom is observed on a Cisco 12410 series Internet router that has an 8xOC3 ATM Engine 3 line card and a 4xOC12 POS Engine 3 line card that is configured with 150 VPN routing/forwarding (VRF) interfaces. The router is running Cisco IOS Release 12.0(23)S4.
Workaround: There is no workaround.
•CSCec48008
Symptoms: An interface may have an ifIndex value of 4294967295 (-1) and some interfaces may not be in the ifTable.
Conditions: This symptom is observed when a system is in Stateful Switchover (SSO) mode and then is configured to change the redundancy mode to Route Processor Redundancy Plus (RPR+). The standby Performance Routing Engine (PRE) then restarts. If new interfaces are added to the system (the ifTable) at this point and the primary PRE is not reloaded, the symptom occurs.
Workaround: Perform a reload of both Route Processors (RPs).
Alternate workaround: Perform a forced switchover from SSO mode to RPR+ mode.
•CSCec54090
Symptoms: The following message is observed after executing shutdown subinterface of ATM:
%GENERAL-3-EREVENT: c10k_atm_vc_state_change: No current_if_info
Conditions: This symptom is observed on a Cisco 10008 Internet router that is running the Cisco IOS image c10k-p10-mz.120-23.S3b under the following conditions:
1. ATM interface: down/down with pvc configuration on subinterface.
2. ATM interface: initializing/down with no LC and pvc configuration on subinterface.
This error message can be observed when executing no shut/shut subinterface in the above conditions.
Workaround: There is no workaround.
Further Problem Description: When main ATM interface is down (could be either admindown or down), create a point-to-point atm subinterface with vbr-nrt vc in shutdown state. Then deleting pvc underneath the atm subinterface, or deleting the atm subinterface itself, can cause the losing of bandwidth on ATM interface.
For more details, look at the Release-note for CSCed62971.
•CSCec75189
Symptoms: Two interfaces may have the same Cisco Express Forwarding (CEF) interface description block (IDB) when the following configuration sequence occurs:
1) You create a subinterface.
2) You delete this subinterface.
3) You create another subinterface.
4) You recreate the first subinterface.
Conditions: This symptom is observed on a Cisco 7500 series that runs Cisco IOS Release 12.0 S or Release 12.2 S.
Workaround: There is no workaround. Reload the router to clear the condition.
•CSCec77478
Symptoms: When a Cisco IOS software image runs on a standby Performance Routing Engine (PRE) together with an older version of Cisco IOS software that runs on the primary PRE, the following error message may appear on the standby router:
%IDBINDEX_SYNC-3-IDBINDEX_ENTRY_LOOKUP: Cannot find IDB index table entry: "", 79
After a switchover from the primary PRE to the standby PRE occurs, the interfaces for which the above error messages appear may not be able to send or receive packets.
Conditions: This symptom is observed on a Cisco 10000 series during a Fast Software Upgrade (FSU) operation.
Workaround: There is no workaround.
•CSCec79849
Symptoms: A line card may experience high CPU usage, and report alignment and spurious memory access error messages.
Conditions: This symptom is observed on the line card of a Cisco 12000 series Internet router.
Workaround: There is no workaround.
•CSCec81198
Symptoms: A service policy may not attach to an interface. When you enter the show policy-map interface EXEC command, the output displays all counters at 0.
Conditions: This symptom is observed on a Cisco router when a policy map is configured on an IP Services Engine (ISE) line card for the Cisco 12000 series router with policing set to less than 64 kbps, and the Cisco IOS software is being upgraded from a release prior to 12.0(26)S up to Cisco IOS Release 12.0(26)S.
Workaround: Make sure that the policing rate is larger than 64 kbps. The service policy may then be attached to the interface.
•CSCec82298
Symptoms: A software-forced reload may occur on a Cisco 12000 series router.
Conditions: This symptom is observed on a Cisco 12000 series router after a service policy is enabled.
Workaround: There is no workaround.
•CSCec88027
Symptoms: An Engine 4 Plus (E4+) Gigabit Ethernet (GE) or Fast Ethernet (FE) line card that is configured with Any Transport over MPLS (AToM) may fail.
Conditions: This symptom is observed on an E4+ GE or FE line card on a Cisco 12000 series router that is running Cisco IOS Release 12.0(26)S as soon as a soft online insertion and removal (OIR) is performed on the primary clock scheduler card (CSC).
Workaround: There is no workaround.
•CSCec89151
Symptoms: The link LED light of a Gigabit Ethernet (GE) line card on a Cisco 12000 series does not light if the port is shut down and brought back up (i.e., shutdown).
Conditions: This symptom is observed on a Cisco 12000 series when the no negotiation auto interface configuration command is entered on the router.
Workaround: Remove the optical RX cable, and then reconnect the cable.
•CSCed02859
Symptoms: During installation of a router on an OC-48 DPT/RPR ring, the ring became unstable, and 5 Cisco 12000 series routers reloaded, one reloading twice.
Conditions: This symptom is observed on a mix of Cisco 12016 routers and Cisco 12416 routers that are running Cisco IOS Release 12.0(23)S3 3DES software.
Workaround: There is no workaround.
•CSCed03356
Symptoms: The deletion of an ATM subinterface may occasionally cause a secondary Performance Routing Engine (PRE) to reload.
Conditions: This symptom is observed on a Cisco 10000 series that has two PREs that are configured for high availability.
Workaround: There is no workaround. However, the symptom does not affect performance. The primary PRE continues to forward traffic. The secondary PRE will reload if it is configured to do so.
•CSCed10778
Symptoms: A failure of an active Route Processor (RP) may cause the standby RP to fail also.
Conditions: This symptom is observed in Cisco 12000 series Internet routers.
Workaround: There is no workaround.
•CSCed14064
Symptoms: On a Cisco router that is configured with LLQ, there is queueing on the real time queue.
Conditions: This symptom is observed on a Cisco 10000 ESR that is configured with LLQ.
Workaround: There is no workaround.
•CSCed15797
Symptoms: On Engine 2 (E2) n-port OC3 line cards for the Cisco 12000 series router, the pos delay triggers path router configuration command does not implement the specified delay. This results in the link being brought down for Path Alarm Indication Signal (PAIS) or Path Remote Defect Indication (PRDI) defects whose duration is smaller than the specified delay time.
Conditions: This symptom is observed in all releases of Cisco IOS Release 12.0 ST and in all releases of 12.0 S beginning with Release 12.0(22)S.
Workaround: There is no workaround.
•CSCed20379
Symptoms: A 6-port CT3 line card crashed due to a Cache Parity Exception. The router will not reload.
Conditions: This symptom occurs on a Cisco 12000 series router that is running Cisco IOS Release 12.0(23)S3 image c12kprp-p-mz.
Workaround: There is no workaround.
•CSCed27956
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•CSCed29752
Symptoms: On a Cisco 12000 series router that is performing the Label Edge Router (LER) functionality, packets may leave the outbound interface unlabeled if the ingress line card is an ISE even though the destination network appears as tagged in the CEF and TFIB table.
Conditions: This problem has been observed to IP destination addresses using a recursive route. If the problem occurs, the corresponding outputs of show ip cef prefix display an outbound label for the appropriate next-hop. But the output of show ip hardware-cef for this IP address does not display any label.
Further Problem Description: IP packets entering an MPLS network should be labeled if an LDP neighbor is established and the appropriate entries are in the RT, FIB and TFIB. The label imposition takes place in hardware of ISE on the ingress line card. Thereby the hardware information has to follow the control plane information. If the problem is present the control plane information looks consistent but it is not coincident with the hardware information of the ingress line card.
Workaround: There is no workaround.
•CSCed33627
Symptoms: A 3-port Gigabit Ethernet (GE) line card may show BMA error, then run error recovery.
Conditions: This symptom is observed on a Cisco 12008/40 router that is running Cisco IOS 12.0(23)S5. It is configured as an MPLS inter-AS ASBR. It is also configured as a PE router. When entering the shut command followed by the no shut command on a POS interface on a 8POS LC, the 3GE LC will show BMA error.
Workaround: There is no workaround.
•CSCed38527
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•CSCed39059
Symptoms: The tag forwarding table for a line card on Cisco platforms that have distributed (i.e. linecard based) forwarding, such as the Cisco 7500 Series and the Cisco 12000 Series, may not have complete entries even though the Route Processor (RP) does. This results in ingress tagged traffic being dropped for the missing tag forwarding entries.
Conditions: This symptom is observed on Cisco platforms that have distributed (i.e. linecard based) forwarding in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment with a provider edge (PE) router to customer edge (CE) router link.
The problem is more likely to happen if the PE to CE link experiences quick flaps of an interface (i.e. goes down and come back up in a very small amount of time (e.g. 2 sec)). Although this can happen on any linecard, this situation is more likely to happen on the Engine 3(E3) channelized OC48 line cards due to its quick flapping behavior.
Note: There are additional prerequisites for this bug to happen. These are:
- The defect affects routers that are: (a) MPLS VPN PE routers or (b) routers that exchange labels for ipv4 BGP routes.
- For (a) there should be recursive routes on the PE that go over the PE-CE link (this could be either BGP learnt recursive routes or static recursive routes). Also, these recursive routes have the link's CE side ip address as their nexthop.
- There should be a less specific route to get to the nexthop (this can be a default route). This applies for (a) and (b).
Workaround: There is no workaround.
•CSCed44319
Symptoms: A file that is copied to an ATA disk may become corrupted.
Conditions: This symptom is observed on any Cisco IOS image that contains the fix for CSCdz27200. The problem does not occur on a disk that is formatted with 16 or less sectors/cluster
Workaround: Use an ATA disk that is formatted with 16 or less sectors/cluster.
•CSCed44793
This caveat consists of two separate systems, conditions, and workarounds.
Symptoms 1: A router may reload after a switchover to the standby processor.
Conditions 1: This symptom is observed on a Cisco Route Switch Processor (RSP).
Workaround1: There is no workaround.
Symptoms 2: After a switchover to a standby processor, the indices of the interfaces in the system may be changed by mistake. This may cause problems with forwarding packets and may cause other inconsistencies.
Conditions 2: This symptom is observed on a Cisco 12000 series router.
Workaround 2: There is no workaround.
•CSCed47409
Symptoms: In Cisco IOS software that is running Multiprotocol Label Switching (MPLS), a router may reload after accessing a freed Label Information Base (LIB) entry. When the symptom occurs, an error message similar to the following is likely to precede the reload:
%TIB-3-LCLTAG: 10.10.10.10/10.10.10.10, tag advert; unexpected tag state=13
Conditions: This symptom is observed when a very uncommon timing of a Label Distribution Protocol (LDP) events occurs. The symptom may occur with LDP or Tag Switching Distribution Protocol (TDP).
Workaround: There is no workaround.
•CSCed68575
Cisco Internetwork Operating System (IOS) Software releases trains 12.0S, 12.1E, 12.2, 12.2S, 12.3, 12.3B and 12.3T may contain a vulnerability in processing SNMP requests which, if exploited, could cause the device to reload.
The vulnerability is only present in certain IOS releases on Cisco routers and switches. This behavior was introduced via a code change and is resolved with CSCed68575.
This vulnerability can be remotely triggered. A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS).
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-snmp.shtml
•CSCed68763
Symptoms: Engine 2 line cards may fail upon clearing BGP peers.
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(27)S.
Workaround: There is no workaround.
•CSCed72340
Symptoms: Some MQC commands on 4xOC3 and 8xOC3 ISE line cards on Cisco 12000 series routers may result in a message similar to the following:
% Service policy on FR sub-interface POS1/1.2 must be hierarchical.
Due to the error, no policy is applied to the interface. Even though the running configuration has the policy on the interface, the policy will not take effect.
Conditions: This symptom is observed on Cisco 12000 series routers.
Workaround: There is no workaround.
•CSCin35896
Symptoms: The outgoing label for a prefix that is received through Border Gateway Protocol (BGP) IP version 4+ (IPv4+) labels may not be installed in the Tag Forwarding Information Base (TFIB).
Conditions: This symptom is observed if the router that performs a BGP IPv4+ label exchange receives a label withdraw request for an MPLS label from a BGP peer that is followed by a readvertisement of the label. This symptom occurs if the no mpls ip global configuration command followed by the mpls ip global configuration command is executed on the peer router; however, the label withdraw request may be triggered in other ways also.
Workaround: Enter the clear ip route prefix EXEC command to correct the symptom.
•CSCin57765
Symptoms: A router may become unresponsive and may reload when you append a file whose size is not a multiple of 512 bytes to an Advanced Technology Attachment (ATA) flash card (for example, boot disk, disk0, disk1).
For example, this situation may occur when you enter the show command | tee /append url privileged EXEC command.
Conditions: This symptom is observed on a Cisco platform that runs a Cisco IOS image that contains the fix for caveat CSCdz27200 and that utilizes an ATA flash card. A list of the affected releases can be found at http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdz27200. Cisco IOS software releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: Write the output of the show command to a new file instead of appending it to an existing file by entering the show command | tee url privileged EXEC command.
•CSCuk41728
Symptoms: A router may reload.
Conditions: This symptom is observed when Web Cache Communication Protocol (WCCP) and Cisco Express Forwarding (CEF) are both enabled on the router.
Workaround: Disabling CEF is a possible workaround, but this workaround may impact the performance of the router.
•CSCuk48314
Symptoms: During an SSO switchover, the newly active Route Processor (RP) may output the following error message:
%SCHED-7-WATCH: Attempt to monitor uninitialized watched queue (address 0).
-Process= "CEF LC IPC Background"
This error is harmless, and no functional problem will occur when this error is received.
Conditions: This symptom occurs during an SSO switchover.
Workaround: There is no workaround.
Wide-Area Networking
•CSCec83030
Symptoms: A parity error on a Versatile Interface Processor (VIP) card may cause other VIPs to go to a wedged state.
Conditions: This symptom is observed on a Cisco 7500 series router.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(23)S5
Cisco IOS Release 12.0(23)S5 is a rebuild release for Cisco IOS Release 12.0(23)S. The caveats in this section are resolved in Cisco IOS Release 12.0(23)S5 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•Symptoms: A description of what is observed when the caveat occurs.
•Conditions: The conditions under which the caveat has been known to occur.
•Workaround: Solutions, if available, to counteract the caveat.
Interfaces and Bridging
•CSCeb38393
Symptoms: A Cisco 7500 series may generate the following message on its console:
%VIP-3-BADMALUCMD: Unsupported MALU command 81/82
Conditions: This symptom is observed on a Cisco 7500 series that is running Cisco IOS Release 12.0(23)S1.
Workaround: There is no workaround.
IP Routing Protocols
•CSCeb17467
Symptoms: A Cisco router may reload when Border Gateway Protocol (BGP) is configured to carry Virtual Private Network version 4 (VPNv4) routes.
Conditions: This symptom is observed when VPNv4 import processing occurs simultaneously with a BGP neighbor reset, for example, when a VPN routing and forwarding (VRF) instance is configured and you enter the clear ip bgp * privileged EXEC command.
Workaround: There is no workaround.
•CSCeb22359
Symptoms: A Cisco 12000 series may reload when you enter the show bgp ipv6 unicast or show bgp ipv6 multicast user EXEC or privileged EXEC mode command.
Conditions: This symptom is observed when IP version 6 (IPv6) multicast is configured.
Workaround: There is no workaround.
•CSCeb85136
Symptoms: After a Performance Routing Engine 1 (PRE1) cutover in Route Processing Redundancy Plus (RPR+) mode in a Stateful Switchover (SSO) image, no virtual circuit (VC) is recovered.
Conditions: This symptom is observed when the high availability (HA) configuration mode is changed to the RPR+ mode from the default SSO mode on an SSO image when the HA cutover is completed.
Workaround: There is no workaround.
•CSCec23559
Symptom: A Cisco router running Multicast Source Discovery Protocol (MSDP) may reload when the show ip mdsp peer peer-address advertised-SAs user EXEC/privileged EXEC command is entered.
Condition: These symptoms are only observed on a router that is running MDSP.
Workaround: 1)Enter the no ip domain-lookup command in global configuration mode. 2)If the ip host {name} {address1} global configuration command is configured, the host name should not be more than 36 characters.
IP Routing Protocols
•CSCec16481
A Cisco device running Internetwork Operating System (IOS) and enabled for the Open Shortest Path First (OSPF) Protocol is vulnerable to a Denial of Service (DoS) attack from a malformed OSPF packet. The OSPF protocol is not enabled by default.
The vulnerability is only present in IOS release trains based on 12.0S, 12.2, and 12.3. Releases based on 12.0, 12.1 mainlines and all IOS images prior to 12.0 are not affected. Refer to the Security Advisory for a complete list of affected release trains.
Further details and the workarounds to mitigate the effects are explained in the Security Advisory which is available at the following URL:
http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml.
ISO CLNS
•CSCdz30118
Symptoms: On a Cisco router, Intermediate System-to-Intermediate System Version 6 (IS-ISv6) routes may not be inserted in the IPv6 routing table after a reload or after a neighbor's interface state changes. This symptom affects only configurations with level-2-only links.
Conditions: This symptom may be observed on Cisco routers that are running Cisco IOS Release 12.0(22)S.
Workaround: Use the clear isis * privileged EXEC command after a reload or after a topology change. Use level 1-2 links.
Miscellaneous
•CSCdx59391
Symptoms: A Cisco 7500 series router that acts as the penultimate hop of the backup Label Switched Path (LSP) and that is configured with the mpls traffic-eng signalling interpret explicit-null verbatim router configuration command may have the primary LSP go down when Fast ReRoute (FRR) is enabled on the router.
Conditions: This symptom is observed on a Cisco 7500 series that has Multiprotocol Label Switching (MPLS) traffic engineering (TE) configured.
Work around: Do not configure the mpls traffic-eng signalling interpret explicit-null verbatim router configuration command.
•CSCdy42383
Symptoms: A router may not load balance traffic properly between two OC-48 Packet over SONET (POS) Engine 2 (E2) line cards.
Conditions: This symptom is observed on a Cisco 12416 series Internet router that is running Cisco IOS Release 12.0(21)ST2 and that has two OC-48 POS E2 line cards.
This symptom is observed while the Cisco 12416 has incoming traffic from an Engine 4 (E4) line card and outgoing traffic is sent through the E2 line card via parallel links. This symptom does not occur if the incoming card is replaced with an E2 line card.
Workaround: There is no workaround.
•CSCdy67021
Symptoms: When an hw-module slot <x> reload is issued on the server card, some error messages plus tracebacks appear. Sessions are also nonoperational.
Conditions: This symptom occurs on Cisco 12000 series routers that are running Cisco IOS Release 12.0(22)S.
Workaround: There is no workaround.
•CSCdy74384
Symptoms: Per Interface Rate Control (PIRC) does not act on IP traffic that would have otherwise been tagged (MPLS) if the current hop was not the pin- ultimate hop for a given destination. PIRC does not act on IP traffic with destination addresses that have an implicit-null label as their label binding.
Conditions: This symptom is observed on a Cisco 12000 series router.
Workaround: There is no workaround.
•CSCdz17192
Symptoms: A 4-port OC-3 Packet-over-SONET (POS) Engine 0 line card that is installed in slot 14 of a Cisco 12416 may reload because of a bus error. In the output of the show context all EXEC command, the value of the badVaddr field is 0x14.
Conditions: This symptom is observed on a Cisco 12416 that runs Cisco IOS Release 12.0(21)S1, Release 12.0(23)S2, or Release 12.0(23)S3. More 12.0 S releases may be affected.
Workaround: There is no workaround.
•CSCdz30140
Symptoms: When creating IP version 6 (IPv6) Access Control Lists (ACLs), the following message is displayed several times:
%Access list already exists with these parameters
In some cases, looking at the ACL indicates unwanted commands that are added, such as the following:
permit ipv6 any any sequence 20
deny 0 any any sequence 30
These statements cannot be removed from the ACL. In other cases, lines of the ACL are modified. If a remark is added to the ACL once, then it will be repeated in ACL several times.
Conditions: These symptoms are observed in Cisco IOS releases from Cisco IOS Release 12.0(23)S to Cisco IOS Release 12.0(26)S. The symptoms are seen only when the router has dual gigabit route processors (GRPs) installed and with different redundancy modes configured.
Workaround: There is no workaround.
•CSCdz35216
Symptoms: A router permanently pauses when removing certain types of policies from the interface.
Conditions: This symptom is observed on a Cisco router if the policy has bandwidth configured on class-default. When this policy is removed, the router permanently pauses.
Workaround: There is no workaround.
•CSCdz35426
Symptoms: A primary Route Processor (RP) and a standby RP may not load the correct image when a Cisco 12000 series router is reloaded.
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S2 or an earlier release when all of the following conditions are present:
- An Advanced Technology Attachment (ATA) disk or a Flash card such as a Personal Computer Memory Card International Association (PCMCIA) card is installed in both the primary RP and the standby RP.
- The Route Processor Redundancy (RPR) mode is enabled.
- The boot system tftp ip-address global configuration command is enabled in the configuration.
The symptom does not occur when the Route Processor Redundancy plus (RPR+) mode or the Stateful Switchover (SSO) feature is enabled.
Workaround: Use the RPR+ mode or the SSO feature.
Alternate Workaround for Cisco IOS Release 12.0(22)S2 only: After the RPs have booted up, remove the boot system tftp ip- address global configuration command from the configuration and execute the upgrade rom-monitor EXEC command to enable the ROM monitor to be upgraded.
•CSCdz53693
Symptoms: The ip access-group interface configuration command does not function on a PortChannel interface.
Conditions: This symptom is observed in Cisco IOS Release 12.0(23)S1.
Workaround: There is no workaround.
•CSCdz54497
This caveat consists of two symptoms, two conditions, and two workarounds:
Symptom 1: The interface index of a tunnel interface may be corrupt, and the output of the show running-config privileged EXEC command may display the following information:
%FIB-2-IFINDEXILLEGAL: An internal software error occurred. Argument ifindex is out of bounds at -1.
Condition 1: This symptom is observed on a Cisco 7500 series after a switchover has occurred and you first add a tunnel interface, then remove the tunnel interface, and then add the tunnel interface again.
Workaround 1: There is no workaround.
Symptom 2: Cisco Express Forwarding (CEF) may not form adjacencies across a 2-port multichannel T3 port adapter (PA-MC-2T3+) as is indicated in the output of the show cef interface type number EXEC command (in this example, serial interface 12/0/0/8:0 is used):
% CEF IDB corresponding to Serial12/0/0/8:0 is not found
Condition 2: This symptom is observed on a Cisco 7500 series after a switchover has occurred and you first add a serial interface, then remove the serial interface, and then add the serial interface again.
Workaround 2: There is no workaround.
•CSCdz57717
Symptoms: When Stateful Switchover (SSO) is configured and you enter the hw-module reload privileged EXEC command on a 4-port OC3 ATM line card before the standby Route Processor (RP) has come up completely, the standby RP may reload.
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(24)S.
Workaround: There is no workaround.
•CSCdz63644
Symptoms: After a Performance Routing Engine 1 (PRE1) cutover in Route Processing Redundancy Plus (RPR+) mode in a Stateful Switchover (SSO) image, no virtual circuit (VC) is recovered.
Conditions: This symptom is observed when the high availability (HA) configuration mode is changed to the RPR+ mode from the default SSO mode on an SSO image when the HA cutover is completed.
Workaround: There is no workaround.
•CSCdz66770
Symptoms: Tag Distribution Protocol (TDP) may not convey the label change information for a prefix that is learned via an exterior Border Gateway Protocol plus (EBGP+) label to its TDP peers.
Conditions: This symptom is observed on a Cisco 7500 series when TDP is used. The symptom does not occur when Label Distribution Protocol (LDP) is used.
Workaround: There is no workaround.
•CSCea05010
Symptoms: An outgoing adjacency for a Virtual Private Network (VPN) routing/forwarding (VRF) prefix always points to a virtual interface in distributed Cisco Express Forwarding (dCEF).
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S5.
Workaround: There is no workaround.
•CSCea16628
Symptoms: An Engine 3 (E3) Gigabit Ethernet line card may reload or cause the router that it is installed on to reload.
Conditions: This symptom is observed when an E3 Gigabit Ethernet line card that has 1000 VLANs and that is sending line rate IP version 6 (IPv6) traffic on the VLANs is reloaded.
Workaround: There is no workaround.
•CSCea52387
Symptoms: An Engine 3 (E3) line card may exhibit "ALPHA" errors and reload.
Conditions: This symptom is observed on a Cisco 12000 series that has per- prefix accounting configured when the clear ip route * privileged EXEC command is entered to delete IP routing table entries.
Workaround: Disable per-prefix accounting.
•CSCea72654
Symptoms: A Cisco router that is running Multiprotocol Label Switching (MPLS) may reload after a message similar to the following is generated:
%SYS-3-OVERRUN: Block overrun at 5414B2C8 (red zone 00000000)
Conditions: This symptom is observed when more than 672 Label Distribution Protocol (LDP) sessions are established simultaneously and when LDP cannot perform some background tasks for an advertised Label Information Base (LIB) entry before the local label is changed or withdrawn.
Workaround: There is no workaround.
•CSCea75184
Symptoms: A memory allocation (malloc) failure may occur during a Cisco Express Forwarding (CEF) process on a redundant Route Processor (RP) and may cause the redundant RP to stop processing queued CEF update messages that are sent by the active RP. This malloc failure may be observed in the output of the show cef linecard EXEC command.
Because the redundant RP no longer processes CEF update messages that are sent by the active RP, the message queue on the active RP continues to grow, causing the free memory of the active RP to decrease. The rate of this decrease depends on the rate of prefix changes in the network. The continued growth of the message queue eventually results in a malloc failure on the active RP, or results in CEF being disabled.
Conditions: This symptom is observed on a Cisco router that is configured with redundant RPs.
Workaround: Reload the redundant RP by entering the hw-module secondary-cpu reset EXEC command.
•CSCea86724
Symptoms: A Cisco router that is configured for IP over Multiprotocol Label Switching (MPLS) may reload. CPUHOG messages may be displayed on the console before the router reloads.
Conditions: This symptom is observed in configurations with many interfaces or IP addresses, or with a very large number of labelled prefixes.
Workaround: There is no workaround.
•CSCeb01400
Symptoms: At least 30 percent of the CPU of a Performance Routing Engine 1 (PRE-1) may be utilized to process flows, causing the number of packets that are processed per second to be much lower than you would expect.
Conditions: This symptom is observed on a Cisco 10000 series when NetFlow and NetFlow export are enabled and when there is a large number of flows (more than 10,000).
Workaround: Disable NetFlow.
Alternate Workaround: Reduce the number of entries in the NetFlow cache of the Route Processor (RP) by entering the ip flow-cache entries 1024 global configuration command. Doing so reduces the load of the CPU of the PRE-1. Note that the primary cache is located on the Parallel Express Forwarding (PXF) processor and supports a fixed number of 512 entries.
•CSCeb06981
Symptoms: The traceroute privileged EXEC command may not work for the IP address of a generic routing encapsulation (GRE) tunnel in a Multiprotocol Label Switching (MPLS) network, and the router at the receiving end may generate traceback error messages.
Conditions: This symptom is observed in an MPLS network when you configure a generic routing encapsulation (GRE) tunnel between a Cisco 10000 series that is configured as a provider edge (PE) router and another PE router.
Workaround: To determine a path in the MPLS network, shut down the GRE tunnel and enter the traceroute privileged EXEC command for the IP address of the physical link.
Alternate Workaround: Reload the microcode onto the Parallel Express Forwarding (PXF) by entering the microcode reload pxf privileged EXEC command.
•CSCeb28065
Symptoms: A Cisco router that is configured for IP over Multiprotocol Label Switching (MPLS) may reload.
Conditions: This symptom is observed when Label Distribution Protocol (LDP) peers of the Cisco router advertise a large number of IP addresses because interfaces flap or are configured.
Workaround: There is no workaround.
•CSCeb58067
Symptoms: In a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) network, when primary traffic engineering (TE) tunnels are configured between provider edge (PE) routers, and these primary TE tunnels are configured for Fast Reroute (FRR) link protection, a 50-ms convergence time may not be achieved in the core of the network, even when very small VPN routing and forwarding (VRF) prefix tables are configured.
Conditions: This symptom is observed when the PE headend router is the point of local repair (PLR). The PE headend router is the router that performs VPN label imposition, that functions as the primary TE tunnel headend, and that functions as the uplink to a provider (P) router.
Workaround: There is no workaround. Note that FRR link protection functions correctly for IP version 4 (IPv4) traffic and for Any Transport over MPLS (AToM) traffic. Also, note that FRR link protection functions correctly for VPN traffic on PLRs other than the PE headend that is mentioned in the conditions, such as a P router that functions as a link to another P router, and a P router that functions as a downlink to a PE router.
•CSCeb58214
Symptoms: An IP packet with multiple fragments sent through a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(23)S, 12.0(24)S, 12.0(25)S, or 12.0(26)S may drop small fragments of the packet when MPLS Label disposition takes place, which exposes the underlying IP packet.
Conditions: The egress line card must be an Engine 4+ variant for this to occur, and the fragment must have the MF bit set with an IP payload of 8, 16 or 24 bytes.
Workaround: Configure an explicit null label for the prefix, which creates a TAG to TAG switching path instead of a TAG to IP path.
•CSCeb77582
Symptoms: A 1-port OC-12 ATM line card may reset after the Forwarding Information Base (FIB) is disabled because of interprocess communications (IPC) failures, as is shown by the following error messages:
%GRP-3-BAD_STATE: Slot:6 State:Launching Fabric Downloader -Traceback= 18BA90 3BC3E4 2C7E34 2C891C 2C8BEC
%GRP-3-BAD_STATE: Slot:6 State:Launching Fabric Downloader -Traceback= 18BA90 3BC3E4 2C7E34 2C891C 2C8BEC
%FIB-3-FIBDISABLE: Fatal error, slot 6: IPC Failure: timeout %GRP-4-RSTSLOT: Resetting the card in the slot: 6,Event: EV_AUTO_LC_RELOAD_ON_FIBDISABLE
%GRP-3-BAD_STATE: Slot:6 State:In Reset -Traceback= 18BA90 3BC3E4 305DA4 3067C4 306850 306FA8 3070C0
Conditions: This symptom is observed on a Cisco 12416 that runs the c12kprp-p-mz image of Cisco IOS Release 12.0(23)S3 and that is configured with the following line cards:
- One 1-port OC-12 ATM line card
- Two 4-port OC-3 Packet-over-SONET (POS) line cards
- Two 4-port OC-12 POS line cards
- Two 4-port OC-48 POS line cards
- Two 3-port Gigabit Ethernet line cards
Workaround: There is no workaround.
•CSCeb81538
Symptoms: An Engine 4 line card may reload when an Engine 2 line card sends a corrupt Multiprotocol Label Switching (MPLS) packet.
Conditions: This symptom is observed on a Cisco 12000 series that is configured for MPLS.
Workaround: There is no workaround.
•CSCeb85985
Symptoms: Simple Network Management Protocol (SNMP) values that are retrieved by the snmpget command may be inconsistent compared to the SNMP values that are shown on an interface.
Conditions: This symptom is observed on a Cisco 12000 series that runs in a Multiprotocol Label Switching (MPLS) environment when you use SNMP to retrieve various counter values from a Packet-over-SONET (POS) interface.
Workaround: There is no workaround.
•CSCeb86270
Symptoms: In Cisco IOS software that is running Multiprotocol Label Switching (MPLS), the Label Distribution Protocol (LDP) peer address table may become corrupted and cause the router to reload.
Conditions: This symptom may be observed in situations where three or more routers have advertised the same IP address in LDP address messages. This normally happens when routers have been misconfigured but in very rare circumstances may be done deliberately.
The circumstance can be recognized by the presence of the following error message:
%TAGCON-3-DUP_ADDR_RCVD: Duplicate Address 10.0.0.1 advertised by peer 10.2.2.2:0 is already bound to 10.1.1.1:0
If only one such message is seen for a given IP address—10.0.0.1 in the above example—then only two routers have advertised the IP address, and only the second is being treated as a duplicate. At least one more such message should be seen if at least three routers have advertised the IP address in question.
Workaround: The problem does not happen in typical configurations because duplicate addresses are not configured. If such a configuration is accidentally done, the failure may be avoided if the configuration is corrected before the LDP session to any of the involved peers goes down. If the configuration is deliberate, there is no workaround.
•CSCec00523
Symptoms: Under certain conditions, for example Stateful Switchover (SSO) or entering the clear cef linecard EXEC command, the Engine 3 line cards in a router reload with error messages related to ALPHA errors in the table look-up (TLU) stage. The following strings in the error message will be seen:
"%EE48-3-ALPHAPAIR: RX ALPHA: TLU PAIR registers"
Conditions: This symptom occurs only when there are loadbalance paths for Multiprotocol Label Switching (MPLS) traffic, and some route changes occur.
Workaround: Ensure that there are no loadbalance paths.
•CSCec09193
Symptoms: When a subinterface is configured with a subinterface number value larger than 65535, the protocol enabled on this subinterface may not be in the proper state for correct operation after the switchover.
Conditions: These symptoms have been observed on Cisco platforms with redundant Route Processors operating in stateful switchover (SSO) redundancy mode.
Workaround: Limit the subinterface number value to an integer less than 65535 while configuring subinterfaces.
•CSCec12991
Symptoms: The Sampled NetFlow (SNF) cache is empty on a 3-port Gigabit Ethernet (GE) interface card.
Conditions: This symptom is observed on a GE interface card when Multiprotocol Label Switching (MPLS) is configured on one port and SNF is on another port of the GE card.
Workaround: If MPLS is not configured, SNF functions correctly.
•CSCec13559
Symptoms: On Packet-over-SONET (POS) Engine 2 line cards for a Cisco 12000 series router, IP2TAG traffic does not get rate limited by Per Interface Rate Control (PIRC).
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S5.
Workaround: There is no workaround.
•CSCec14259
Symptoms: Quality of service (QoS) multicast packets are not correctly marked on input.
Conditions: This symptom is observed on a Cisco router when ingress QoS multicast packets are classified. The precedence or Differentiated Services Code Point (DSCP) bit is ignored and misclassified.
Workaround: There is no workaround.
•CSCec16725
Symptoms: Ethernet over Multiprotocol Label Switching (EoMPLS) disposition fails for egress Packet-over-SONET (POS) Engine 4 plus (E4+) line card. Tag bytes increment as traffic comes in, but nothing is sent out the egress 3-port Gigabit Ethernet (GE) interface.
Conditions: This symptom is observed on a Cisco 12416 router that is running Cisco IOS Release 12.0(22)S5.
Workaround: Use a different card or router for the EoMPLS disposition but do not use the E4+ line card.
•CSCec17262
Symptoms: In a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) network, if a Cisco 10720 router receives an MPLS packet with an IP version 4 (IPv4) option underneath it, the MPLS packet has two or more labels, and the router attempts to untag all labels, the Parallel Express Forwarding (PXF) processor may reload.
When this symptom occurs in the MPLS VPN network, egress provider edge (PE) routers may reload. The packets that cause the routers to reload are Internet Control Message Protocol (ICMP) echo and echo reply packets with record route options. Other types of IPv4 options may also cause the routers to reload.
Conditions: The symptom is observed on a Cisco 10720 that functions as an MPLS VPN PE router. The symptom does not occur in a basic MPLS network without VPN, where there is only one label.
Workaround: There is no workaround.
•CSCec18944
Symptoms: When the ROM of an active Performance Route Processor (PRP) is upgraded, the PRP may pause indefinitely. When the ROM of the standby PRP is upgraded, the upgrade may cause an exception and the standby PRP may reload.
Conditions: These symptoms have been observed when ROM upgrades are performed, and the up all all or up rom slot-number commands are configured on the active and standby PRPs.
Workaround: There is no workaround.
•CSCec20473
Symptoms: A 3-port Gigabit Ethernet (GE) line card may stop transmitting traffic.
Conditions: This symptom is observed on a Cisco 12000 series that is configured as a Multiprotocol Label Switching (MPLS) provider edge (PE) router that is running Cisco IOS Release 12.0(25)S1.
Workaround: Use the hw-module slot x reload privileged EXEC command.
•CSCec30795
Symptoms: If traffic passes on multiple ports of an 8-port Fast Ethernet (FE) card and the shutdown interface configuration command is entered on one of the traffic-flowing ports, all the other ports stop passing traffic.
Conditions: This symptom is observed on a Cisco 10000 series with an 8-port Fast Ethernet (FE) card that is running a Performance Routing Engine 1 (PRE1) image of Cisco IOS Release 12.0(23)S4. There is no special configuration required to experience this symptom. Ports that pass traffic with a basic default configuration will experience the symptom.
Workaround: Enter the no shutdown interface configuration command to free the other ports. Do not shut down any port on an 8-port Half Height (HH) FE line card until a fix is available.
•CSCec31790
Symptoms: The following error may cause a Cisco 10000 series to reload:
%ERR-1-GT64120 (PCI-0): Fatal error, Memory parity error (external)
Conditions: This symptom is observed on a Cisco 10000 series when a single bit Error-Correcting Code (ECC) error is detected in the Synchronous Dynamic RAM (SDRAM).
Workaround: There is no workaround.
•CSCec37164
Symptoms: The following symptoms occur with a traceroute from a remote Customer Edge (CE) router to a local CE router with TTL set to expire at the Provider Edge (PE) router attached to the local CE.
-If the IP packet length of the traceroute is equal to or less than 72 bytes, the Provider Edge (PE) router replies with an ICMP TTL expired message with the VPN interface address.
-If the IP packet length of the traceroute is equal to or more than 73 bytes, the PE replies with an ICMP TTL expired message with the MPLS core interface address.
Condition: These symptoms have been observed in an MPLS VPN environment, with a Cisco 12000 series Internet router running Cisco IOS Release 12.0(23)S4 used as the PE and a 3-Port Gigabit line card used as the MPLS and VPN interface.
Workaround: There is no workaround.
•CSCec37416
Symptoms: An IP Services Engine (ISE) line card on a Cisco 12000 series Internet router running Cisco IOS Release 12.0(25)S1 or 12.0(24)S2 shows the following log messages that can lead to the line card being reset:
SLOT 4:Sep 20 22:59:46: %EE48-3-ALPHAERRSS: RX ALPHA: ALPHA_CPU_IF100_INT error 1400 control FFFF03FF
SLOT 4:Sep 20 22:59:46: %EE48-3-ALPHAERR: RX ALPHA: error: cpu int 1 mask 277FFFFF ...
SLOT 4:Sep 21 07:16:20: %LC-3-ERRRECOVER: Corrected a transient error on line card. ...
SLOT 4:Sep 21 07:16:40:: %EE48-3-ALPHAFLOW: rx alpha netflow: Out of order add-delete reports
Conditions: These symptoms are observed only under a load when full (non-sampled) aggregated Netflow (ip route-cache flow) is configured on an ISE line card interface.
This problem is not seen with Cisco IOS Release 12.0(25)S, 12.0(25)S2, 12.0(24)S1,and 12.0(26)S. It has been observed with Cisco IOS Release 12.0(25)S1 and 12.0(24)S2.
Workaround: There is no workaround, except to remove full aggregated Netflow.
•CSCec38222
Symptoms: The OC192E/POS-VSR line card is reloaded with watchdog timeout (sig=23) by process = IPC Seat Manager on a Cisco 12416 router that is running Cisco IOS Release 12.0(23)S3. The log message displays the following:
SLOT 10:Sep 22 20:08:21.291: %MBUS_SYS-3-ENQUEUE: Failed to queue message from slot 6 stream 3
SLOT 10:Sep 22 20:09:22.287: %MBUS_SYS-3-ENQUEUE: Failed to queue message from slot 6 stream 3
SLOT 10:Sep 22 20:09:44.727: %SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IPC Seat Manager.
-Traceback= 400EBCB4 400EF7F0 400E7534 405B620C 405B6438 40597C64 40558AD0 40559248 4011C728 405676F8 400C2874 400C286
Conditions: This symptom occurs because the watchdog timeout (sig=23) by process = IPC Seat Manager in OC192E/POS-VSR line card.
SLOT 10:Sep 22 20:09:44.727: %SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IPC Seat Manager.
Workaround: There is no workaround. When this symptom occurs, the line card is automatically reloaded.
•CSCec42012
Symptoms: A Cisco 12008 router displays the following error message:
"%FABRIC-0-INIT"
at boot up. Switch fabric card (SFC) incorrectly recognizes a "Primary Clock" as *CSC_0*.
Conditions: This symptom is observed on Cisco 12008 routers that are running Cisco IOS Release 12.0(21)ST5 or later releases.
Workaround: There is no workaround.
•CSCec42163
Symptoms: While running Cisco IOS Release 12.0(22)S3, a Cisco 10720 router may reload with the following logs displayed:
%TOASTER-2-FAULT: T0 HW Exception: CPU[t0r3c3] NULLRD at 0x0C94 LR 0x0818 %TOASTER-2-FAULT: T0 Exception summary: CPU[t0r3c3] Stat=0x00000006 HW=0x00000800 LB=0x00000000 SW=0x00000000
Conditions: This symptom occurs only after adding a new subinterface to the router, and traffic starts passing on it.
Workaround: There is no workaround.
•CSCec48925
Symptoms: When running in non-redundant PRE mode, after a crash, the line cards do not get reset. In rare cases, after Cisco IOS software reloads, there may be a mismatch between the Cisco IOS software and the line card so that the line card does not pass traffic.
Conditions: These symptoms have been observed after Cisco IOS is restarted after a crash when running in non-redundant PRE mode. Anything that goes through the formal reload path (with a single PRE1 in the system) will properly reset the line cards on the way down. This fix resets the cards on the way up as well in case they weren't reset on the way down.
Workaround: There is no workaround. However, after a Cisco IOS software crash, if a line card is not passing traffic, resetting the line card might fix the issue. A reload of the chassis will definitely fix the issue.
•CSCec50935
Symptom: An Engine 2 line card crashes.
Condition: This symptom is observed when Traffic Engineering (TE) tunnels are configured.
Workaround: There is no workaround
•CSCec59882
Symptoms: A Reverse Path Forwarding (RPF) check should be disabled for bootp packets with the source IP address 0.0.0.0 and the destination IP address 255.255.255.255. However, PXF currently disables RPF checks for all packets with the source IP address 0.0.0.0.
Conditions: These symptoms have been observed on Cisco IOS Release 12.0(22)S and later.
Workaround: There is no workaround.
Wide-Area Networking
•CSCdx72556
Symptoms: Link Control Protocol (LCP) negotiations may fail, and a "failed to negotiate with peer" message may be displayed.
Conditions: This symptom is observed on a Cisco universal access server if the peer sends more than five Configure-Negative acknowledgments (CONFNAKs) or Configure-Rejects (CONFREJs) on the link for the current or previous LCP negotiation.
Workaround: Configure the ppp max-failure 10 command on the link to allow the remote peer to exhaust the Negative acknowledgment (NAK) or Reject acknowledgment (REJ) count and resume negotiations before the Cisco universal access server drops the link.
•CSCec13050
Symptoms: A router may reload when doing a show running-config command after creating a channelized group interface.
Conditions: This symptom may be observed if channelized interfaces had previously been created, configured with Frame Relay encapsulation and subsequently deleted without removing the encapsulation first.
Workaround: Remove the Frame Relay encapsulation before deleting the channel group interface.
Resolved Caveats—Cisco IOS Release 12.0(23)S4
Cisco IOS Release 12.0(23)S4 is a rebuild release for Cisco IOS Release 12.0(23)S. The caveats in this section are resolved in Cisco IOS Release 12.0(23)S4 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•Symptoms: A description of what is observed when the caveat occurs.
•Conditions: The conditions under which the caveat has been known to occur.
•Workaround: Solutions, if available, to counteract the caveat.
Basic System Services
•CSCdv46906
Symptoms: A router may send linkUp traps with the loclfReason attribute set as "Down" and linkDown traps with the loclfReason attribute set as "Up."
Conditions: This symptom is observed on a Cisco router.
Workaround: Query the link status using the command-line interface (CLI) or Simple Network Management Protocol (SNMP).
•CSCdz60890
Symptoms: The ifIndex may not synchronize when you use third-party vendor software with Cisco IOS software and a standby router comes up after a Stateful Switchover (SSO) has occurred.
Conditions: This symptom is observed on a Cisco 12416 that is running Cisco IOS Release 12.0(24)S and that has line cards that are configured with about 2000 Gigabit Ethernet (GE) subinterfaces.
Workaround: Reduce the number of GE subinterfaces. (For example, with only 10 GE subinterfaces, the symptom does not occur.)
•CSCdz87017
Symptoms: Information about a port adapter (PA) may be missing from the output of a show diag command.
Conditions: This symptom is observed on a controller with a memory size of 128 MB DRAM and 8192 KB SRAM. The controller displays the following information:
PA Bay 0 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 0 HW rev 0.00, Board revision UNKNOWN Serial number: 00000000 Part number: 00-0000-00
PA Bay 1 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 1 HW rev 1.00, Board revision A0 Serial number: 08534388 Part number: 73-1688-04
Workaround: There is no workaround.
•CSCeb11253
Symptoms: A Cisco router may reload because of a watchdog timeout condition when you poll the ciscoEnvMonTemperatureStatusValue MIB variable.
Conditions: This symptom is observed when the MIB variable has an index that is larger than 6. Indexes 0 to 6 are valid indexes; indexes that are larger than 6 are not valid indexes.
Workaround: There is no workaround.
•CSCuk38757
Symptoms: The cardIfTable table is not correctly populated for channelized interfaces. All of the entries return a value of "-1".
Conditions: This symptom is observed on a Cisco 7500 series that is running Cisco IOS Release 12.0(22)S.
Workaround: There is no workaround.
EXEC and Configuration Parser
•CSCeb29079
Symptoms: When any command that triggers the nonvolatile generation (NVGEN) process is executed through a new vty session, certain interface configuration commands that support the Best Effort Method, such as the ip vrf interface configuration command, the ntp disable interface configuration command, and the service-policy output interface configuration command, may not properly synchronize with a standby Route Processor (RP) or Performance Routing Engine (PRE) because of a failure in the post NVGEN process.
For example, when you enter the ip vrf interface configuration command while the show running-config privileged EXEC command is being executed in a Telnet session, the configuration of the ip vrf interface configuration command may not properly synchronize with the standby RP or PRE, and a "Post NVGEN failure" message may be generated.
Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(23)S2 or a later release.
Workaround: Do not enter commands that trigger the NVGEN process while you configure commands that support the Best Effort Method.
IP Routing Protocols
•CSCdy13646
Symptoms: A Cisco 12416 router may reload because of a watchdog timeout in the Border Gateway Protocol (BGP) I/O process.
Conditions: This symptom is observed when a Cisco 12416 router that is configured with 575 BGP peers and three 1-port OC-12 ATM line cards, each of which is configured with 500 ATM permanent virtual connection (PVC) subinterfaces, is booted with Cisco IOS Release 12.0(22)S.
Workaround: There is no workaround.
•CSCdz14924
Symptoms: When the customer edge (CE) peer of a provider edge (PE) router has the neighbor default-originate router configuration command enabled, which enables the PE router to send the default route to the CE, the default route may be sent with the wrong mask (255). When this situation occurs, the CE router sends a notification that states that an illegal network entry has occurred and flaps the session.
Conditions: This symptom is observed on a Cisco 7200 series router that functions as a PE router but may also occur on another platform that functions as a PE router.
Workaround: There is no workaround.
•CSCdz70283
Symptoms: A router may reload when a Virtual Private Network (VPN) neighbor is deleted.
Conditions: This symptom is observed on a Cisco router that has a VPN neighbor.
Workaround: There is no workaround.
•CSCea01405
Symptoms: A customer edge (CE) router may reject next-hop routes to a provider edge (PE) router.
Conditions: This symptom is observed when the PE router does not advertise itself as the next hop to the CE router that is configured for external Border Gateway Protocol (eBGP).
Workaround: Configure the PE router as the BGP next hop for the CE router by entering the neighbor ip-address next-hop-self router configuration command on the PE router.
•CSCea52921
Symptoms: A router may inadvertently remove link-state advertisements (LSAs) from the retransmission list and prevent the Open Shortest Path First (OSPF) neighbor from receiving the latest version of the LSA. This behavior may cause some prefixes to be unreachable.
Conditions: This behavior may occur when the LSA is not received by the neighboring router and the LSA must be retransmitted. While the LSA is waiting in the neighbor retransmission queue, certain events may cause a regeneration of the same LSA. If there is no change in the LSA, the router may mistakenly remove the LSA from the retransmission queues of all neighbors.
Workaround: This symptom normally stops occurring after the LSA is refreshed. If this symptom continues to occur, unconfigure and reconfigure the network global configuration command.
•CSCea60188
Symptoms: A Border Gateway Protocol (BGP) next-hop router may not redistribute Virtual Private Network (VPN) routes.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.0 S or Release 12.2 S.
Workaround: There is no workaround.
•CSCeb57086
Symptoms: A Cisco 10000 series that is configured with two Performance Routing Engine 1 (PRE-1) processors may stop functioning as a redundant system.
Conditions: This symptom is observed when you enter the bgp upgrade-cli router configuration command.
Workaround: Reload the standby PRE-1.
•CSCin51310
Symptoms: You may not be able to configure the ip vrf receive interface configuration command.
Conditions: This symptom is observed when the interface on which you attempt to configure the ip vrf receive interface configuration command does not have an IP address configured.
Workaround: First configure an IP address on the interface, then enter the ip vrf receive interface configuration command on the interface.
Miscellaneous
•CSCdy32809
Symptoms: Engine 4 plus (E4+) line cards may not fragment outgoing pings properly, causing pings of packets with a size that is larger than the maximum transmission unit (MTU) to fail.
Conditions: This symptom is observed on E4+ line cards (4-port OC-48 and 1- port OC-192 line cards) that are installed in a Cisco 12000 series.
Workaround: For pings, use packets with a size that is smaller than the MTU.
•CSCdy41594
Symptoms: On a Cisco 10000 series edge services router (ESR) that has a Channelized OC-12 line card and is configured for Synchronous Digital Hierarchy (SDH) framing, the controllers and interfaces will not come up if you configure an "AU-4-TUG-3" other than number 1.
Conditions: These symptoms have been observed only when "AU-4-TUG-3" number 1 has not been configured. Once the number 1 controller has been configured, all other controllers function properly.
Workaround: Configure the number 1 "AU-4-TUG-3" controller before configuring any others. The controller needs to remain configured for the other controllers to work, even if it is not used.
•CSCdz30278
Symptoms: A secondary Route Processor (RP) may reload.
Conditions: This symptom is observed on a Cisco router that is configured for Stateful Switchover (SSO) when a static route in the format "ip route 10.10.10.10 255.255.255.255 ethernet4/0/1" is configured on the primary RP.
Workaround: There is no workaround.
•CSCdz42789
Symptoms: When you configure a Virtual Private Network (VPN) on a router that is configured with dual Route Processors (RPs), a VPN routing/forwarding (VRF) table ID that is associated with a particular VRF instance may have different values in the active RP and the standby RP. This situation causes failures in the processing of Cisco Express Forwarding (CEF) interprocess communication (IPC) messages on the standby RP for CEF IPC messages that contain an inconsistent VRF table ID, and CEF may be disabled.
Inconsistent VRF table IDs may also cause a memory loss on the standby RP, and when a switchover occurs from the active RP to the standby RP, more difficulties may occur.
Conditions: These symptoms are observed on router that is configured for Stateful Switchover (SSO) when VRF instances are deleted.
Workaround: There is no workaround; however, these actions minimize the occurrence of the symptoms:
–Ensure that no VRF instances are deleted.
–If VRF instances are deleted, wait for few minutes for the deletion to be completed on the active RP before you configure new VRF instances. The output of the show ip vrf EXEC command displays the deleted VRF instances (a "*" in front of a VRF instance indicates that the VRF instance is being deleted).
–If you install a new RP and VRF instances have been deleted from the configuration of the active RP, reload the router.
•CSCdz48366
Symptoms: The configuration of commands may cause additional memory to be held by an execute process.
Conditions: This symptom is observed when commands are configured on a Cisco router.
Workaround: If the execute process belongs to a terminal session or a console session, terminate the execute session by entering the exit command.
•CSCdz69177
Symptoms: A spurious memory access may occur on the Versatile Interface Processor (VIP) of a Cisco 7500 series, even though the VIP does not reload.
Conditions: This symptom is observed when Multiprotocol Label Switching (MPLS) forwarding is enabled.
Workaround: There is no workaround.
•CSCdz81721
Symptoms: If the no shutdown interface configuration command is entered on interfaces that are already in the "up" state, the interfaces enter the "down" state.
Conditions: This symptom is observed on the interfaces of a 16-port OC-3 Packet over SONET (POS) line card that is installed on a Cisco 12000 series.
Workaround: Reload the router to bring up the interfaces.
•CSCea29102
This caveat consists of two symptoms, two conditions, and two workarounds:
1. Symptoms: A Route Processor (RP) may reload when you enter the clear ip bgp * privileged EXEC command while interfaces flap continuously.
Conditions: This symptom is observed when Virtual Private Network (VPN) routing/forwarding (VRF) forwarding is configured on the interfaces that flap.
Workaround: There is no workaround.
2. Symptoms: An RP may reload when you simultaneously enter the clear ip bgp * privileged EXEC command and perform an online insertion and removal (OIR) by entering the hw-reload reset EXEC command.
Conditions: This symptom is observed when you perform an OIR of an interface that has a VRF configuration in which the connected route is learned via a network statement. The connected route is removed when you perform the OIR.
Workaround: Do not simultaneously enter the clear ip bgp * privileged EXEC command and perform an OIR.
•CSCea34003
Symptoms: A 4-port OC-48 Packet-over-SONET (POS) Engine 4 plus (E4+) line card may stop forwarding traffic after you reload microcode onto the line card.
Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S, Release 12.0(23)S, Release 12.0(24)S, or Release 12.0(25)S and that is functioning as a provider edge (PE) router in a Carrier Supporting Carrier configuration when the 4-port OC- 48 POS E4+ line card interconnects the Cisco 12000 series and a customer edge (CE) router.
Workaround: Enter the clear ip bgp privileged EXEC command on the Cisco 12000 series.
•CSCea42298
Symptoms: The E3 controller of a 1-port multichannel E3 port adapter (PA-MC-E3) card is missing from the IF-MIB and DS3-MIB MIBs.
Conditions: This symptom is observed when you run the IF-MIB MIB or DS3-MIB MIB for a PA-MC-E3. The symptom occurs in all Cisco IOS releases.
Workaround: There is no workaround.
•CSCea42620
Symptoms: A Tag Forwarding Information Base (TFIB) Virtual Private Network version 4 (VPNv4) entry on an Autonomous System Boundary Router (ASBR) for a prefix may not be reinstalled, causing traffic for this prefix to continue to flow to a provider edge (PE) router via the previous best path.
Conditions: This symptom is observed in a Multiprotocol Label Switching (MPLS) VPN interautonomous system environment in which ASBRs are performing VPNv4 exchanges and in which a Border Gateway Protocol (BGP) session is active.
The ASBR on which the TFIB VPNv4 entry is not installed should receive a prefix from a Route Reflector (RR) that selects the best of two available paths between the RR and two PE routers. Both PE routers should allocate the same label for the prefix. The PE router to which the best path leads should withdraw the prefix.
Workaround: Clear the BGP session on the ASBR that is connected to the RR.
Alternate Workaround: Withdraw the prefix from the ASBR and readvertise the prefix by clearing the prefix on the PE router that advertises the prefix.
•CSCea48741
Symptoms: After a single transmit buffer management (TBM) error occurs on an 8- port OC-3 ATM line card, the line card may stop forwarding inbound and outbound traffic.
Conditions: This symptom is observed on a Cisco 12000 series.
Workaround: There is no workaround.
•CSCea56694
Symptoms: A Cisco 10000 series may reload because of a bus error exception.
Conditions: This symptom is observed if a label value of 500 or greater is entered in the label-value argument of the show hardware pxf cpu mpls labels label-value privileged EXEC command such as in the following examples:
Router#
show hardware pxf cpu mpls labels 500or
Router#
show hardware pxf cpu mpls labels 2-500The Cisco 10000 series does not reload if a label value of less than 500 is entered in the label-value argument of the show hardware pxf cpu mpls labels label-value privileged EXEC command such as in the following examples:
Router#
show hardware pxf cpu mpls labels 499or
Router#
show hardware pxf cpu mpls labels 2-499Workaround: There is no workaround.
•CSCea60559
Symptoms: The Simple Network Management Protocol (SNMP) agent may use 99 percent of the CPU bandwidth of a Route Processor (RP) for an arbitrarily long time (hours or days), without necessarily generating CPUHOG errors. This situation causes other processes on the router to fail because these processes do not receive the CPU bandwidth that they require:
–Routes may time out.
–Tunnels may go down.
–Accessing the router via a Telnet connection to a network port may become impossible.
–The command-line interface (CLI) via the console line may become quite slow to respond.
The output of the show snmp summary EXEC command may indicate that the number of requests is "N" while the number of replies that were sent is "N-1." The output of the show processes cpu | include SN EXEC command may indicate that the SNMP process uses 99 percent of the CPU bandwidth of the RP.
Conditions: These symptoms are observed when the MPLS-LSR-MIB MIB is enabled, you query the mplsXCTable or a MIB walk occurs, and there are more than 10,000 Multiprotocol Label Switching (MPLS) labels active. The symptoms are platform independent.
Workaround: Perform the following steps:
1. Shut down interfaces to bring the total count of active MPLS labels down to far below 10,000.
2. Disable the MPLS-LSR-MIB MIB by entering the following sequence of commands:
snmp-server view nolsrmib mplsLsrMIB exclude
snmp-server community public view nolsrmib ro
snmp-server view nolsrmib iso include
3. Enter the no shutdown interface configuration command on all the interfaces that you shut down in Step 1.
•CSCea80474
Symptoms: On a Cisco router that runs IP over Multiprotocol Label Switching (MPLS), the Route Processor (RP) on which Label Distribution Protocol (LDP) is configured may attempt to access freed memory, causing the router to reload.
Conditions: This symptom is observed in rare situations on a Cisco router when an interface with hundreds of associated IP addresses is administratively disabled.
Workaround: There is no workaround.
•CSCea85463
Symptoms: When NetFlow data is processed at interrupt-level, the CPU utilization of a route processor (RP) may become high.
Conditions: This symptom is observed on a Cisco 10000 series when NetFlow is configured and many small data flows are processed on the router.
Workaround: There is no workaround.
•CSCea87403
Symptoms: Any Transport over MPLS (AToM) traffic may be dropped at the disposition line card.
Conditions: This symptom is observed on a Cisco 12000 series when the Any Transport over MPLS (AToM): ATM Cell Relay over MPLS feature is enabled on an 8-port OC-3 ATM line card and the disposition line card is an Engine 3 line card, such as a 4-port OC-12 Packet-over-SONET (POS) line card or a 1-port OC-48 POS line card.
Workaround: There is no workaround.
•CSCea91756
Symptoms: On a Cisco platform, free memory may decrease gradually during normal system operation. When network instability occurs, free memory may decrease in the order of tens of MBs over a short period of time.
The output of the show processes memory EXEC command indicates that the Border Gateway Protocol (BGP) router process holds an amount of memory that is increasing as the free memory is decreasing.
Conditions: This symptom is observed on a Cisco platform that is running Cisco IOS Release 12.0(23)S1 or a later release and that has the ip default-network network-number global configuration command enabled.
Workaround: Disable the ip default-network network-number global configuration command to stop the free memory from decreasing. However, to free up the held memory, reload the platform.
•CSCeb01485
Symptoms: Interfaces on one Engine 4 (E4) 3-port Gigabit Ethernet (GE) port adapter (EPA-3GE-SX/LH-LC) may use the same interface description blocks (IDBs) as interfaces of an adjacent E4 3-port GE port adapter that is installed on the same GE modular baseboard (EPA-GE/FE-BBRD). This situation may cause forwarding difficulties and Cisco Express Forwarding (CEF) inconsistencies on other line cards that are installed in the same router. You can verify the symptoms in the output of the show cef interface EXEC command.
Conditions: This symptom is observed on a Cisco 12000 series that is configured with more than one GE modular baseboard when several E4 3-port GE port adapters are installed on a single GE modular baseboard.
Workaround: Reload the router.
•CSCeb02623
Symptoms: A 3-port Gigabit Ethernet line card may stop processing traffic after the Gigabit Route Processor (GRP) has reloaded.
Conditions: This symptom is observed on a Cisco 12000 series when autonegotiation is enabled.
Workaround: Reload the microcode onto the line card.
•CSCeb04441
Symptoms: When an ATM link flaps or a remote ATM platform reloads, a Fast Etherchannel may fail and Enhanced Interior Gateway Routing Protocol (EIGRP) neighbors that are connected via the Fast Etherchannel may be lost.
Conditions: This symptom is observed on a Cisco 7500 series that runs the rsp-pv-mz image of Cisco IOS Release 12.0(21)S5.
Workaround: There is no workaround.
•CSCeb05628
Symptoms: The convergence time after a forced Stateful Switchover (SSO) may be longer than 10 seconds.
Conditions: This symptom is observed on a Cisco 10000 series that is configured for SSO.
Workaround: There is no workaround.
•CSCeb06989
Symptoms: A value of 4,294,967,295 (hexadecimal 0xffffffff) may appear in the ifIndex field of the ifTable for the first channelized T3 controller (CT3) of a 6-port CT3 line card that is installed in a slot of a Cisco 10000 series. This situation causes the ifTable to lose its entries for all other CT3 (or T3 and DSX3) controllers, making them unavailable for Simple Network Management Protocol (SNMP) access.
In a situation in which some SNMP access tools treat the ifIndex values as signed integers, these SNMP access tools may interpret the ifIndex value of 4,294,967,295 as its signed value of -1. When a router walks tables that are indexed by an abnormal ifIndex value such as -1, loops may occur.
Conditions: This symptom is observed on a Cisco 10000 series that is configured for Route Processor Redundancy Plus (RPR+) when a switchover occurs. The symptom may also occur when a Stateful Switchover (SSO) occurs and the Cisco 10000 series software image that is loaded onto the secondary Route Processor (RP) is a newer version than the software image that is running on the primary RP, causing the router to default to RPR+ because of the mismatch between the two software images on the RPs.
At least one channelized interface must be defined on any CT3 controller in order for the symptom to occur.
You can reproduce the symptom in a simple configuration with two 6-port CT3 line cards in slots 6/0 and 7/0, when the only interface that is defined is a single T1 channel group, 6/0/3/1:0. Before an RPR+ switchover, the output of the snmpwalk command indicates the following controller indices:
interfaces.ifTable.ifEntry.ifIndex.3 = 3
interfaces.ifTable.ifEntry.ifIndex.4 = 4
interfaces.ifTable.ifEntry.ifIndex.5 = 5
interfaces.ifTable.ifEntry.ifIndex.6 = 6
interfaces.ifTable.ifEntry.ifIndex.7 = 7
interfaces.ifTable.ifEntry.ifIndex.8 = 8
interfaces.ifTable.ifEntry.ifIndex.9 = 9
interfaces.ifTable.ifEntry.ifIndex.10 = 10
interfaces.ifTable.ifEntry.ifIndex.11 = 11
interfaces.ifTable.ifEntry.ifIndex.12 = 12
interfaces.ifTable.ifEntry.ifIndex.13 = 13
interfaces.ifTable.ifEntry.ifIndex.14 = 14
The associated data objects are also shown:
interfaces.ifTable.ifEntry.ifDescr.3 = T3 6/0/0
interfaces.ifTable.ifEntry.ifDescr.4 = T3 6/0/1
interfaces.ifTable.ifEntry.ifDescr.5 = T3 6/0/2
interfaces.ifTable.ifEntry.ifDescr.6 = T3 6/0/3
interfaces.ifTable.ifEntry.ifDescr.7 = T3 6/0/4
interfaces.ifTable.ifEntry.ifDescr.8 = T3 6/0/5
interfaces.ifTable.ifEntry.ifDescr.9 = T3 7/0/0
interfaces.ifTable.ifEntry.ifDescr.10 = T3 7/0/1
interfaces.ifTable.ifEntry.ifDescr.11 = T3 7/0/2
interfaces.ifTable.ifEntry.ifDescr.12 = T3 7/0/3
interfaces.ifTable.ifEntry.ifDescr.13 = T3 7/0/4
interfaces.ifTable.ifEntry.ifDescr.14 = T3 7/0/5
After the RPR+ switchover, the index list for the CT3 controllers contains only the following entry:
interfaces.ifTable.ifEntry.ifIndex.4294967295 = -1
The associated data object is shown only for the controller that is assigned to this index (that is, the first controller on the line card on which an interface is assigned):
interfaces.ifTable.ifEntry.ifDescr.4294967295 = T3 6/0/0
Workaround: There is no workaround.
•CSCeb10293
Symptoms: "IPC-3-APP_IPC_FAIL" error message may be printed when Active and Standby Route Processors (RPs) are running different Cisco IOS software versions.
Conditions: This symptom occurs when at least one of the Cisco IOS releases is Cisco IOS Release 12.0(23)S2 or an earlier release.
Workaround: Ensure that both images on Active and Standby RPs are running Cisco IOS Release 12.0(23)S3 or later releases.
•CSCeb16876
Symptoms: A Cisco router may generate a "SYS-2-GETBUF" message during the "Tag Input" process and may subsequently reload unexpectedly.
Conditions: This symptom is observed when the router fragments a Multiprotocol Label Switching (MPLS) packet.
Workaround: There is no workaround.
•CSCeb19690
Symptoms: Packets may drop from an Engine 2 (E2) line card on which an outbound access control list (ACL) is configured.
Conditions: This symptom is observed on a Cisco 12000 series when the access-list access-list-number deny protocol any any global configuration command is configured on the E2 line card and you have entered 0 for the protocol argument.
The symptom does not occur on an E2 line card on which an inbound ACL and the access-list access-list-number deny protocol any any global configuration command are configured and you have entered 0 for the protocol argument.
Workaround: There is no workaround.
•CSCeb21103
Symptoms: Multiprotocol Label Switching (MPLS) labels may be imposed erroneously on multicast packets.
Conditions: This symptom is observed on a Cisco 10720 when multicast packets are transmitted via Packet-over-SONET interfaces that are configured for MPLS.
Workaround: There is no workaround.
•CSCeb29070
Symptoms: When you enter the copy running-config startup-config EXEC command or any other command that affects the configuration, the copy process may not be successful or the configuration may not be saved, and a "File table overflow" error message may be generated. After this situation has occurred, any other file-operation attempts will fail too with a "File table overflow" error message.
Conditions: This symptom is observed on a Cisco router that is configured with dual Route Processors (RPs) and that runs Cisco IOS Release 12.0(23)S2 when you enter any command that affects the configuration while the show running-config EXEC command is being executed, which takes a relatively long time when the running configuration is large.
To clear the symptom, reload the router.
Workaround: Do not enter any command that affects the configuration while the show running-config EXEC command is being executed.
•CSCeb35694
Symptoms: When a small packet (a layer-2 packet that is equal to or smaller than 52 bytes, including the layer-2 packet size, the layer-2 header, and the cyclic redundancy check [CRC]) enters a Cisco 10720 and is fed back, one buffer element of the 128-byte Parallel Express Forwarding (PXF) buffer pool is used but not released. This situation eventually causes the 128-byte buffer pool to be depleted entirely. Because most of the control packets such as the IP routing protocol packets are small packets and use the 128-byte buffer pool, most control plane functions stop working and routing-protocol adjacencies go down when the 128-byte buffer pool is depleted, and finally, the router stops forwarding traffic on all the interfaces.
Conditions: These symptoms are observed when a PXF feedback occurs, for example, when multicast traffic is configured, or when a policy map is configured to feed back packets.
Workaround: Avoid PXF feedback. For example, properly configure the policy map. If PXF feedback is inevitable, proactively monitor the 128-byte buffer pool via the output of the show hardware pxf cpu buffers privileged EXEC command:
Router#
show hardware pxf cpu buffers
FP buffers
pool size # buffer available allocate failures low buffer drops
----------------------------------------------------------------------------
0 9344 1293 1293 0 0 1 1664 12930 12930 0 0 2 640 26746 26746 0 0 3 256 34072 34072 0 0 4 128 59934 49987 0 0 ^^^^^ Before the 128-byte buffer pool is depleted entirely, reset the 128-byte buffer pool. Reload the microcode onto the PXF by entering the
microcode reload pxf privileged EXEC command. However, be careful, because by reloading microcode onto the PXF, you may cause routing- protocol adjacencies to be dropped and the PXF to stop forwarding traffic.•CSCeb43130
Symptoms: Packets may be dropped by a Cisco 12000 IP Services Engine (ISE) line card if they are locally generated or forwarded in the slow pass by the line card, and if they exit the router through an ATM Engine 0 line card (1-port OC-12 ATM or 4-port OC-3 ATM). For example, these packets may be locally generated by ISE line card NetFlow export packets, Internet Control Message Protocol (ICMP) echo replies, or ICMP unreachable messages that exit the router through an Engine 0 ATM line card.
Packets that match the conditions listed below may be dropped. If they are NetFlow export packets, they can be seen in the output of the show ip flow export command in the line "export packets were dropped due to output drops." If they are ICMP echo reply packets, pings will fail.
Conditions: The following three conditions exist simultaneously for the dropped packets:
–The ingress line card is any ISE line card or the packets are locally generated by this line card.
–The egress line card is any ATM Engine 0 line card (1-port OC-12 ATM or 4-port OC-3 ATM).
–The packets are forwarded by the ingress line card CPU in the slow pass, not by the forwarding ASIC in the fast pass.
This caveat affects Cisco IOS Release12.0(21)S, Release 12.0(22)S, Release 12.0(23)S, and Release 12.0(24)S. It does not apply to Release 12.0(25)S and later releases.
Workaround: There is no workaround.
•CSCeb43936
Symptoms: Line Remote Defect Indicators (LRDIs) may be transmitted on both the working line and the protect line after an automatic protection switching (APS) switchover has occurred.
Conditions: This symptom is observed when a 4-port OC-3 ATM line card is configured for APS and a Loss of Signal (LOS) occurs.
Workaround: There is no workaround.
•CSCeb45912
Symptoms: Ports on an 8-port OC-3 ATM line card may fail to come up and may generate the following continuous SONET alarms:
%SONET-4-ALARM: ATM10/6: ~SLOF ~SLOS ~LAIS ~LRDI ~PAIS ~PRDI PLOP
Conditions: This symptom is observed on a Cisco 12000 series that runs Cisco IOS Release 12.0(23)S1.
Workaround: Reload the line card.
•CSCeb50742
Symptoms: Layer 2 may forward an incorrect MAC address when a policed packet is rerouted to a next-hop address.
Conditions: This symptom is observed on a Cisco 12000 series that is configured with an Engine 4 plus line card when policy-based routing (PBR) is configured.
Workaround: There is no workaround.
•CSCeb51428
Symptoms: A Cisco router may reload unexpectedly after you have modified an access control list (ACL) and have entered the clear pxf interface privileged EXEC command.
Conditions: This symptom is observed on a Cisco 10000 series.
Workaround: Do not enter the clear pxf interface privileged EXEC command.
•CSCeb54951
Symptoms: A Performance Route Processor (PRP) on a Cisco 12000 series can reload with a SIGTRAP exception after receiving a 1612 bytes or longer frame on an Ethernet0 or Ethernet1 interface.
Conditions: This symptom is observed only on the PRP. The Gigabit Route Processor (GRP) is not affected.
Workaround: Isolate the PRP Ethernet ports to an isolated Ethernet segment.
•CSCeb59097
Symptom: The interface index (ifIndex) values of the interfaces of a 4-port OC-48 Packet-over-SONET (POS) Engine 4 plus (E4+) line card may fail to be deregistered after an online insertion and removal (OIR) has been performed, and the following error messages may be generated:
%COPTMONMIB-3-ENTRYPRESENT: An entry is already present for the registering in terface with ifIndex 2
%COPTMONMIB-3-ENTRYPRESENT: An entry is already present for the registering in terface with ifIndex 3
%COPTMONMIB-3-ENTRYPRESENT: An entry is already present for the registering in terface with ifIndex 4
%COPTMONMIB-3-ENTRYPRESENT: An entry is already present for the registering in terface with ifIndex 5
Conditions: This symptom is observed on a Cisco 12410 that runs Cisco IOS Release 12.0(23)S3 and that is configured with the following line cards, neighbors, and peers:
–One 1-port OC-48 POS Engine 2 line card.
–One 4-port OC-48 POS E4+ line card that is configured for Multiprotocol Label Switching (MPLS) and that is using Label Distribution Protocol (LDP) on all but one of its ports.
–Four Open Shortest Path First (OSPF) neighbors that advertise a total of 9000 label switched paths (LSPs).
–Six Border Gateway Protocol (BGP) peers that advertise a total of 140,000 routes.
Workaround: There is no workaround.
•CSCeb59165
Symptoms: A standby card may not be able to switch to the active state.
Conditions: This symptom is observed in a Redundancy Framework (RF) environment when ATM, High-Level Data Link Control (HDLC), or Frame Relay clients synchronize data during the "standby-bulk" state.
Workaround: There is no workaround.
•CSCeb61694
Symptoms: A primary Performance Routing Engine 1 (PRE-1) may reload because of memory corruption.
Conditions: This symptom is observed on a Cisco 10000 series that is configured with redundant PREs when you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on an interface of a 1-port Gigabit Ethernet line card.
Workaround: There is no workaround. Note that the symptom does not occur with a 1-port Gigabit Ethernet half-height line card.
•CSCeb66997
Symptoms: A Cisco 10720 may reload.
Conditions: This symptom is observed under rare circumstances when a SONET bit error rate (BER) is reported.
Workaround: There is no workaround.
•CSCeb67098
Symptoms: When a Weighted Random Early Detection (WRED) configuration is present and a policy map with WRED configuration is applied to any interface of a Cisco 10720 router, the Parallel Express Forwarding (PXF) Intelligent Protection Switching (IPS) buffer may leak. The "toaster IPC buffer" counter can be observed with the show buffer command.
When the buffer pool is empty, the following error message can be observed, attempts to Telnet into the router may fail, and the Cisco IOS software may reload:
%CAMR_QUEUE_CFG_GENERAL-3-EREVENT: Error @
../toaster/camr_rp/camr_tt_queue_cfg.c:463
-Traceback= 500DB204 500DB2BC 503954D8 503986EC 50330A58
%SYS-2-MALLOCFAIL: Memory allocation of 18196 bytes failed from
0x502C5BD0, alignment 32
Pool: I/O Free: 552 Cause: Not enough free memory
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Pool Manager", ipl= 0, pid= 5
-Traceback= 50308EEC 5030A8E8 502C5BD8 5031DD3C 5031DE7CConditions: These symptoms occur only when a WRED configuration is present and a policy map with WRED configuration is applied to any interface of a Cisco 10720 router. The higher the rate at which the Route Processor (RP) sends packets to PXF, the faster the PXF IPC buffer leaks. The leaking is usually very slow, and it takes weeks to drain the buffer pool.
Workaround: Remove all policy maps that include the random-detect interface configuration command from all interfaces.
•CSCeb68608
Symptoms: An Engine 2 line card that is configured with Virtual Private Network (VPN) routing/forwarding (VRF) instances and Sampled NetFlow (SNF) may reload.
Conditions: This symptom is observed on a Cisco 12000 series when you enter the no mpls ip global configuration command to remove Multiprotocol Label Switching (MPLS) from the configuration.
Workaround: Remove SNF from the configuration before you enter the no mpls ip global configuration command.
•CSCeb68913
Symptoms: An Engine 4 line card may reload unexpectedly.
Conditions: This symptom is observed on a Cisco 12000 series when you enter the clear cef linecard EXEC command to clear Cisco Express Forwarding (CEF) from the line card.
Workaround: There is no workaround.
•CSCeb70227
Symptoms: In a tag switching-to-IP switching scenario, the value of the precedence field of an IP header may change. This behavior is incorrect in Pipe mode.
Conditions: This symptom is observed on a Cisco 12000 series when the following conditions are present:
–The router is part of an MPLS label-switched path (LSP).
–The traffic through the LSP has its label removed from the packet (also referred to as "popping").
–The traffic is received on an Enhanced Services (ES, also referred to as Engine 4 plus) line card.
Workaround: Deconfigure and reconfigure the tag switching-to-IP switching configuration and the MPLS traffic engineering (TE) tunnels on the interface of the ES line card.
•CSCeb70527
Symptoms: Some policy-based routing (PBR) rules may cause a Route Processor (RP) to reload unexpectedly with a bus error. When a route map that causes the RP to reload is saved to the startup configuration, the router may not boot up.
Conditions: This symptom is observed on a Cisco 12000 series when the PBR rules are applied to the interfaces of an IP Services Engine (ISE) line card and occurs usually when the route map is modified after it has already been applied to the interfaces.
Workaround: Remove PBR from the interfaces of the ISE line card.
If you are unable to boot the router, enter a break signal on the console during the bootup procedure and configure the configuration register to ignore the startup configuration. To do so, follow the steps that are described in the Password Recovery Procedure for the Cisco 12000 Series Routers at the following location:
http://www.cisco.com/warp/public/474/pswdrec_12000.shtml
•CSCeb70543
Symptoms: The command-line interface (CLI) may pause indefinitely after you perform a manual online insertion and removal (OIR) of the standby Performance Route Processor (PRP).
Conditions: This symptom is observed on a Cisco 12410 that runs the c12kprp-p-mz image of Cisco IOS Release 12.0(23)S3.
Workaround: Reload the active PRP.
•CSCeb73758
Symptoms: When you configure a Cisco 10000 series, messages similar to the following ones may appear, and a VLAN may not be enabled:
%GENERAL-3-EREVENT: c10k_dot1q_vlan_enable: No tt_info
-Traceback= 60142770 60142A50 603AEC40 603AE06C 603ADCE0 6036EAD8 60193BA8 60380DD4 60B85BEC 60B861D4 603D6FAC 603D6F98
%GENERAL-3-EREVENT: get_injection_vcci: no info for VLAN ID 972
-Traceback= 600DF180 6009AF2C 6009B178 603A831C 604BB804 605013F0 605018A8 605014E0 602B8D84 602B94A4 604F2DC0 604F33F4 60504DB4 60504BA4 60504984 6052351C
%GENERAL-3-EREVENT: get_injection_vcci: no info for VLAN ID 972
-Traceback= 600DF180 6009AF2C 6009B178 603A831C 604BB804 605013F0 605018A8 60504E0 602B8D84 602B94A4 604F2DC0 604F33F4 60504DB4 60504BA4 60504984 6052351C
Conditions: This symptom is observed on a Cisco 10000 series when you change the encapsulation of a LAN subinterface to dot1q encapsulation while the subinterface is shut down.
When the symptom occurs, the output of the show hardware pxf cpu subblocks privileged EXEC command lists "noSB" for the affected subinterface, as is indicated in the following example:
Router# show hard pxf cpu sub | i GigabitEthernet4
GigabitEthernet4/0/0 up 12000 4 PXF 1 81C4A800 4
GigabitEthernet4/0/0.500 administ 12000 4 PXF 1 81C4A800 noSB
Workaround: Change the encapsulation of the subinterface to dot1q when the subinterface is not shut down. The state of the main interface is irrelevant. After you change the encapsulation, you can shut down the subinterface again.
When the subinterface is created while the main interface is shut down, the subinterface and the VLAN do not function properly. Perform the following steps to recover the VLAN:
1. Ensure that the subinterface is not shut down.
2. (Optional) Enter the no encapsulation dot1q native subinterface configuration command.
3. Remove the subinterface.
4. Recreate the subinterface.
5. Change the encapsulation back to dot1q.
•CSCeb78329
Symptoms: After a Route Processor Redundancy Plus (RPR+) switchover occurs, the deletion of an existing permanent virtual circuit (PVC)/permanent virtual path (PVP) fails. This situation prevents you from recreating the same PVC/PVP. You can create a new PVC/PVP, but once you delete it, you cannot recreate it because the PVC remains in the active state.
Conditions: This symptom is observed on a Cisco 10000 series that runs Cisco IOS Release 12.0 S or Release 12.0 SX.
Workaround: There is no workaround. To enable the router to return to normal operation, reload the router.
•CSCeb78610
Symptoms: The interface protocol may not come up for a 1-port OC-12 Packet-over-SONET (POS) line card when the encapsulation frame-relay interface configuration command is configured.
Conditions: This symptom is observed on a Cisco 10000 series when the 1-port OC-12 POS line card is connected back-to-back to another line card in another Cisco 10000 series.
Workaround: There is no workaround.
•CSCeb82737
Symptoms: When you shut down the last port of an 8-port Fast Ethernet half-height line card (port 7), all the other ports on the line card may stop transmitting traffic.
Conditions: This symptom is observed on a Cisco 10000 series.
Workaround: Do not shut down port 7. If port 7 is shut down, enter the no shutdown interface configuration command on the interface to enable traffic to resume on the other interfaces.
•CSCeb83784
Symptoms: The following error message may appear for a 3-port Gigabit Ethernet Engine 2 line card, and the line card may reset:
%LCGE-3-SOP_BAD_PACKET: Found corrupt pkts in tx-sop-sram.
Conditions: This symptom is observed on a Cisco 12000 series that runs Cisco IOS Release 12.0(23)S3.
Workaround: There is no workaround.
•CSCeb86866
Symptoms: Traffic forwarding may not be fully restored when you remove a deny input access control list (ACL) from an interface of a 16-port OC-3 Packet-over-SONET (POS) IP Services Engine (ISE) line card.
Condition: This symptom is observed on a Cisco 12410 that is configured with a 16-port OC-3 POS ISE line card when unicast Reverse Path Forwarding (uRPF) is configured on the interface from which you remove the deny input ACL.
Workaround: There is no workaround. To restore traffic forwarding to its proper performance, reload the line card.
•CSCec10557
Symptoms: When you configure unicast Reverse Path Forwarding (uRPF) on a 1-port OC-48 Packet-over-SONET (POS) Engine 2 line card while traffic is passing through the interface, traffic forwarding may stop.
Conditions: This symptom is observed on a Cisco 12416 that runs the gsr-p-mz image of Cisco IOS Release 12.0(23)S3, that is configured with three 1-port OC-48 POS Engine 2 line cards, and that is configured with three Border Gateway Protocol (BGP) peers.
Workaround: To restore traffic forwarding, reload the line card. To prevent the symptom from occurring, enter the shutdown interface configuration command on the interface before you configure uRPF. Then, enter the no shutdown interface configuration command on the interface.
Alternate Workaround: Ensure that uRPF is configured in the startup configuration file before you boot up the router.
•CSCin30562
Symptoms: After a switchover occurs, an active Route Processor (RP) that is operating in the Route Processor Redundancy plus (RPR+) mode may not be able to switch Layer 2 Tunneling Protocol (L2TP) version 3 packets using distributed Cisco Express Forwarding (dCEF) (in the dCEF mode and may punt them to the RP CEF mode).
Conditions: This symptom is observed on the RP of a Cisco 7500 series that is running Cisco IOS Release 12.0(24)S.
Workaround: Disable and reenable dCEF.
•CSCin39123
Symptoms: A Cisco router that is configured for Any Transport over Multiprotocol Label Switching (AToM) may send AToM packets that are missing control words, even though control-word imposition is enabled. When another Cisco router receives such malformed packets, the router does not handle these packets properly during disposition.
Conditions: This symptom may occur on all Cisco routers that employ software switching with AToM enabled. This symptom has specifically been observed on a Cisco 7200 series, Cisco 7400 series, and Cisco 7500 series that are configured for AToM.
On a Cisco 7200 series router that is processing a heavy traffic load, the reception of malformed packets may cause the router to pause indefinitely.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(23)S3
Cisco IOS Release 12.0(23)S3 is a rebuild release for Cisco IOS Release 12.0(23)S. The caveats in this section are resolved in Cisco IOS Release 12.0(23)S3 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•Symptoms: A description of what is observed when the caveat occurs.
•Conditions: The conditions under which the caveat has been known to occur.
•Workaround: Solutions, if available, to counteract the caveat.
Basic System Services
•CSCdy74705
Symptoms: A memory corruption may occur on a Network Processing Engine 200 (NPE-200).
Conditions: This symptom is observed on the NPE-200 of a Cisco 7200 series router. This symptom is observed when a high amount of traffic is present on the router and when there are packet sizes that are greater than 1524 bytes in size. The occurrence of this symptom may be related to port adapter arrangements.
Workaround: Rearrange the port adapters or upgrade to Cisco IOS Release 12.0(24)S or a later release.
•CSCea22886
Symptoms: When an entry in the ciscoPingTable MIB variable is set to be valid, high memory utilization may occur gradually because memory is not released by the "dead*" process of a Simple Network Management Protocol (SNMP) ping.
Conditions: This symptom is observed on a Cisco 12000 series after the router has been upgraded from an earlier Cisco IOS release to Cisco IOS Release 12.2(23)S.
Workaround: Exclude the ciscoPingTable MIB variable from the configuration by entering the snmp-server view view name ciscoPingTable excluded global configuration command.
•CSCea36491
Symptoms: When a Telnet session is made to a router after a VTY session pauses indefinitely, the user in the Telnet session may not be able to enter the configuration mode. When these symptoms occur, interfaces may enter the wedged state with Simple Network Management Protocol (SNMP) traffic.
Conditions: This behavior is observed on ATM and Packet over SONET (POS) interfaces. This behavior is not platform-specific.
Workaround: Disable Simple Network Management Protocol (SNMP) configuration traps by entering the no snmp-server enable traps config global configuration command.
•CSCeb08027
Symptoms: The snmp mib target list global configuration command is not displayed when the show running-config EXEC command is entered on the secondary Performance Routing Engine (PRE). However, the snmp mib target list global configuration command is displayed when the show startup-config EXEC command is entered on the PRE.
Conditions: This symptom is observed on the PRE of a Cisco 10000 series.
Workaround: There is no workaround.
IP Routing Protocols
•CSCdu53656
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
•CSCdw82270
Symptoms: When the default-information originate router configuration command is entered on a Cisco 12000 series via the Border Gateway Protocol (BGP), the default route is learned correctly but is entered incorrectly into the BGP routing table. This behavior may cause the Cisco 12000 series to have operating issues with other routers because the Cisco 12000 series does not have a correct default route.
Conditions: This symptom is observed on a Cisco 12000 series.
Workaround: Perform either of the following steps:
–Enter a static default route.
–Configure an access control list (ACL) to prevent packets from being propagated from the incorrect default route.
•CSCdz09296
Symptoms: Transit traffic that uses Open Shortest Path First (OSPF) routes may be briefly interrupted after consecutive switch-over. This affects only OSPF configurations with message-digest authentication.
Conditions: This symptom is observed on Cisco routers that are running Cisco IOS Release 12.0(22)S when the following conditions are present:
The message-digest authentication is configured for OSPF.
More than one Route Processor (RP) switchover occurs within minutes of each other.
Workaround: There is no workaround. Traffic resumes without user intervention. To prevent future traffic interruptions on subsequent switchovers, disable the message-digest authentication for OSPF.
•CSCdz10505
Symptoms: When a neighbor under virtual route forwarding (VRF) is configured using the bgp graceful-restart router configuration command, the session does not begin. A notification regarding wrong OPEN message is generated.
Conditions: This symptom is observed only when the router is configured using the bgp graceful-restart router configuration command.
Workaround: There is no workaround.
•CSCdz24314
Symptoms: A Border Gateway Protocol (BGP) session reset occurs because of a notification that indicates a defective OPEN message.
Conditions: This symptom is observed when using the both option in the following command in router configuration mode:
neighbor ip-address [capability] orf prefix-filter [receive | send | both]
Workaround: Configure only the receive or send options of the neighbor-orf prefix-filter router configuration command.
•CSCea13075
Symptoms: The Multi Exit Discriminator (MED) that is received from a confederation external peer may be ignored in best path selection. The output of the show ip bgp longer-prefixes EXEC command does not indicate that any MED values were received.
Conditions: This symptom is observed when Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) configurations are present.
Workaround: There is no workaround.
•CSCea28131
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
•CSCea32226
Symptoms: A router may reload when the show ip bgp neighbors EXEC command is entered.
Conditions: This symptom is observed if the show ip bgp neighbors EXEC command is entered while the neighbor soft-reconfiguration router configuration command is enabled, or when Border Gateway Protocol (BGP) paths are dampened.
Workaround: Disable the neighbor soft-reconfiguration router configuration command or avoid dampening the BGP paths.
•CSCea42500
Symptoms: If the default-information originate router configuration command is entered on the Virtual Private Network (VPN) routing/forwarding (VRF) instance of a Cisco 12000 series that has the address-family ipv4 vrf vrf-name router configuration command configured using the Border Gateway Protocol (BGP), the default route is learned correctly but the default route is entered incorrectly in the BGP routing table. This behavior may result in unexpected behavior on the other router if the other router does not have a correct default route.
The default static route of the VRF is not advertised by BGP after the default static route is configured under the VRF, and BGP may advertise the incorrect default route that is in the BGP routing table.
Conditions: This symptom is observed on a Cisco 12000 series that is running BGP.
Workaround: Perform either of the following steps:
–Enter a static default route under the VRF configuration.
–Configure an access control list (ACL).
•CSCea64725
Symptoms: If a peer group is slow to establish and comes up while other members of the peer group are converging, the recently established member may not advertise the routes that were sent to the other members.
Conditions: This symptom occurs only if the new peer group member comes up while the other members of a peer group are converging. This symptom does not occur if the new peer group member comes up after the other members of the peer group have finished converging.
Workaround: The routes can be readvertised by entering the clear ip bgp peer-group-name soft out privileged EXEC command for any peer that has missing routes.
•CSCeb00172
Symptoms: When the neighbor {ip-address | peer-group-name} default-originate router configuration command is used with a peer group, peers that belong to that peer group come up at a different time from when the Border Gateway Protocol (BGP) is formatting updates. Because of this behavior, the router may not advertise all routes to members of the peer group.
Conditions: This symptom is observed with IP version 4 (IPv4) unicast and Virtual Private Network (VPN) routing/forwarding (VRF) address family (AF) packets.
Workaround: There is no workaround.
•CSCeb00180
Symptoms: Border Gateway Protocol (BGP) update generation may pause indefinitely when BGP is converging.
Conditions: This symptom may occur under any of the following six conditions when BGP is converging:
1. When non-peer-group peer sessions flap or when the clear ip bgp address privileged EXEC command is entered several times for a non-peer-group peer.
2. When the clear ip bgp * soft out privileged EXEC command is entered repeatedly in rapid succession.
3. When peers are moved in or out of peer groups.
4. When routers that are configured with unicast assured forwarding (AF) and AF only are reloaded.
5. When all members of a peer group are cleared by performing either a hard reset or a soft reset. In this situation, only the peer group is affected.
6. When some routes are advertised to or withdrawn from the router while the router is converging, some peers in a peer group may not receive all the updates.
Workaround: There is no workaround for conditions 1 through 5.
To recover from condition 6, enter the clear ip bgp neighbor-address soft out privileged EXEC command. For the neighbor-address argument, use the IP address of the peer that did not receive all of the updates.
ISO CLNS
•CSCea00846
Symptoms: After a switchover, the Intermediate System-to-Intermediate System (IS-IS) takes about 10 minutes to fully recover and to install routes in the IP routing table.
Conditions: This symptom is observed on a Cisco 12000 series configured with IS-IS. The amount of time required for the Gigabit Ethernet (GE) interface to load after a switchover is very close to the amount of time of the IS-IS adjacency timeout. The device under test (DUT) is the designated router.
Workaround: There is no workaround.
Miscellaneous
•CSCdx59003
Symptoms: A Cisco 12000 series router may report incorrect environmental values, as the following environmental logs display:
%ENV_MON-2-VOLTAGE: MBUS 5V supply (slot 1) volts has reached SHUTDOWN level at 5 m(V) %ENV_MON-2-TEMP: Hotpoint temp sensor (slot 17) temperature has reached SHUTDOWN level at 756(C)
%ENV_MON-2-VOLTAGE: Card 3.3v supply (slot 17) volts has reached CRITICAL level at 2560 m(V)Although the environmental logs indicate that the shutdown level has been reached, the router does not shut down the line cards for which the incorrect environmental values are reported.
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S3, Release 12.0(21)S5, Release 12.0(21)ST2, or Release 12.0(22)S.
Workaround: There is no workaround.
•CSCdx61684
Symptoms: The traffic on a Cisco 12000 series 3-port Gigabit Ethernet line card (3GE-GBIC-SC) is stopped after the shutdown interface configuration command followed by the no shutdown interface configuration command is entered on the interface while there is a traffic load on the interface.
Conditions: This symptom is observed on a 3GE-GBIC-SC line card.
Workaround: Configure autorenegotiation, or reload the 3GE-GBIC-SC line card.
•CSCdy51183
Symptoms: A router that is running cell-mode tag switching or Multiprotocol Label Switching (MPLS) on a label controlled ATM (LC-ATM) interface may reload when it receives a more specific prefix for a label mapping or binding than the one that is already allocated. For example, the router may reload when it receives the prefix 10.1.1.0/24 if a binding was already allocated for 10.1.1.1/32 on the basis of the routing entry 10.1.0.0/16.
Conditions: This symptom is observed on an Edge Label Switch Router (ELSR) or Label Switch Controller (LSC).
Workaround: There is no workaround for an ELSR. To prevent an LSC from reloading, disable the headend label virtual circuits (LVCs) by entering the tag-switching atm disable-headend-vcs global configuration command.
•CSCdy56799
Symptoms: Spurious access errors may occur on a Cisco 7500 series router configured with distributed Cisco Express Forwarding (dCEF) and Web Cache Communication Protocol (WCCP).
Conditions: This symptom is observed on Cisco 7500 series router configured with dCEF and WCCP.
Workaround: Disable dCEF on the interfaces that are facing the web cache engines where the spurious access errors occur so that incoming WCCP generic routing encapsulation (GRE) packets are punted to the Route Processor (RP) and CEF switched.
For more information about spurious access errors, see the Cisco document at the following location:
http://www.cisco.com/warp/public/63/spuraccess.html
•CSCdy67706
Symptoms: A switchover from the working interface to the protect interface may take a long time.
Conditions: This symptom is observed on a Cisco 10000 series router when the SONET Single Router APS (SR-APS) feature is enabled.
Workaround: A temporary solution is to configure the protect interface as the working interface.
•CSCdy89749
Symptoms: A Gigabit Ethernet Interface Processor plus (GEIP+) may report many alignment errors and the CPU utilization may stay at 100 percent.
Conditions: This symptom is observed on a Cisco 7500 series router.
Workaround: There is no workaround.
•CSCdz04297
Symptoms: A router may pause indefinitely instead of restarting.
Conditions: This symptom is observed when the router is handling invalid addresses in the cached address space.
Workaround: There is no workaround.
•CSCdz22591
Symptoms: Resource Reservation Protocol (RSVP) hello may incorrectly declare lost communications with a neighbor, and fast reroute may be triggered.
Conditions: This symptom is observed when RSVP is configured on a Packet over SONET (POS) interface with a hello interval of 60 milliseconds or less on a Cisco router that is running Cisco IOS Release 12.0(24)S. This symptom does not exist when hello is configured on an Ethernet interface.
Workaround: Configure hello intervals longer than 60 milliseconds.
•CSCdz37875
Symptoms: Traceback messages may be detected when a user checks the log file of a standby Performance Routing Engine (PRE).
Conditions: This symptom is observed on a router that has a 6-port OC-3 Packet over SONET (POS) line card.
Workaround: There is no workaround.
•CSCdz46443
Symptoms: An ingress line card may reload after the no shutdown interface configuration command is entered on the line card while traffic is present.
Conditions: This symptom is observed in a Multiprotocol Label Switching (MPLS) tunnel head that has a 1-port edge service (ES) Packet-over-SONET (POS) OC- 192c/STM-64 line card configured on both the ingress and egress line cards. This symptom is observed when the ip cef accounting per-prefix non-recursive global configuration command is configured.
Workaround: There is no workaround.
•CSCdz59683
Symptoms: After the ALPHA application-specific integrated circuit (ASIC) is reset because of error recovery (that may be caused by parity errors in ALPHA memory), the port or fetch descriptors that select correct threads in ALPHA microcode are not programmed correctly. This behavior may prevent certain configured features, such as IP version 6 (IPv6) or IP Virtual Private Network (VPN) routing/forwarding (VRF), from working correctly.
Conditions: This symptom is observed on the line card of a Cisco 12000 series.
Workaround: Reset the line card.
•CSCdz63442
Symptoms: Link utilization may be lower than expected.
Conditions: This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(23)S1 when class-based weighted fair queueing (CBWFQ) is configured on multiple VLANs.
Workaround: Try one or more of the following options to improve the link utilization:
1. Reduce the number of VLANs that are configured.
2. Send burstier traffic. (Doing so will most likely be more effective on higher bandwidth interfaces).
3. Do not configure maximum utilization parameters on any queues.
•CSCdz66463
Symptoms: An ATM interface does not come up after a Cisco 10000 series router has reloaded.
Conditions: This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(23)S1.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.
•CSCdz67600
Symptoms: An Engine 4 Plus (E4+) Packet-over-SONET (POS) line card may reload when the access control list (ACL) of a port is changed.
Conditions: This symptom is observed when the ACL of a port is changed when there already is an ACL configured on the port of an E4+ POS line card.
Workaround: There is no workaround.
•CSCdz69846
Symptoms: An Engine 4 plus (E4+) line card may reload and display the following error messages in the log or crash info:
%TX192-3-CPUIF: Error=0x100
%TX192-3-CPUIF_ERR: Underrun Error: Read Pointer crosses Write Pointer.
Conditions: This symptom is observed on the E4+ line card of a Cisco 12400 series that is performing multicast packet fragmentation.
Workaround: There is no workaround.
•CSCdz71127
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
•CSCdz72673
Symptoms: A Cisco router that is functioning as a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) router may reload with an "address error" message.
Conditions: This symptom is observed at bootup time when the PE and customer edge (CE) interfaces are coming up. The symptom occurs when a locally learned VPN routing/forwarding (VRF) route temporarily loses its local label. This condition leads to some data structures being cleaned up but still retaining references to the local label. It may also occur after bootup in the case of interface flaps. The reload is not a common occurrence, however, and may need additional triggers.
A list of the affected releases can be found at http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdv49909. Cisco IOS releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: There is no workaround.
•CSCea00096
Symptoms: Packet throttling is activated because of congestion even when it is not configured. This behavior is indicated by the following error message:
%LC_CX3-4-THROTTLE: Packet throttling activated due to congestion
Conditions: This symptom is observed on a Cisco 12416 router that is configured with 200 Border Gateway Protocol (BGP) peers and that has three 6- port channelized T3 (6xCT3) line cards. Each of the line cards is configured with an even distribution of about 1500 Frame Relay subinterfaces.
Workaround: There is no workaround.
•CSCea00954
Symptoms: IP multicast hardware counter memory is not freed on an Engine 4 (E4) or Engine 4 Plus (E4+) line card after multicast routes are cleared from the routing table.
Conditions: This symptom occurs only when the E4 or E4+ line card runs out of mtrie node memory. The line card will run out of mtrie memory when there are more routes on the router than the line card can handle.
Workaround: There is no workaround.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
•CSCea03424
Symptoms: An OC-48 Packet-over-SONET (POS) interface may flap immediately after a high availability (HA) Fast Software Upgrade (FSU).
Conditions: This symptom is observed on a Cisco 10000 series when an HA FSU is performed from an image of Cisco IOS Release 12.0(23)S1 to an image of Release 12.0(23)S2.
Workaround: There is no workaround.
•CSCea04762
Symptoms: Some export packets sent from an Engine 4+ (E4+) line card are not received by the NetFlow collector.
Conditions: This condition is observed on the E4+ line card when the export packets are exported out of a traffic engineering (TE) or tag interface and the router is running Cisco IOS Release 12.0(22)S2.
Workaround: Export the packets out of the non-TE or non-tag interface. This means that export packets must be sent out as IP packets from the E4+ line card.
•CSCea10156
Symptoms: An Engine 4 plus (E4+) line card may reload unexpectedly.
Conditions: This symptom is observed when more than one adjacency is established across the interfaces of the E4+ line card while the ip cef accounting per-prefix non-recursive global configuration command is enabled. This symptom may occur when there is no traffic present on the line card.
Workaround: Disable the ip cef accounting per-prefix non-recursive global configuration command.
•CSCea10890
Symptoms: The output of the show ip interface EXEC command does not display the number of Reverse Path Forwarding (RPF) packet drops but indicates a value of "0" for the number of RPF packet drops. However, the global RPF count in the output of the show ip traffic | inc drop EXEC command is correct.
Conditions: This symptom is observed on a Cisco 10000 series that has Parallel Express Forwarding (PXF) switching enabled.
Workaround: There is no workaround. This is caveat has been closed.
•CSCea12157
Symptoms: The following error message may be observed on a line card:
%SLOT n: .... : %LC-3-ERRRECOVER: Corrected a transient error on line card.
This error may be observed even though an actual hardware error has not occurred on the line card. If a hardware error does occur, it will generate additional error messages to identify the source of the hardware error in addition to the error message listed above.
Conditions: This symptom may be observed on a Cisco Engine 0 line card when a feature that requires a micro code change is configured.
Workaround: There is no workaround. Ignore the error message.
•CSCea14108
Symptoms: Pings from a customer edge (CE) router may fail in an Any Transport over Multiprotocol Label Switching (AToM) network.
Conditions: This symptom is observed when Ethernet over Multiprotocol Label Switching (EoMPLS) AToM is configured.
Workaround: There is no workaround.
•CSCea14348
Symptoms: The integrity of the payload may not be retained on a Cisco 10700 series that is running Cisco IOS Release 12.0(24)S.
Conditions: This symptom is observed on Cisco 10700 series that is operating in the Ethernet over Multiprotocol Label Switching (EoMPLS) port mode with a Packet over SONET (POS) interface that is connected to a Multiprotocol Label Switching (MPLS) backbone.
Workaround: There is no workaround.
•CSCea25707
Symptoms: A Cisco router may reload because of a software condition when running the LDP-MIB MIB. The router reloads because of a process watchdog timeout in the "SNMP ENGINE" process and logs an entry similar to the following one and logs a traceback:
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = SNMP ENGINE. %Software-forced reload
Unexpected exception, CPU signal 23, PC = 0x606F1FC4 ... Cause 00000024 (Code 0x9): Breakpoint exception
Conditions: This symptom is observed after the router ID has been changed and when Label Distribution Protocol (LDP) sessions have been added or removed.
Workaround: Do not change the router ID. If the router ID has been changed, do not run the LDP-MIB MIB.
•CSCea27683
Symptoms: An Engine 4 (E4) line card may reload after it displays the following error messages:
%TX192-3-PAM_MODULE: status = 0x2, mask= 0x3F - MODULE: Error signal from PIM module. -Traceback=
%TX192-3-PAM_PIM: status = 0x3D6, mask= 0x1A1 - PIM: header start offset >= 16kB. -Traceback=Conditions: These symptoms are observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S under the following conditions:
–IP traffic is sent from the IP Services Engine (ISE) Engine 3 (E3) line card to Engine 4 (E4) or Engine 4 plus (E4+) line cards.
–The tag-switching ip interface configuration command is enabled on the E4 and E4+ line cards.
–The IP packets are 78 bytes in size.
–An Intermediate System-to-Intermediate System (IS-IS) link flap causes a change in the behavior of forwarded IP traffic that arrives at the ISE line card from one incoming link to two outgoing links or from two incoming links to one outgoing link in which one of the active outgoing links is an E4 or E4+ line card.
Workaround: There is no workaround.
•CSCea28471
Symptoms: A Versatile Interface Processor (VIP) may reload.
Conditions: This symptom is observed on a VIP if Multiprotocol Label Switching (MPLS), Egress Netflow, and distributed Cisco Express Forwarding (dCEF) are configured.
Workaround: Disable DCEF or the Egress Netflow.
•CSCea28914
Symptoms: A Fabric Interface ASIC (FIA) controller halt condition may be observed on the Engine 4 (E4) or Engine 4 plus (E4+) line card of a Cisco 12410.
Conditions: This symptom is observed when the hw-module slot 17 shut EXEC command is entered while a primary Clock Scheduler Card (CSC) is installed in slot 17 of the E4 or E4+ line card of a Cisco 12410. This symptom is observed when the Cisco 12410 is running Cisco IOS Release 12.0(21)S6.
Workaround: Avoid entering the hw-module slot 17 shut EXEC command.
•CSCea32240
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
•CSCea32479
Symptoms: It may take a long time for a Cisco 12000 series to remove 250,000 Virtual Private Network version 4 (VPNv4) entries from an Engine 3 (E3) line card. While the router removes the VPNv4 entries, new VPNv4 entries cannot be updated on the line card.
Conditions: This symptom is observed when the router handles a large number of VPNv4 entries on its line cards (more than 80,000) and when a Border Gateway Protocol (BGP) session flaps (the session remains down for a few minutes). This behavior causes the router to remove all VPNv4 entries and repopulate the VPNv4 entries a few minutes later.
Workaround: There is no workaround.
•CSCea33501
Symptoms: Parallel Express Forwarding (PXF) reloads with the "0x680" software exception type in column 5 (T1RxC1).
Conditions: This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(21)ST5 but may also occur in Release 12.0 S.
Workaround: There is no workaround.
•CSCea35292
Symptoms: When Multiprotocol Label Switching (MPLS) traffic or MPLS Virtual Private Network (VPN) traffic is being forwarded by a Cisco 10720 router, about 50 percent of multicast traffic will be punted to a Route Processor (RP) and forwarded by the RP. The expected behavior is that multicast traffic should be forwarded by Parallel Express Forwarding (PXF) as long as a multicast route (mroute) entry exists. If many packets are punted to the RP, and the RP queue is congested, some of the multicast traffic that is being punted to the RP will be dropped. For example, multicast traffic may be dropped from a multicast application such as video or TV broadcast.
Conditions: This symptom is observed on a Cisco 10720 router that is running Cisco IOS Release 12.0(22)S, Release 12.0(23)S1, or Release 12.0(24)S when the following conditions are met:
–The router forwards MPLS or MPLS VPN traffic and multicast traffic.
–The RP queue is congested.
Workaround: Stop the MPLS or MPLS VPN traffic.
•CSCea38449
Symptoms: Traffic may not be forwarded to an egress line card if an uncorrected parity error is detected.
Conditions: This symptom is observed on an Engine 3 (E3) IP Services Engine (ISE) line card of a Cisco 12000 series.
Workaround: Reload the microcode of the line card after the error recovery process occurs.
•CSCea42366
Symptoms: A corrupted VLAN ID may be created when a VLAN ID rewrite operation is configured on the VLAN interface of a Cisco 10720. When this symptom occurs, the Canonical Format Identifier (CFI) bit of the incoming 802.1q header is not preserved.
Conditions: These symptoms are observed with input packets that have the CFI bit of the 802.1q header set to a value of "1" (CFI=1) and when the new VLAN ID value has a value of "0" for bit 4 (when the count is made from the least significant bit position). The new VLAN ID value (that is produced by the VLAN ID rewrite operation) for the output packet will have an incorrect value of "1" for bit 4.
The CFI bit of the incoming packet is not preserved when the value of the CFI bit is "1" and the outgoing packet has a incorrect CFI bit value of "0".
Workaround: There is no workaround.
•CSCea42527
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
•CSCea42826
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
•CSCea44309
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
•CSCea45073
Symptoms: Traffic and routing outage may be observed on a router for several minutes.
Conditions: This symptom is observed on a Cisco 12000 series when a line card reload event is triggered by an uncorrected soft memory error and by a simultaneously bounding policy-based routing (PBR) policy that is on an IP Services Engine (ISE) interface.
The uncorrected soft memory error trigger is observed to occur before the trigger that is caused by the simultaneously bounding policy-based routing policy.
Workaround: There is no workaround.
•CSCea45451
Symptoms: An active Performance Route Processor (PRP) may pause indefinitely and not enter the ROM monitor (ROMmon) mode after its firmware is upgraded. When this behavior occurs, the secondary PRP takes over as the primary PRP.
Conditions: This symptom is observed when the upgrade all EXEC command is entered on the active PRP of a router that is running Cisco IOS Release 12.0(23)S and that has a dual PRP configuration while both PRPs are enabled.
Workaround: Power-cycle the router to exit the indefinite pause state. To prevent the active PRP from pausing indefinitely, avoid booting up both of the PRPs simultaneously. Boot up only the first PRP to the enabled state and upgrade the PRP. Perform the same procedure with the second PRP.
•CSCea52787
Symptoms: A memory leak may be observed on a line card with the Multicast Distributed Switching (MDS) line card process when the ip multicast-routing global configuration command is enabled while there are tunnel interfaces configured.
Conditions: This symptom occurs when the affected line card runs out of memory because of a memory leak and the MDFS process on the line card attempts to allocate memory. This symptom occurs only when multicast routing is enabled by entering the ip multicast-routing distributed global configuration command and when a traffic engineering (TE) tunnel is configured.
Workaround: There is no workaround.
•CSCea53471
Symptoms: A Cisco 12000 series that is configured with a Performance Route Processor 1 (PRP-1) may pause indefinitely.
Conditions: This symptom is observed on a Cisco 12000 series that is configured with a PRP-1 when the configuration is being saved after it has previously received a break signal on the console. This symptom does not affect the Gigabit Route Processor (GRP).
The break signal can be received by the router when it is sent intentionally by a terminal or when it is unintentionally received as noise on the console connection. Unintentional noise may occur if a terminal or terminal server that is connected to the router is powered off or when certain terminals or personal computer terminal emulators are first connected. When the router pauses indefinitely, it must be power-cycled to be restored to a normal working condition.
Workaround: There is no workaround.
•CSCea54482
Symptoms: A switch fabric card (SFC) switchover may occur, cyclic redundancy check (CRC) Fabric Interface ASIC (FIA) errors may occur, and the following error message may be displayed on a Cisco 12400 series:
FABRIC-3-ERR_HANDLE Due to CRC error from slot 8, shutdown the fabric card on slot 22
Note that the slot numbers (that is, 8 and 22) are just examples.
Conditions: These symptoms are observed after a Cisco 12400 series router that is configured with one or more Engine 4 plus line cards is reloaded with a new Cisco IOS release that causes a maintenance bus (MBus) download condition and while traffic is being processed on the router.
Workaround: After the router is reloaded with the new Cisco IOS release, reload the router for a second time.
•CSCea61480
Symptoms: An Engine 4 10-port Gigabit Ethernet (GE) line card may reload or you may not be able to ping across the modular GE interfaces of the line card.
Conditions: This symptom is observed on a Cisco 12410 that has a redundant Clock Scheduler Card (CSC) after you have performed an online insertion and removal (OIR) of the master (CSC).
Workaround: There is no workaround.
•CSCea62360
Symptoms: A Cisco 12000 series Engine 3 (E3) line card may log "EE48-2-GULF_TX_SRAM_ERROR" error messages if certain packet types are forwarded incorrectly.
Conditions: This symptom is observed on Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) routers when multicast traffic is destined for the customer edge (CE) router.
Workaround: There is no workaround.
•CSCea62725
Symptoms: The Automatic Protection Switching (APS) function may not failover after a line card is reset.
Conditions: This symptom is observed when a line card is reset (either by entering the hw-module reset EXEC command or by manually resetting the line card).
Workaround: There is no workaround.
•CSCea67032
Symptoms: Some interfaces of a Cisco 10000 series 6-port channelized T3 line card may not come up.
Conditions: This symptom is observed when you configure the T3 controller with any combination of time slots, but using more than 15 and fewer than 21 time slots.
Workaround: There is no workaround.
•CSCea68251
Symptoms: A Cisco 10720 may reboot when you enter the no srp reject H.H.H interface configuration command on a Spatial Reuse Protocol (SRP) interface.
Conditions: This symptom is observed intermittently. If there is no valid entry to be removed for the srp reject H.H.H interface configuration command, the command negation has no impact.
Workaround: There is no workaround.
•CSCea68657
Symptoms: A router may not boot to the configured Cisco IOS software version when the full path of the Cisco IOS image is specified in the boot system flash global configuration command, such as in the following example:
boot system flash disk0:c12kprp-p-mz
Conditions: This symptom is observed on a Cisco 12000 series router that is configured with dual Performance Route Processors (PRPs).
Workaround: Configure the boot system flash global configuration command without specifying the device name, such as in the following example:
boot system flash c12kprp-p-mz
•CSCea77271
Symptoms: Packets may be dropped by a 3-port line card for a Cisco 12000 series Internet router.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that is configured with a 3-port line card and that is running Cisco IOS Release 12.0(21)ST or Release 12.0(22)S when the following conditions are met:
–Some subinterfaces are configured for Ethernet over Multiprotocol Label Switching (EoMPLS).
–Some subinterfaces are configured for IP.
–Any interface on the router is configured with an output access control list (ACL).
–A packet is received on an IP subinterface and its 802.1p VLAN priority bits are different than the IP precedence bits and it is supposed to switch to the interface where the output ACL is applied.
Workaround: Remove the output ACL if possible or use Cisco IOS Release 12.0(23)S or a later release.
•CSCea80322
Symptoms: All ports of an Engine 0 (E0) digital service 3 (DS3) card may remain in an "up/down" condition indefinitely.
Conditions: This symptom is observed on Engine 0 (E0) DS3 cards when one of the ports receives a "yellow" alarm.
Workaround: Enter the microcode reload global configuration command to microcode reload the DS3 card.
•CSCea86678
Symptoms: Auto negotiation may not work as expected on a router.
Conditions: This symptom is observed when a Cisco 10720 router is used in a network that has a Cisco Catalyst 6500 switch and a vendor-specific optical repeater.
Workaround: There is no workaround.
•CSCea87709
Symptoms: A standby Performance Routing Engine (PRE) may reload continuously, and the router may enter the "standby cold-bulk" redundancy state.
Conditions: This symptom is observed with certain configurations. The standby PRE may reload continuously when a new image is loaded after the hw-module reset standby-cpu reset global configuration command is entered or after a switchover occurs.
Workaround: There is no workaround.
•CSCea89519
Symptoms: A standby Gigabit Route Processor (GRP) may reload with a bus error.
Conditions: This symptom is observed after the ATM interface of a Cisco 12000 series is shut down.
Workaround: There is no workaround.
•CSCea91024
Symptoms: Line cards that are installed on a Cisco 12000 series may reload.
Conditions: This symptom is observed when a Virtual Private Network (VPN) routing/forwarding (VRF) instance is added or deleted, and a loopback interface is configured with one of the VRF instances.
Workaround: There is no workaround.
•CSCea91692
Symptoms: On a Cisco 12000 series router that is configured with an Engine-2-based line card that carries both Multiprotocol Label Switching (MPLS) and IP traffic and that is forwarding packets to an output port (that has a committed access rate [CAR] rule configured on an Engine-0, Engine-1 or Engine-2-based output line card), the IP traffic may be dropped because of an incorrect packet switching application-specific integrated circuit (PSA) Cisco Express Forwarding (CEF) entry.
Conditions: This symptom is observed on a Cisco 12000 series that has been upgraded from Cisco IOS Release 12.0(21)S5 to Release 12.0(22)S or Release 12.0(23)S. This configuration requires that the traffic enter the router on an Engine 2 line card and leave the router on an Engine-0, Engine-1, or Engine 2-based line card that has an output CAR applied to its port.
Workaround: Remove the output CAR rule from the egress line card to restore traffic.
•CSCeb00391
Symptoms: The following error message may be displayed on a router:
%ALIGN-3-SPURIOUS: Spurious memory access made at 0x50164CDC reading 0x0
Conditions: This symptom is observed on a Cisco 12000 series.
Workaround: There is no workaround.
•CSCeb01992
Symptoms: Occasional ping failures may be observed over a VLAN interface.
Conditions: This symptom is observed on the VLAN interface of a Cisco 12000 series modular Gigabit Ethernet line card. The Cisco 12000 series modular Gigabit Ethernet line card is connected to Cisco Catalyst switches over VLAN interfaces.
Workaround: There is no workaround.
•CSCeb05519
Symptoms: The core router Multiprotocol Label Switching (MPLS) forwarding entry has the correct outgoing interface but has an incorrect label to use for sending traffic to the edge router. The incorrect label is identical to the label that is sent by another core router for the same prefix through another interface.
Conditions: This symptom is observed in a service provider network when the route to the prefix that has the incorrect MPLS forwarding entry is configured using a static recursive route and the specific IP address that is specified in the ip route prefix mask ip-address global configuration command is changed by topology changes to go through a different adjacent router. The incorrect outgoing Label Distribution Protocol (LDP) or Tag Distribution Protocol (TDP) label corresponds to the router that was adjacent prior to the routing change.
Workaround: To clear this condition, enter the clear ip route {network [mask] | *} EXEC command to cause MPLS to create a new forwarding entry that has the correct interface and label for the prefix.
To prevent this condition from occurring, advertise the route to the prefix in question using an Interior Gateway Protocol (IGP).
Alternate Workaround: Configure a static nonrecursive route to the prefix and IP address of the next-hop router by entering the ip route prefix mask ip-address interface-type interface-number global configuration command.
•CSCeb14687
Symptoms: Border Gateway Protocol (BGP) may send incomplete updates to the peer routers, and some routers may not send full routes to their peer routers. This behavior may cause some routes to be missing from the peer.
Conditions: This symptom is observed when a slow BGP peer in a peer group comes up while BGP is in the process of sending updates to the peer routers. This symptom is not platform specific.
Workaround: Enter the clear ip bgp peer-address soft out EXEC command to clear this condition. Avoid using a peer group if possible.
•CSCeb14998
Symptoms: An Engine 2 line card that is configured with virtual routing and forwarding may reload.
Conditions: This symptom is observed under either one of the following conditions:
–When the shutdown interface configuration command followed by the no shutdown interface configuration command is entered on a loopback interface.
–When tag switching is removed globally and then reenabled.
The line card does not come back up after it reloads and must be manually reloaded.
Workaround: There is no workaround.
•CSCuk39189
Symptoms: Leaks may be observed for some Virtual Private Network routing and forwarding (VRF) routes in the global Forwarding Information Base (FIB) table when a VRF is deleted and recreated.
Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0 S or Release 12.2 T.
Workaround: There is no workaround.
•CSCuk41552
Symptoms: When you enter the show cef idb EXEC command on a primary Route Processor (RP), the output of the command displays that for two subinterfaces of the same interface that should have the same interface number, one of the subinterfaces has a "-" sign in the "IIndex" column and both subinterfaces have the same number in the "FIndex" column.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S and may also occur on a Cisco 7500 series and a Cisco 10000 series. The symptom occurs when there are multiple subinterfaces on one hardware interface, when a Stateful Switchover (SSO) occurs, and when the original active RP (that becomes the new standby RP) reloads.
Workaround: There is no workaround.
TCP/IP Host-Mode Services
•CSCdz28034
Symptoms: A router may reload while you change the maximum transmission unit (MTU) size to 64 bytes on an OC-12 or OC-24 Packet-over-SONET (POS) interface.
Conditions: This symptom is observed on a Cisco 10000 series router or a Cisco 12000 series router when Multiprotocol Label Switching (MPLS) is enabled on the interface.
Workaround: There is no workaround.
•CSCea60379
Symptoms: A Cisco router may leak memory at a rate of up to 100 KB per day, resulting in the gradual reduction of the available memory.
Conditions: This symptom is observed on a Cisco router that is running Label Distribution Protocol (LDP). The symptom may be caused by applications that use TCP as the transport protocol.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(23)S2
Cisco IOS Release 12.0(23)S2 is a rebuild of Cisco IOS Release 12.0(23)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(23)S2 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.
The following information is provided for each caveat:
Symptoms—A description of what is observed when the caveat occurs.
Conditions—The conditions under which the caveat has been known to occur.
Workaround—Solutions, if available, to counteract the caveat.
•CSCdv51360
Symptoms: A data-link switching (DLSw) peer may be stuck in the "AB_PEND" state and a TCP session may be stuck in the "SYNSENT" state after an IP outage occurs between two DLSw routers.
Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.1(3)T but may also occur in other releases such as Release 12.0 S or Release 12.2 S.
Workaround: Use the show tcp brief EXEC command to determine the Transmission Control Block (TCB) of the hung TCP session. Enter the clear tcp tcb address privileged EXEC command to clear the TCB of the hung TCP session. The DLSw peers will reconnect as long as there is IP connectivity between the DLSw peers.
•CSCdw01726
Symptoms: A Simple Network Management Protocol version 3 (SNMPv3) user configuration is changed when a router is reloaded.
Conditions: This symptom is observed when an SNMPv3 user is created using message digest 5 (MD5) authentication by entering the following commands:
Router#
snmp group groupy v3 auth
Router#
snmp user abcdefghij groupy v3 auth md5 abcdefghijThe engine ID is then changed by entering the following command:
snmp-server engineID local 00000009020000024B0008FE
An SNMP walk is performed by entering the following command, the configuration is saved, and the router is reloaded:
Router#
snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l AuthNoPriv device-nameThe SNMP walk is successful and the following debug header output is displayed when the debug snmp EXEC command is entered:
Incoming SNMP packet: v3 packet security model: v3 security level: auth username: abcdefghij
The router is reloaded and a second SNMP walk is performed by entering the following command:
Router#
snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l AuthNoPriv device-nameAfter the second SNMP walk is performed, the command does not generate any output and the following debug header output is displayed when the debug snmp EXEC command is entered:
Incoming SNMP packet: v3 packet security model: v3 security level: noauth: username: abcdefghij
Workaround: Do not change the default engine identity (ID).
•CSCdx00274
Symptoms: A single-port Fast Ethernet 100BASE-TX port adapter (PA-FE-TX) may stop receiving burst traffic packets.
Conditions: This symptom is observed on a PA-FE-TX that is installed in a Cisco 7206VXR router.
Workaround: Clear the symptom by entering the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface of the PA-FE-TX.
•CSCdy23771
Symptoms: An incomplete adjacency is created between a provider edge (PE) router and a customer edge (CE) router. This situation causes a ping from one CE router to another CE router to fail.
Conditions: This symptom is observed in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment.
Workaround: First send a ping from the PE router to the CE router. After that, you can send a ping from one CE router to the other CE router.
•CSCdy36238
Symptoms: Group G (*,G) multicast route (mroute) state joins may no longer be sent. This situation may cause traffic to stop flowing after the group G mroute state times out.
Conditions: This symptom is observed after Protocol Independent Multicast (PIM) is disabled and then reenabled on an interface that serves as the only PIM interface on a router.
Workaround: There is no workaround.
•CSCdy37606
Symptoms: A Cisco 12000 series may generate the following message:
%LINK-3-TOOSMALL: Interface POS3/0, Output runt packet of 0 bytes
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S5, when an error occurs on an Engine 2 line card and when both sampled NetFlow and Multiprotocol Label Switching (MPLS) are enabled.
Workaround: Disable sampled NetFlow. Note that this workaround affects service because disabling sampled NetFlow causes Cisco Express Forwarding (CEF) to reload on the line card.
•CSCdy40742
Symptoms: After a Border Gateway Protocol (BGP) neighbor resets, CPU utilization may run very high on a Cisco 12000 series.
Conditions: This symptom is observed when the default-metric BGP command is enabled in the BGP router configuration.
Workaround: There is no workaround.
•CSCdy41660
Symptoms: For a short period of time, a forwarding engine can continue to send traffic to an interface that has just been shut down. Depending on traffic rates, this may consume all of the output buffer on the line card, causing the other interfaces on that line card to go down.
Conditions: This symptom is observed under rare circumstances.
Workaround: There is no workaround.
•CSCdy49411
Symptoms: Traffic policing may not function.
Conditions: This symptom is observed on the Network Processing Engine (NPE) of a Cisco 7200 series router.
Workaround: There is no workaround.
•CSCdy51437
Symptoms: A Versatile Interface Processor (VIP) may reload because of a direct memory access (DMA) receive error and may display a message that is similar to the following:
CYASIC Error Interrupt register 0x2000000
DMA Receive Error
CYASIC Other Interrupt register 0x180
QE HIGH Priority Interrupt
Unknown CYA oisr bit 0x00000080
QE RX HIGH Priority Interrupt
QE TX HIGH Priority Interrupt
CYBUS Error Cmd/Addr 0x8000068, CYBUS Error Data 0x0
MPUIntfc/PacketBus Error register 0x0
Conditions: This symptom is observed while there is a large amount of Internet MIX (IMIX) traffic on a 2-port Fast Ethernet port adapter (PA-2FE) that is installed on the VIP of a Cisco 7500 series.
Workaround: There is no workaround.
•CSCdy54493
Symptoms: A "%SNMP-3-CPUHOG: Processing GetNext of ciscoFlashDeviceEntry.5.8" error message is displayed during a Simple Network Management Protocol (SNMP) query on ciscoFlashDeviceEntry.
Conditions: These symptoms can occur on any Cisco router that is running Cisco IOS software.
Temporary Workaround: Exclude ciscoFlashMIB by entering the snmp-server global configuration command. If SNMP must be enabled on the Flash devices, then there is no workaround.
•CSCdy60008
Symptoms: If you change the interface bandwidth or delay, a router may reload.
Conditions: This symptom is observed after Enhanced Interior Gateway Routing Protocol (EIGRP) is terminated via the no router eigrp as-number global configuration command or the no ip routing global configuration command, causing the EIGRP process list to be invalid.
Workaround: Reload the router after you have terminated EIGRP.
•CSCdy61223
Symptoms: When an input access control list (ACL) is configured and multiple broadcast Address Resolution Protocol (ARP) requests are received, packet loss and performance degradation may occur because of a "format error" that is reported in the output of the show ip traffic EXEC command.
Conditions: This symptom is observed when you have enabled NetFlow on an interface of a 1-port Gigabit Ethernet line card that is installed in a Cisco 12000 series that is running Cisco IOS Release 12.0(16)S or Release 12.0 (22)S.
Workaround: Although the condition is triggered by multiple broadcast ARP requests, it only occurs if NetFlow, input ACLs, and ACL hardware checking are configured. Disabling any of these features will prevent the condition from occurring. For example, to remove the ACL hardware checking on the 1-port Gigabit Ethernet line card, enter the no access-list hardware salsa command.
•CSCdy73551
Symptoms: Packets are not exported from a Cisco 12000 series 1-port Gigabit Ethernet line card.
Conditions: This symptom is observed when an input access control list (ACL) and Sampled NetFlow (SNF) are configured using the access-list hardware salsa command.
Workaround: There is no workaround.
•CSCdz74925
Symptoms: A 4-port OC-48 Packet-over-SONET (POS) Engine 4 plus (E4+) line card may stop forwarding traffic after you have reloaded microcode onto the line card.
Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(24)S in a carrier supporting carrier configuration when the 4-port OC-48 POS E4+ line card interconnects a provider edge (PE) and a provider (P) router.
Workaround: Enter the clear ip bgp privileged EXEC command on the PE router.
•CSCdy75434
Symptoms: A line card in a provider edge (PE) router that is running IP version 6 (IPv6) in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) or in any connected router may reload because of a fabric ping failure, and the following error message may be generated:
%FIB-3-FIBDISABLE: Fatal error, slot 1: IPC Failure: timeout
%GRP-3-COREDUMP: Core dump incident on slot 1, error: Fabric ping failure (seq:3279)
%GRP-4-RSTSLOT: Resetting the card in the slot: 1,Event: EV_LC_E4_CORE_DUMP_DECLINE_DUPConditions: This symptom is observed on a Cisco 12000 series that functions as a 6PE router or on any connected router when an IPv6 default route is removed from another 6PE router and traffic is flowing through the IPv6 default route while the route update following the route removal is being processed. When the IPv6 default route is removed, one or more line cards may reload on any router that receives the route update.
Workaround: There is no workaround.
•CSCdy79494
Symptoms: An Engine 2 egress line card that is installed in a Cisco 12000 series that is functioning as a provider edge (PE) router reloads when a customer edge (CE) router starts sending traffic, and the following error messages are generated:
* %LCLOG-3-INVSTATE: LC logger in an invalid state (LC=3,state=WAITING FOR TEXT,msg=MSG START) -Traceback= 503583F8 502F6464 5021C54C 5021C538 SLOT 3: %LC-3-PSAERRS: PSA PSA_CPU_GS_INT error 4 SLOT 3:
%LC-3-PSAERR: PSA error: if_err 0 adr FC00002C cmd 5 data 0 pipe 0,fs 0,prep 0 (pc 1E5),pop 0 (pc 19C),plu 0,tlu 0,plu sdram 0 adr 0 synd 0 ch *
%GRP-3-FABRIC_UNI: Unicast send timed out (3). * %LCINFO-3-CRASH: Line card in slot 3 crashedConditions: This symptom is observed only when the ip cef accounting non-recursive per-prefix global configuration command is enabled.
Workaround: There is no workaround.
•CSCdy80592
Symptoms: A Cisco 12000 series may reload because of a redzone corruption.
Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-k4p-mz image of Cisco IOS Release 12.0(21)S1.
Workaround: There is no workaround.
•CSCdy87260
Symptoms: On a dual Route Processor (RP) router that has the Route Processor Redundancy Plus (RPR+) feature enabled, the configuration synchronization may fail when two break instances are sent on the standby RP.
Conditions: This symptom is observed on a Cisco 12000 series only if the user sends two break instances on the standby RP.
Workaround: There is no workaround.
•CSCdy87479
Symptoms: An OC-12 Dynamic Packet Transport (DPT) line card may reload when IP version 6 (IPv6) is configured on the interface.
Conditions: This symptom is observed when IPv6 traffic enters the interface.
Workaround: Unconfigure IPv6 on the interface, and use tunnels instead.
•CSCdz06100
Symptoms: A permanent virtual circuit (PVC) on a standby Route Processor (RP) may go down after the oam-pvc manage interface-ATM-VC configuration command is enabled. This behavior may cause the RP to take a longer time to be brought up after an RP switchover occurs. Traffic on a Cisco 12000 series or Cisco 10000 series Edge Services Router (ESR) may be interrupted for about 10 seconds when this behavior occurs.
Conditions: This symptom is observed on the standby RP of a Cisco 10000 series that is running Cisco IOS Release 12.0(23)S.
Workaround: Enter the no oam-pvc manage interface-ATM-VC configuration command to disable generation of Operation, Administration, and Maintenance (OAM) loopback cells and OAM management on the ATM PVC.
•CSCdz07032
Symptoms: When you add a new Performance Routing Engine (PRE) to a Cisco 10000 series, the startup configuration may not be copied to the new PRE. Verify that the configuration exists by entering the dir sec- nvram: EXEC command or the dir standby-nvram: EXEC command, depending on the Cisco IOS software image that you are running.
Conditions: The conditions under which this symptom occurs are not known at this time.
Workaround: Cut over to the new PRE, and save the configuration.
•CSCdz10165
Symptoms: A Tag Forwarding Information Base (TFIB) entry for a Virtual Private Network (VPN) routing/forwarding (VRF) static recursive route that is configured for multihop Border Gateway Protocol (BGP) may be lost.
Conditions: This symptom is observed after the egress interface flaps.
Workaround: There is no workaround.
•CSCdz12745
Symptoms: When a Cisco 12000 series Engine 2 Packet-over-SONET (POS) line card collects statistics for locally assigned Multiple Protocol Label Switching (MPLS) label entries, it may lose the outgoing label entries for the associated prefixes. All the prefixes show up as untagged, and it may be difficult or impossible to reach the prefixes.
Conditions: This symptom is observed on a Cisco 12000 series Engine 2 POS line card.
Workaround: To recover from the situation, reset the line card.
•CSCdz16897
Symptoms: The Path Remote Defect Indication (PRDI) may not be handled properly during an Automatic Protection Switching (APS) switchover. This situation does not affect service.
Conditions: This symptom is observed on a Cisco 10000 series OC-12 ATM line card when an APS switchover occurs because of poor line quality.
Workaround: There is no workaround.
•CSCdz17230
Symptoms: Loadsharing may occur unevenly.
Conditions: This symptom is observed on a Cisco 12000 series line card that does not support 16 hash buckets for loadsharing when Cisco Express Forwarding still attempts to use 16 hash buckets instead of the maximum number of hash buckets that is supported by the hardware.
Workaround: There is no workaround.
•CSCdz18497
Symptoms: A router may loop indefinitely when a Simple Network Management Protocol (SNMP) walk is performed against certain objects. The SNMP walk will not cycle if a specific interface is specified.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S6.
Workaround: Reload the router.
•CSCdz18851
Symptoms: A spurious memory error may occur when the microcode of an Engine 3 (E3) 16-port OC-3 (16xOC-3) Packet over SONET (POS) line card is reloaded.
Conditions: This symptom is observed on the E3 16xOC-3 POS line card of a Cisco 12000 series.
Workaround: There is no workaround.
•CSCdz19320
Symptoms: A Cisco 12000 series Engine 4 plus line card may reload after a forced switchover.
Conditions: This symptom is observed when Stateful Switchover (SSO) and Intermediate System-to-Intermediate System (IS-IS) are configured.
Workaround: Disable IS-IS.
•CSCdz21375
Symptoms: A memory leak may occur on a line card.
Conditions: This symptom is observed on the line card of a Cisco 12000 series after NetFlow is disabled on the last interface of a line card that has NetFlow enabled. This symptom is observed while there are more than 1900 flow records in the NetFlow cache of the line card.
Workaround: Keep NetFlow enabled on at least one interface on the line card.
•CSCdz25228
Symptoms: An Engine 2 (E2) line card may reload after it reboots.
Conditions: This symptom is observed on the E2 line card of a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S. The E2 line card is configured with 128 line input access control list (ACLs), Virtual Private Network (VPN), and has Frame Relay configured on one of the interfaces.
Workaround: There is no workaround.
•CSCdz25339
Symptoms: An unusually formatted Multicast Source Discovery Protocol (MSDP) packet may cause memory corruption and a router to reload.
Conditions: This symptom is observed on a Cisco router when it has a peer relationship with a specific third-party vendor router that is running a recent software release.
Workaround: Shut down the peer relationship by entering the ip msdp shutdown peer-address global configuration command.
•CSCdz28113
Symptoms: Manual Layer 2 Tunneling Protocol (L2TP) version 3 tunnels fail when two or more tunnels are configured to different destination provider edge (PE) routers. All of the traffic that enters the tunnel is forwarded to the same PE regardless of the configured PE address. This symptom is also observed when the user starts off with one manual tunnel configuration that points to a particular PE router and later changes the configuration to point to a different PE router.
Assuming that PE router 1 (PE1) is the initial router that the manual configuration points to and PE router 2 (PE2) is the subsequent PE router that the configuration is subsequently configured to point to, traffic will be sent to PE1 even after the configuration has been altered to point to PE2.
Conditions: This symptom is observed when the user has more than one manual L2TP version 3 tunnel configured and when at least one of those tunnels is going to a different destination IP address than the other tunnels.
Workaround: Use negotiated L2TP sessions or enable keepalive processing on the manual L2TP version 3 tunnels.
•CSCdz29044
Symptoms: An Engine 3 line card that connects a provider edge (PE) router and a customer edge router, both of which are running the Carrier Supporting Carrier feature, may reload.
Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S, that is functioning as a PE router, and that is running the Carrier Supporting Carrier feature when you reload microcode on one of multiple line cards that connects the PE router to a provider (P) router.
Note that the symptom occurs on an Engine 3 line card that connects the PE router and the CE router, but the microcode is reloaded onto another line card that connects the PE router and the P router.
Workaround: There is no workaround.
•CSCdz31376
Symptom: A Versatile Interface Processor (VIP) may reload unexpectedly if the following sequence is performed:
1) Enable distributed Cisco Express Forwarding (dCEF) by entering the ip cef distributed global configuration command.
2) Disable the NetFlow Flow-cache or NetFlow switching for IP routing (using the no ip route-cache flow global configuration command).
3) Configure Cisco Express Forwarding (CEF) using the ip cef global configuration command.
4) Re-enable dCEF by entering the ip cef distributed global configuration command.
5) Re-enable ip flow-cache commands, or enter the ip route-cache flow command.
6) Configure CEF using the ip cef global configuration command.
Conditions: This symptom was observed durning Cisco internal testing using VIP software, version 12.0(22.4)S.
Workaround: Re-enable ip flow-cache or ip route-cache flow commands before re-enabling dCEF, or upgrade to Release 12.0(23)S2 (recommended). This issue is resolved in 12.0(24)S.
•CSCdz31864
Symptoms: The OC-48 Packet-over-SONET (POS) bandwidth on a Performance Routing Engine 1 (PRE1) may not exceed 1.2 Gbps. The bandwidth should be able to scale to 1.4 Gbps.
Conditions: This symptom is observed on a Cisco 10000 series.
Workaround: There is no workaround.
•CSCdz32724
A line card that is facing the core of a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) may generate packet switch application-specific integrated circuit (ASIC) (PSA) error messages and may stop sending traffic to the core of the network. The following output may be observed when the show interface gigabit ethernet interface EXEC command is entered.
%LC-3-PSAERRS: PSA PSA_CPU_GS_INT error 4
%LC-3-PSAERR: PSA error: if_err 0 adr FC00002C c md 5 data 0 pipe 0,fs 0,prep 0 (pc 1EC),pop 0 (pc 19F),plu 0,tlu 0,plu sdram 0 a dr 0 synd 0 check 4D00,tlu sdram 0 adr 0 synd 0 check 0,ssdram 0 adr 0,gather 0, pl 1822D92,plmuxcnts 61, pludefpsr 22000, plupsr 22000, pludsr 0
Conditions: These symptoms are observed on a Cisco 12000 series 3-port Gigabit Ethernet line card when the line card flaps.
Workaround: There is no workaround.
•CSCdz32988
Symptoms: The CPU on a Cisco 7500 series Versatile Interface Processor (VIP) or on a Cisco 12000 series line card may persistently show very high utilization (99 percent) reported against the "TAG Stats Background" process, as is displayed in the output of the show processes cpu EXEC command:
CPU utilization for five seconds: 100%/1%; one minute: 99%; five minutes: 99%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
53 31226460 603427 51748 98.39% 98.60% 97.08% 0 TAG Stats Backgr
This situation does not directly impact the router operation because the "TAG Stats Background" process is a low priority process. However, the show mpls forwarding-table EXEC command does not provide accurate counters when this situation occurs.
Conditions: This symptom, which is a rare race condition, may occur when parallel paths are configured.
Workaround: Enter the no tag ip aggregate hidden command on the route processor. Note that doing so will prevent the counters of the show mpls forwarding-table EXEC command from being updated.
To restore normal VIP or line card operation, reload microcode onto the affected VIP or line card.
•CSCdz33176
Symptoms: A Cisco router that is functioning as a dedicated Border Gateway Protocol (BGP) Route Reflector (RR) in a network that is configured for BGP may display a message very similar to the following one on its console:
%SYS-3-CPUHOG: Task ran for 30020 msec (6/6), process = BGP Router, PC = 6080D21C.
When the message is displayed, the BGP router process causes the CPU utilization of the router to become high for one to several minutes, depending on the number of prefixes, neighbors, and updates.
Conditions: This symptom is observed when the router is running Cisco IOS Release 12.0(22)S or a later release, when it has a large number of neighbors that are configured in peer groups or update groups, when it has a large number of prefixes to send or receive, and when most of the neighbors start at the same time, or when the BGP sessions of the neighbors are reset at the same time using the clear ip bgp * EXEC command.
The symptom is also observed in the above-mentioned network topology when the client of a BGP RR is reset using the clear ip bgp * EXEC command.
Workaround: Do not reset all the BGP neighbor routers at the same time when RRs are used in a BGP configuration.
Alternate Workaround: Use Cisco IOS Release 12.0 ST.
•CSCdz33882
Symptoms: A Route Processor (RP) may reload.
Conditions: This symptom is observed on a Cisco 12000 series that is configured with dual RPs in Stateful Switchover (SSO) mode and that has about 200 Intermediate System-to-Intermediate System (IS-IS) neighbors when Nonstop Forwarding (NSF) is configured under the IS-IS process.
Workaround: There is no workaround.
•CSCdz34552
Symptoms: A Cisco 10720 router that is functioning as a provider (P) router may stop correctly performing Multiprotocol Label Switching (MPLS) label disposition, which can be verified in the output of the show hardware pxf cpu mpls label privileged EXEC command.
Conditions: This symptom is observed in a fully meshed network of provider edge (PE) routers that are connected via 802.1q links and occurs when a link breaks.
Workaround: There is no workaround. To clear the situation, enable explicit null labels or enter the clear ip bgp privileged EXEC command.
•CSCdz35853
Symptoms: When a SONET link is not stable, the following error messages may be generated on a 1-port OC-48 Port Packet-over-SONET (POS)/Synchronous Digital Hierarchy (SDH) IP Services Engine (ISE) line card:
SLOT 1: %EE48-3-GULF_RX_MOFIFO: Overflow detected. Corrective action taken.
SLOT 1: %EE48-3-GULF_RX_BYTE_TO_WORD: Out of synchronization, bitmap= 0xE. Corrective action taken.Conditions: This symptom is observed under rare circumstances on a Cisco 12000 series that is running Cisco IOS Release 12.0(22)S2.
Workaround: Reload the line card.
•CSCdz35977
Symptoms: IP multicast routes (mroutes) may not be downloaded to some line cards when a router is reloaded. The show ip mroute EXEC command can be entered on the Route Processor (RP) and the show ip mds forwarding EXEC command on the line cards to verify if mroutes are missing from the line cards.
Conditions: This symptom is observed when hardware-assisted multicast forwarding is used on a line card and occurs only if two line cards are reloaded simultaneously.
Workaround: Enter the clear ip mroute EXEC command on the line card to clear this symptom.
•CSCdz36445
Symptoms: Traffic does not resume after a Cisco 12000 series has reloaded.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S in an IP version 6 (IPv6) environment and that is configured with Engine 3 line cards.
Workaround: There is no workaround.
•CSCdz39645
Symptoms: Engine 4 (E4), Engine 4 Plus (E4+), Gigabit Ethernet, and Packet-over-SONET (POS) line cards on the transmit (TX) side may drop multicast packets. The multicast packets are meant to be fragmented by the Tx slow path.
Conditions: This symptom is observed on any incoming receive (RX) line card if the maximum transmission unit (MTU) of any outgoing interfaces is less than the size of the incoming packet. This symptom will not occur in the TX fast path or with non-fragmented packets.
Workaround: There is no workaround.
•CSCdz42268
Symptoms: Virtual Router Redundancy Protocol (VRRP), Hot Standby Routing Protocol (HSRP), and other applications may not work as expected.
Conditions: This symptom is observed on an Ethernet line card after either an online insertion and removal (OIR) or a microcode reload procedure is performed.
Workaround: There is no workaround.
•CSCdz42976
Symptoms: Open Shortest Path First (OSPF) or Intermediate System-to-Intermediate System (IS-IS) protocol adjacencies may be incomplete.
Conditions: This symptom is observed on a Cisco router after it is loaded with Cisco IOS Release 12.0(21)ST5 but may also occur in Cisco IOS Release 12.0 S. This symptom may affect connectivity across Engine 2 (E2) interfaces.
Workaround: There is no workaround.
•CSCdz45031
Symptoms: The distance eigrp router configuration command may not be displayed in the configuration although the configured values are applied to the routes. After you reload the router, the distance for Enhanced Interior Gateway Routing Protocol (EIGRP) routes returns to its default value.
Conditions: This symptom is observed on a Cisco router when you use EIGRP between a provider edge (PE) and customer edge (CE) router in a Multiprotocol Label Switching (MPLS) environment.
Workaround: There is no workaround.
•CSCdz45055
Symptoms: OPM (Optical Power Monitoring) may provide incorrect or nonrealistic values and may report that modules are down while they are functioning fine.
Conditions: This symptom is observed when you use small form-factor pluggable (SFP) optical modules that are externally calibrated.
Workaround: There is no workaround.
•CSCdz45760
Symptoms: A useless partial Shortest Path First (SPF) calculation may occur.
Conditions: This symptom is observed when an Open Shortest Path First (OSPF) link-state advertisement (LSA) for a 0.0.0.0 destination is refreshed.
Workaround: Use a static default route.
•CSCdz46604
Symptoms: Multilink adjacencies may show up as invalid.
Conditions: This symptom is observed on the Engine 3 (E3) Quad OC-12 line card of a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S3. It may not be possible to clear this symptom by entering the clear cef line EXEC command or by reloading the microcode on the line card.
Workaround: There is no workaround.
•CSCdz47189
Symptoms: An Engine 3 (E3) 4-port OC-12 (4xOC-12) or E3 OC-48 Packet over SONET (POS) line card may reload and generate traceback messages.
Conditions: This symptom is observed when the gsr-p-mz image of Cisco IOS Release 12.0(24)S is loaded on a Cisco 12406 router in an Inter Autonomous System Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) of an IP version 4 (IPv4) Border Gateway Protocol (BGP) label distribution environment. The E3 4xOC-12 line card may be operating either in the channelized mode or the POS mode.
Workaround: No workaround is necessary as the line cards will recover without user intervention.
•CSCdz48235
Symptoms: A Cisco 12000 series may reload because of a bus error.
Conditions: This symptom is observed on a Cisco 12000 series that has dual Gigabit Route Processors (GRPs) and that is operating in the Route Processor Redundancy (RPR) mode. This symptom is observed after the Cisco 12000 series is upgraded to Cisco IOS Release 12.0(23)S.
Workaround: There is no workaround.
•CSCdz52218
Symptoms: The VLAN ID may be rewritten to zero on an egress provider edge (PE) router.
Conditions: This symptom is observed in the Ethernet over Multiprotocol Label Switching (EoMPLS) Port Transport mode when the underlying packets are 802.1q packets with a nonzero class of service (CoS) value.
Workaround: There is no workaround.
•CSCdz52438
Symptoms: The forwarding state change of a multicast route on a line card may affect the fast path forwarding state of another multicast route. This behavior may cause the latter stream to be punted to the CPU of the line card and lead to a high CPU utilization condition.
Conditions: This symptom is observed on the 2-port OC-48 (2xOC-48) Spatial Reuse Protocol (SRP) line card of a Cisco 12400 series.
Workaround: Enter the clear ip mroute * EXEC command on the router to refresh the forwarding states of all multicast routes.
•CSCdz53743
Symptoms: A Cisco 12000 image may time out and fail to load via TFTP.
Conditions: This symptom is observed when a Cisco 12000 boot loader image is used to load the main Cisco IOS software image via TFTP. This symptom occurs because the boot loader image uses "00:00:00:00:00:00" as the MAC address for Ethernet 0. This symptom is observed in Cisco IOS Releases 12.0(20)S, 12.0(20)ST, and later releases.
Workaround: There is no workaround.
•CSCdz53850
Symptoms: A standby Route Processor (RP) may reload.
Conditions: This symptom is observed on the standby RP of a dual RP Cisco 12000 series when a line card on the Cisco 12000 series or a neighboring router is reloaded. This symptom occurs when a line card has a large number of encapsulation entries (3000 entries).
Workaround: There is no workaround.
•CSCdz54539
Symptoms: An Engine 4 plus line card that is installed in a Cisco 12400 series may be reset by the Route Processor (RP) because of interprocess communication (IPC) failures. The following errors may be displayed:
%CPUIF-3-NO_MEM: sendreq_freeq is NULL.
%MDS-2-LC_FAILED_IPC_ACK: RP failed in getting Ack for IPC message of size 148 to LC in slot 3 with sequence 58638, error = timeout
%FIB-3-FIBDISABLE: Fatal error, slot 3: IPC Failure: timeout
%GRP-4-RSTSLOT: Resetting the card in the slot: 3,Event: EV_AUTO_LC_RELOAD_ON_FIBDISABLE ]
Conditions: These symptoms are observed when route flapping occurs; route flapping may generate a high volume of IPC traffic.
Workaround: There is no workaround.
•CSCdz55717
Symptoms: Configuring OSPF (Open Shortest Path First) sham links in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment may cause a memory leak in the OSPF router process.
Conditions: This symptom is observed in a MPLS-VPN environment. The area area-id sham-link source-address destination-address cost number global configuration command is used and OSPF adjacency is formed over the sham-link. Each time an OSPF acknowledgment is sent over the sham-link, some memory is allocated that is never freed.
Workaround: There is no workaround.
•CSCdz55944
Symptoms: Switch fabric cards (SFCs) may fail on a Cisco 12410 router.
Conditions: This symptom is observed when there is an upgrade to a Cisco IOS release.
Workaround: There is no workaround.
•CSCdz55995
Symptoms: Packet or byte counters may not be accurate.
Conditions: This symptom is observed when a parity error occurs on a Cisco 12000 series Engine 4 or Engine 4 plus line card.
Workaround: There is no workaround.
•CSCdz56010
Symptoms: A router may reload while it is booting up if a different line card is installed in place of a 4-port channelized OC-3 (4xOC-3) line card in the even slot.
Conditions: This symptom can be reproduced by performing the following steps:
a. Configure a Cisco 10000 series with two 4xOC-3 line cards in adjacent odd or even slots.
b. Save the running configuration to ensure that the card commands are saved in the running configuration.
c. Reload the router.
d. Remove and replace the 4xOC-3 line card in the even slot with a different line card.
e. Boot the router.
Workaround: The following steps may prevent the router from reloading:
a. Remove the 4xOC-3 line card from the even slot.
b. Enter the no card 4/0 command.
c. Copy the running configuration to the startup configuration.
d. Reload the router.
•CSCdz56792
Symptoms: A Quad OC-12 ATM line card that is configured for the Carrier Supporting Carrier feature may reset or report an error.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(22)S3 and that is functioning as a customer carrier customer edge (CE) router, after you enter the no mpls ip global configuration command followed by the mpls ip global configuration command.
Workaround: There is no workaround.
•CSCdz58674
Symptoms: When an area border router receives type-4 link-state advertisements (LSAs) via the nonbackbone, the router may incorrectly generate type-4 LSAs into the backbone. This situation may cause a routing loop to occur.
Conditions: This symptom is observed in Cisco IOS Release 12.0(22)S or a later release or Release 12.2(10) or a later release.
Workaround: Reset the Open Shortest Path First (OSPF) process by entering the clear ip ospf process privileged EXEC command.
•CSCdz59591
Symptoms: The append modifier does not append data to named files on Advanced Technology Attachment (ATA) devices and the original contents of the named file remains unchanged.
Conditions: This symptom affects Cisco IOS releases that have the fix for CSCdz27200.
Workaround: There is no workaround.
•CSCdz60152
Symptoms: When you configure additional access control entry (ACE) entries with Layer 4 fields on a 128-line input access control list (ACL) that is configured on an Engine 4 plus (E4+) line card, the line card may reload.
Conditions: This symptom is observed on a Cisco 12000 series 1-port 10-Gigabit Ethernet E4+ line card.
Workaround: Do not add more than 128 ACEs with Layer 4 fields. If more than 128 ACEs with Layer 4 fields are required, remove the ACL form the E4+ line card, add the ACEs with Layer 4 fields, and then reapply the ACL to the line card.
•CSCdz60229
Cisco devices which run Cisco IOS software and contain support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet directed at the affected device can cause a reload of the device. No authentication is necessary for the packet to be received by the affected device. The SSH server in Cisco IOS software is disabled by default.
Cisco will be making free software available to correct the problem as soon as possible.
The malformed packets can be generated using the SSHredder test suite from Rapid7, Inc. Workarounds are available. The Cisco PSIRT is not aware of any malicious exploitation of this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml
•CSCdz63938
Symptoms: On a Cisco router that is configured for distributed Cisco Express Forwarding (dCEF) and Border Gateway Protocol (BGP) and that has a large number of BGP routes, the following messages may be displayed:
%SYS-2-MALLOCFAIL: Memory allocation of 32768 bytes failed from 0x5021F524, alignment 0
Pool: Processor Free: 23492 Cause: Not enough free memory
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "BGP Router", ipl= 0, pid= 153
-Traceback= 502243C8 50227438 5021F52C 5010E0A4 50124FF0 504F0F50 504C01B0 504C0868 50701408 50702614 50C5AF48 507026B0 506D1920 5021C80C 5021C7F8
%FIB-3-NORPXDRQELEMS: Exhausted XDR queuing elements while prepIn addition, CEF may be disabled and a message very similar to the following message may be displayed:
%FIB-2-FIBDOWN: CEF has been disabled due to a low memory condition.
If new BGP neighbors are peering at the same time, the following message may also be displayed:
%SYS-3-CPUHOG: Task ran for 29984 msec (4/0), process = BGP Router, PC = 506D0DF4.
-Traceback= 506D0DFC 5021C80C 5021C7F8When this last message is displayed, the BGP router process may cause the CPU utilization of the router to become high for one to several minutes, depending on the number of prefixes and neighbors that are configured and the number of updates that are occurring.
Conditions: These symptoms are observed under rare conditions on a distributed platform router, such as the Cisco 12000 series, that is configured with line cards and that is running Cisco IOS Release 12.0 S when you run the router beyond its physical limitations, especially when you run the router for a long time under very low memory conditions and with, or along with, a large number of routes, peers, and line cards. All of these conditions may lead to abnormality in the steady state performance of the router.
If CEF is disabled because of low memory conditions, you can reenable it by entering the ip cef distributed global configuration command.
Workaround: Limit the number of BGP routes on the router in relation to the memory that is installed in the router. For example, on a Cisco 12000 series that is configured with 256 MB of memory and based on different parameter of the routes, limit the maximum number of routes that BGP installs to about 150,000 routes.
First Alternate Workaround: Increase the memory on the router and on the line cards to accommodate the large number of routes. For example, if a Cisco 12000 series is configured with 256 MB of memory, increase the memory to 512 MB to enable better performance with a large number of routes.
Second Alternate Workaround: Adjust the BGP parameters by applying aggregation features or enabling the auto-summary router configuration command for BGP, or by using the aggregate-address router configuration command to reduce the number of BGP routes. These actions can help to reduce the memory usage of BGP and CEF.
Closing Comments: This caveat is closed because it is related to the limitation that is posed by 256 MB of memory. Future releases may include changes to BGP to enable BGP to use less transient memory when it builds updates.
•CSCdz65683
Symptoms: Interfaces that are configured on the 8xOC-3 Engine 2 line card or the 16xOC-3 Engine 2 line card may not be recovered from a down/down state.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(24)S.
Workaround: There is no workaround.
•CSCdz69295
Symptoms: A router may reload when a route that is learnt via Intermediate System-to-Intermediate System (IS-IS) IP version 6 (IPv6) has more than eight equal-cost paths.
Conditions: This symptom is observed when more than eight equal-cost links are configured between two IS-IS IPv6 routers. Depending on the network topology, the symptom may also occur when there are less then eight equal-cost links between an IS-IS IPv6 router and its neighbors.
Workaround: Ensure that there are less than eight equal-cost links configured between two IS-IS IPv6 routers.
•CSCdz69362
Symptoms: Tag forwarding counter may no longer function when parity errors occur on an Engine 4 plus line card.
Conditions: This symptom is observed on a Cisco 12000 series.
Workaround: There is no workaround.
•CSCdz71662
Symptoms: A Cisco router may fail because of a bus error while an online insertion and removal (OIR) is in progress.
Conditions: This symptom is observed on a Cisco 12000 series when the show environment command is being executed while an OIR is in progress.
Workaround: Do not perform an OIR when the show environment command is being executed.
•CSCdz74588
Symptoms: Traffic on a load-sharing path may be switched to the wrong destination or dropped altogether.
Conditions: This symptom is observed when a Cisco 12000 series Engine 4 (E4) line card is on the ingress side, there is a load-sharing path or multiple paths on the egress side, and a hidden class of service (CoS) global configuration command is configured on the router.
Workaround: Remove the extra load-sharing paths, and make it one single outgoing path.
•CSCdz81035
Symptoms: When you write a crashinfo file to an Advanced Technology Attachment (ATA) Flash disk, the file on the ATA Flash disk may be corrupt and unusable.
Conditions: This symptom is observed on any Cisco device that enables the crashinfo file to be written to an ATA Flash disk.
Workaround: There is no workaround.
•CSCdz81906
Symptoms: A T1 or E1 link that is configured under AU-4-TUG-3 controllers 4 through 12 on a 1-port channelized OC-12 line card that is using Synchronous Digital Hierarchy (SDH) framing may not come up.
Conditions: This symptom is observed on a Cisco 10000 series when the 1-port channelized OC-12 line card is connected to a third-party vendor device. Note that the symptom does not occur when you use AU-4-TUG-3 controllers 1 through 3.
Workaround: There is no workaround.
•CSCdz83304
Symptoms: T3 links on a 4-port channelized OC-3 line card may not come up under Synchronous Digital Hierarchy (SDH) framing.
Conditions: This symptom is observed on a Cisco 10000 series when the 4-port channelized OC-3 line card interoperates with a third-party vendor device.
Workaround: There is no workaround.
•CSCdz88629
Symptoms: An interface of a 3-port Gigabit Ethernet line card may not come up.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(23)S1 after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface.
Workaround: Reload microcode onto the line card.
First Alternate Workaround: Unplug the cable of the line card, and then plug it in again.
Second Alternate Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the back-to-back interface.
•CSCdz88744
Symptoms: A Gigabit Ethernet Engine 2 or an Engine 4 plus line card may reload when you perform an online insertion and removal (OIR) of the Clock and Scheduler Card (CSC).
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0 S.
Workaround: There is no workaround.
•CSCea00642
Symptoms: A 24-port channelized E1/T1 line card may produce a traceback, and the serial interface may not come up.
Conditions: This symptom is observed on a Cisco 10000 series when you change the mode on the line card from E1 to T1.
Workaround: There is no workaround.
•CSCea01869
Symptoms: If a 3-port Gigabit Ethernet (GE) Engine 2 (E2) line card is configured for dot1q VLAN operation and an inbound access control list (ACL) is applied to the main interface, the line card will be paused by the Gigabit Route Processor (GRP), reporting Fabric Unicast timeout errors. Note that 3-port GE E2 line cards do not support per subinterface ACL processing.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S or a later release with both normal and extended ACLs. The line card will continue to pause until the ACL is either removed from the interface configuration or ACL is removed from the configuration using the no access- list access-list-number global configuration command.
Workaround: There is no workaround.
•CSCea04669
Symptoms: When you use the break key to reset the secondary Gigabit Route Processor (GRP) on a Cisco 12000 series that is configured with two GRPs, the primary GRP may first pause and then reload when the following watchdog timeout occurs:
%SYS-2-WATCHDOG: Process aborted on watchdog timeout process = Fabric ping
This situation may impact the process of replacing a defective secondary GRP.
Conditions: This symptom is observed regardless of the redundancy mode (Route Processor Redundancy [RPR], Route Processor Redundancy Plus [RPR+], or Stateful Switchover [SSO]).
Workaround: There is no workaround.
•CSCea04756
Symptoms: "IBC divert PAK" and "Camr-3-INTPROC" errors may occur.
Conditions: This symptom is observed on a Cisco 10720 router.
Workaround: There is no workaround.
•CSCea06591
This caveat is closed.
Symptoms: When you apply a 448-line access control list (ACL) on an Engine 2 (E2) line card to control outbound traffic, Cisco Express Forwarding (CEF) may be disabled on the E2 line card and on other E2 line cards in the chassis.
Conditions: This symptom is observed on a Cisco 12000 series when there are about 200,000 Border Gateway Protocol routes and is about 3,000 Interior Gateway Protocol (IGP) (or Intermediate System-to- Intermediate System [IS-IS]) routes. All E2 line cards have 256 MB of memory.
Workaround: To prevent CEF from being disabled, and to minimize usage of packet switch application-specific integrated circuit (ASIC) (PSA) memory, enter the access-list hardware psa limit 128 global configuration command. Doing so enables all ACL lines to be processed at the CPU of the line card.
•CSCin14188
Symptoms: The ifIndex Persistence feature does not function after a switchover.
Conditions: This symptom is observed in a high availability (HA) Stateful Switchover (SSO) environment.
Workaround: To reenable the ifIndex Persistence feature, enter the write memory EXEC command after the switchover.
•CSCin27782
Symptoms: Permanent virtual circuits (PVCs) that are managed by Operation, Administration, and Maintenance (OAM) cells may not come up.
Conditions: This symptom is observed on an 8-port ATM Inverse MUX T1 port adapter (PA-A3-8T1IMA) or an 8-port ATM Inverse MUX E1 port adapter (PA-A3-8E1IMA) that is installed in a Cisco 7200 series or Cisco 7500 series router that is running Cisco IOS Release 12.2(13)T or a later release, or Release 12.0 S.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(23)S1
Cisco IOS Release 12.0(23)S1 is a rebuild of Cisco IOS Release 12.0(23)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(23)S1 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.
The following information is provided for each caveat:
Symptoms—A description of what is observed when the caveat occurs.
Conditions—The conditions under which the caveat has been known to occur.
Workaround—Solutions, if available, to counteract the caveat.
•CSCdp15126
Symptoms A packet that is destined for a next hop may not be policy-routed.
Conditions These symptoms are observed when you enable policy routing on a Fast Ethernet Inter-Switch Link (ISL) subinterface.
Workaround There is no workaround.
•CSCdt38855
Symptoms A Cisco 7200 series router that has data-link switching (DLSw) configured may reload because of a software condition.
Conditions This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.0(15) when DLSw with TCP encapsulation is sent over an X.25 network and when an X.25 transmission attempt fails because packets are dropped.
Workaround There is no workaround.
•CSCdv49909
Symptoms Parallel links may not be used efficiently on a Cisco router when Multiprotocol Label Switching (MPLS) traffic is load balanced over parallel links to a customer premises equipment (CPE) device.
Conditions This symptom is observed when a Virtual Private Network (VPN) routing and forwarding (VRF) static route to a remote loopback interface is configured and both parallel links to the same CPE device are configured to the same loopback interface without an IP address using the ip unnumbered interface configuration command.
Possible Workaround Define the following configurations on the provider edge (PE) and customer edge (CE) routers to achieve load balancing with static VRF routes.
PE Configuration
interface multilink250
ip vrf forwarding YELLOWVPN
ip address 10.0.0.1 255.255.255.0
interface multilink251
ip vrf forwarding YELLOWVPN
ip address 10.1.0.1 255.255.255.0
The links in the CE configuration must be configured with 10.0.0.2 and 10.1.0.2.
10.10.0.1/32 is the CE loopback and must be advertised to the PE via Routing Information Protocol (RIP) or with another router protocol. A static route may be used.CE Configuration:
ip route vrf YELLOWVPN 10.10.0.1 255.255.255.255 10.0.0.2
ip route vrf YELLOWVPN 10.10.0.1 255.255.255.255 10.1.0.2
The following output defines static routes for the CE prefix:
ip route vrf YELLOWVPN 192.168.200.0 255.255.255 0 10.10.0.1
•CSCdw67052
Symptoms The ATM traffic in a Cisco 12000 series ATM Quad OC-3 line card with Segmentation and Reassembly (SAR) 3.1.3 may not work properly. Cell drops may occur in the background traffic because of the usage parameter control (UPC) configuration in the ATM switch. The ping timeout may be 15 out of 1000 pings, with a packet size of 18,000 bytes.
Conditions These symptoms are observed on a Cisco 12000 series router with the UPC on the ATM switch set to "DROP." (The symptoms are not observed on a Cisco 7200 series routers or a Cisco 7500 series routers under the same scenario.)
The symptoms occur when the ATM variable bit rate-non-real time (VBR-NRT) permanent virtual circuit (PVC) has a peak cell rate (PCR) of 46, the sustainable cell rate (SCR) is set to 23, and the maximum burst size (MBS) is set to 100.
Workaround Reduce the MBS by about 10 percent, for example, to 90.
•CSCdx67497
Symptoms Source/destination pairs may not be switched in hardware and may receive degraded service.
Conditions This symptom is observed when IP version 6 (IPv6) load balancing is performed with 3 paths on a Cisco 12000 series Engine 3 line card and occurs on source/destination pairs that hash to 15. The symptom does not occur when load balancing is performed with 1, 2, 5, or 8 paths.
Workaround There is no workaround.
•CSCdx87577
Symptoms Memory allocation failures occur on a Cisco router that has authentication, authorization, and accounting (AAA) configured, and "%SYS-2- MALLOCFAIL" messages are displayed. When you enter the show memory summary command, the command output shows that many small blocks are used by the AAA processes.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(15)S3.
Workaround There is no workaround.
•CSCdx94479
Symptoms The convergence time after four Stateful Switchovers (SSOs) on a Cisco 10000 series edge services router is 11 seconds but should never be longer than 10 seconds.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdy22528
Symptoms Configuring 6000 Access Control Entry (ACE) entries or more in an access control list (ACL) causes Cisco IOS software to reload.
Conditions This symptom is observed on a Cisco 10000 series router that is configured with a Performance Routing Engine 1 or 2 (PRE1 or PRE2).
Workaround There is no workaround.
•CSCdy27414
Symptoms An interface of a Cisco 10000 series channelized T3 (CT3) line card may not dequeue packets. When the link on a CT3 card flaps, one or more interfaces may not recover. The output queue of the interface may become full with PPP/High-Level Data Link Control (HDLC) packets and may stay in the "Up/Down" state.
Conditions These symptoms are observed when a chip of a third-party vendor on a Cisco 10000 series CT3 line card is defective.
Workaround There is no workaround; return the CT3 line card for repair.
The fix for this caveat adds a software procedure that periodically checks if the pointers that link the partial packet buffer RAM blocks are becoming corrupted. When a corrupted pointer is detected, the associated interface is removed and then replaced, which may cause the interface to be incapable of transmitting traffic for up to 10 seconds. When this condition is detected and repaired, a message is logged to the Route Processor and the line card log to notify the user.
•CSCdy33457
Symptoms A Cisco 12000 series Engine 0 (E0) Packet-over-SONET (POS) line card reloads and causes the router to lose all its routes. A back-to-back ping on other line cards fails and causes Open Shortest Path First (OSPF) Border Gateway Protocol (BGP) to go down.
Conditions These symptoms are observed when you change the maximum transmission unit (MTU) of a port channel while traffic is flowing.
Workaround Reload the E0 POS line card.
•CSCdy34113
Symptoms A Cisco 7500 series router may reload at a packet enqueue utility.
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S when all of the following conditions are met:
–A Frame Relay (FR) link is configured on a Versatile Interface Processor (VIP) interface.
–Frame Relay Traffic Shaping (FRTS) is enabled for FR circuits via the map-class frame-relay global configuration command, and distributed traffic shaping is not enabled on the Route Switch Processor (RSP).
–You deencapsulate the interface by using the no encapsulation frame-relay interface configuration command, and you unconfigure the interface by entering the no map-class frame-relay global configuration command.
–While you unconfigure FRTS, FR encapsulation occurs, and the traffic load is still high so that the shaping function is activated and outbound packets on per-virtual circuit (VC) queues are throttled.
Workaround Avoid the situation in which all of the above-mentioned conditions take place concurrently. For example, when an FR link is configured on a VIP interface and you require traffic shaping, use distributed FRTS, or unconfigure FRTS while user traffic is low so as not to activate the shaping function.
•CSCdy36665
Symptoms Operation, Administration, and Maintenance (OAM)-managed permanent virtual circuits (PVCs) on an 8-port T1 ATM port adapter with Inverse Multiplexing over ATM (IMA). (PA-A3-8T1IMA) or an 8-port E1 ATM port adapter with IMA (PA-A3-8E1IMA) may not come up as expected.
Conditions This symptom is observed on a PA-A3-8T1IMA or a PA-A3-8E1IMA of a Cisco 7200 series or Cisco 7500 series router that is running Cisco IOS Release 12.2(11.5)T or a later release.
Workaround There is no workaround.
•CSCdy40021
Symptoms Reassembly table entries may indicate incorrectly that they are still active following the removal of an associated Multilink PPP (MLP) configuration.
Conditions This symptom is observed when you remove a large MLP configuration in a single step, that is, when you use a single configuration file to shut down the bundle and remove the bundle from the running configuration.
Workaround Use one configuration file to shut down the bundle and another (separate and unique) configuration file to remove the bundle from the running configuration.
•CSCdy43435
Symptoms Virtual Private Network routing/forwarding (VRF) does not function properly on a Frame Relay link between a provider edge (PE) router and a customer edge (CE) router, and the CE router cannot ping the PE router.
Conditions These symptoms are observed on a Frame Relay link between a Cisco 10000 series router that is functioning as a PE router and another Cisco 10000 series router that is functioning as a CE router.
Workaround Reload the PE router to make the link between the PE router and the CE router function.
•CSCdy51151
Symptoms When a Cisco 12000 series Engine 3 line card receives a tag packet with an IP version 4 (IPv4) packet that has options underneath it or with a non-IPv4 packet such as an IP version 6 (IPv6) packet, the packet may be send to the line card CPU for processing.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)ST2.
Workaround There is no workaround.
•CSCdy54337
Symptoms An interface on a 2-port Fast Ethernet port adapter (PA-2FE) may stop transmitting if this interface or the other interface on the same port adapter goes down or flaps under a heavy traffic load. The interface that stops transmitting may display the following messages:
%RSP-3-RESTART: interface FastEthernet3/0/0, not transmitting
%RSP-3-RESTART: interface FastEthernet3/0/0, output frozen
%RSP-3-RESTART: cbus complexConditions This symptom is observed on the PA-2FE on a Cisco 7500 series Versatile Interface Processor 4 (VIP4) that is configured with Fast Ether Channel (FEC). This symptom is observed when the port adapter is carrying a heavy traffic load and when part of the traffic is originating from a port adapter (PA-A3) that is located on the same VIP.
Workaround There is no workaround.
•CSCdy57048
Symptoms A Telnet session from a terminal over a vty connection to a Cisco 7206VXR router may pause indefinitely.
Conditions This symptom is observed on a Cisco 7206VXR router that is running Cisco IOS Release 12.2(4)XZ5, that is configured with a Network Processing Engine 300 (NPE-300), and that is functioning as a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) provider edge (PE) router when large text displays are dumped on the screen of the terminal.
The symptom is caused by a corrupt TCP Telnet packet that is generated by the router.
Workaround There is no workaround.
•CSCdy58872
Symptoms Pins across a link bundle fail when the attached line cards are either 1-port or 3-port Gigabit Ethernet line cards.
Conditions This symptom is observed on a connection between two Cisco 12000 series routers with at least one of the routers configured with a Next Generation Release Process (NGRP). The symptom occurs on the c12kprp-p-mz image of Cisco IOS Release 12.0(22.3)S and later releases.
Workaround There is no workaround.
•CSCdy61234
Symptoms Many interprocess communications (IPC) messages are sent to a Cisco 12000 series Gigabit Ethernet (GE) line card, and the nonblocking IPC command queue becomes full.
Conditions These symptoms are observed on a Cisco 12000 series router that is configured with a GE line card when you use TFTP to copy a configuration with many VLANS (that is, 800 or more VLANs) to the running configuration.
Workaround Copy the configuration with many VLANS to the startup configuration, and reload the router.
•CSCdy63771
Symptoms Virtual Private Network (VPN) routing/forwarding (VRF) may not function on a High-Speed Serial Interface (HSSI) port adapter.
Conditions This symptom is observed on a Cisco 7500 series router.
Workaround Remove and reconfigure the affected subinterface on the HSSI port adapter.
•CSCdy64917
Symptoms A Cisco 12000 series Engine 2 line card may reload.
Conditions This symptom is observed when traffic engineering (TE) metric is used.
Workaround There is no workaround.
•CSCdy65658
Symptoms A policy map with multiple class maps does not synchronize correctly with a standby Route Processor (RP).
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround Reload the standby RP.
•CSCdy67945
Symptoms When you enter a loopback remote line interface configuration command on a 6-port channelized T3 line card, the command may fail and may cause a T1 connection to flap.
Conditions This symptom is observed on both American National Standards Institute (ANSI) and Bell Communications Research (Bellcore) loopbacks on networks that are sensitive to T1 framing errors.
When you enter the loopback remote line interface configuration command, the line card causes a brief change of frame alignment (COFA) error. Normally, this error goes unnoticed. However, some devices react to these errors with an alarm indication signal (AIS). Each time the loopback request is initiated (that is, if the T1 connection is configured for remote loopbacks each time the T1 connection comes up), the AIS brings the T1 connection down.
Workaround There is no workaround.
•CSCdy68292
Symptoms The following error messages may be generated on a Cisco 12000 series Engine 4 plus (E4+) OC-192 line card:
SLOT 6: %RX192-3-HINTR: status = 0x4000000, mask = 0x7EFFFF FF - Parity error on rx_pbc_mem.
-Traceback= 4039CEF0 4044ECEC 400C85B0
SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7
-Process= "CEF IPC Background", ipl= 7, pid= 52
-Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108
SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7
-Process= "CEF IPC Background", ipl= 7, pid= 52
-Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108Cisco Express Forwarding (CEF) on the E4+ OC-192 line card may become disabled, and the associated port stays in an "Up/Up" state.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-k4p-mz image of Cisco IOS Release 12.0(21)S3 or the gsr-p-mz image of Cisco IOS Release 12.0(21)ST2.
Workaround Enter the microcode reload slot-number global configuration command on the E4+ OC-192 line card.
•CSCdy73102
Symptoms When a primary Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel reoptimizes over another link, a traffic drop may occur.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S1 following a Fast Reroute (FRR) operation.
Workaround Configure the primary label switched path tunnel (LSP tunnel) as an explicit tunnel.
•CSCdy73244
Symptoms Guarantees may not be achieved for some classes for a certain combination of bandwidth assignments within a service policy.
Conditions This symptom is observed when you use the following bandwidth allocation: class 1, 8 kbps; class 2 64 kbps; class 3 16 kbps; class 4 14 kbps; parent class, 120 kbps.
Workaround Sightly adjust the bandwidth of one of the classes. In the above example, changing class 3 to 14 kbps or class 4 to 16 kbps would solve the situation.
•CSCdy76986
Symptoms Distributed switching may not function for packets.
Conditions This symptom is observed on a distributed multilink interface on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22.4)S1.
Workaround There is no workaround.
•CSCdy77591
Symptoms On a Cisco 7500 router that is configured for High Availability, when you enter the shutdown interface configuration command on a serial interface, the following error message is displayed on the standby Route Processor (RP) and the standby RP reloads:
%HA-2-CCB_PLAYBACK_ERROR: CCB playback failed.
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0 S.
Workaround There is no workaround.
•CSCdy78371
Symptoms An Engine 2 Quad OC-12 line card that has interfaces configured for Virtual Private Network (VPN) and that has a Frame Relay subinterface may reload.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.4)S1 when a microcode bundle is configured and loaded onto the Engine 2 Quad OC-12 line card.
Workaround There is no workaround.
•CSCdy78970
Symptoms A Cisco 12000 series Engine 2 line card may generate the following error messages:
SLOT 14: %LCPOS-3-SOP: TX:BadLenCtr. Source=0x1 (Plim), halt_minor0=0x8001 (1000 0000 0000 00sl, s/l=TooShort/long)
SLOT 14: %GSR-3-INTPROC: Process Traceback= 400CCE60 400C90F0 40010A24
-Traceback= 4033F424 4044ED54 400C88B0Conditions This symptom is observed when you remove and reinsert switch fabric on a Cisco 12000 series router while traffic is flowing.
Workaround There is no workaround.
•CSCdy80866
Symptoms When you configure more than 64 Inter-Switch Link (ISL) VLANs, a Versatile Interface Processor (VIP) may reload.
Conditions This symptom is observed on a Cisco 7500 series router.
Workaround Use only dot1q encapsulation.
•CSCdy86210
Symptoms NetFLow stops functioning after an online insertion and removal (OIR) of a switch fabric card (SFC).
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround Disable and reenable the ip route-cache flow sampled interface configuration command.
•CSCdy89001
Symptoms An Engine 4 Packet-over-SONET (POS) line card reloads.
Conditions This symptom is observed on an Engine 4 Packet-over-SONET (POS) line card in a Cisco 12000 series Internet router during several online insertion and removal (OIR) procedures on a Clock Scheduler Card (CSC).
Workaround There is no workaround.
•CSCdy89041
Symptoms A memory leak of about 0.5 MB occurs in the "Pre Command NV Buffer" process.
Conditions This symptom is observed when you connect to a Cisco 12000 series Route Processor (RP) through a vty.
Workaround There is no workaround.
•CSCdy89663
Symptoms A Cisco 12000 series router may reload when an interface flaps.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S during multicast traffic.
Workaround There is no workaround.
•CSCdz00085
Symptoms A Cisco router that is functioning as a provider edge (PE) router may install an outgoing point of presence (POP) label instead of an outgoing aggregate label for a connected Virtual Private Network (VPN) routing/forwarding (VRF) route.
Conditions This symptom is observed in a carrier supporting carriers topology with a Cisco router that is running Cisco IOS Release 12.2(12.10)T1 and that is functioning as a PE router.
Temporary Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration on the VRF interface until the symptom occurs again.
Alternate Temporary Workaround Reload the router. However, after having done so, when you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the VRF interface the symptom will occur again.
•CSCdz02817
Symptoms The Binary Synchronous Communications (Bisync) IP (BIP) counter displays a value of 46623 instead of 5.
Conditions This symptom is observed on a Cisco 10000 series 4-port channelized OC-3 line card.
Workaround There is no workaround.
•CSCdz07354
Symptoms Enhanced Interior Gateway Routing Protocol (EIGRP) resets the routing table when you enter the write memory EXEC command, write terminal EXEC command, or show running-config privileged EXEC command.
Conditions This symptom is observed on a Cisco 7505, Cisco 7507, and Cisco 7513 router.
Workaround There is no workaround.
•CSCdz07393
Symptoms When you apply a combination of IP version 6 (IPv6), an access control list (ACL), and Sampled NetFlow to an interface on an Engine 4 plus line card, the line card may reload.
Conditions This symptom is observed while IPv6 traffic is flowing.
Workaround There is no workaround.
•CSCdz08851
Symptoms Resource Reservation Protocol (RSVP) Hello detection may not trigger a Fast Reroute (FRR) switchover.
Conditions This symptom is observed when you use RSVP Hello detection to enable Multiprotocol Label Switching traffic engineering (MPLS TE) FRR protection on shared interfaces.
Workaround There is no workaround.
•CSCdz09657
Symptoms An IP version 6 (IPv6) automatic tunnel cannot be created.
Conditions This symptom is observed on a Cisco 12000 series router when you reload the router after you have enabled the tunnel mode ipv6ip auto-tunnel command and have saved the command in the startup configuration. The tunnel interface is not enabled for IPv6, and the routing table does not show the correct route nor a static route to the tunnel.
Workaround Enter the no tunnel source type number interface configuration command followed by the tunnel source type number interface configuration command on the tunnel interface.
•CSCdz11618
Symptoms Counters for policy-based routing (PBR) update at an incorrect route map.
Conditions This symptom is observed when matching conditions are not defined for a route map.
Workaround When matching conditions are not defined for a route map, the situation is treated as a "permit ip any any" condition; assign the access-list access-list-number permit ip any any global configuration command as the matching condition for the route map.
•CSCdz12053
Symptoms The entPhysicalParentRelPos MIB object does not return the correct value for the physical slots in a Cisco 10000 series router chassis.
Conditions This symptom is observed on a Cisco 10000 series router that is running the c10k-p10-mz image of Cisco IOS Release 12.0(23)S.
Workaround There is no workaround.
•CSCdz14160
Symptoms A Cisco 12000 series Route Processor (RP) may reload.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S during Fast Reroute (FRR) testing.
Workaround There is no workaround.
•CSCdz14266
Symptoms When you change a class queue from low latency queueing (LLQ) to non-LLQ, or the other way around, or when you simply remove and recreate a class queue, the queue of the next class disappears, as is displayed in the output of the show hardware pxf cpu queue interface privileged EXEC command.
Conditions This symptom is observed on a Cisco 10000 series router when you change or create a class queue using the no priority policy-map class configuration command followed by the priority policy-map class configuration command or using the no bandwidth policy-map class configuration command followed by the bandwidth policy-map class configuration command.
Workaround There is no workaround.
•CSCdz18265
Symptoms A static crossconnect setup may fail.
Conditions This symptom is observed when you configure a static crossconnect that is using an interface that is down. When the interface comes up, the static crossconnect is not set up in the Label Forwarding Information Base table.
Workaround Remove the static crossconnect using the no mpls static crossconnect global configuration command and reapply the static crossconnect using the mpls static crossconnect global configuration command.
•CSCdz19881
Symptoms An input access control list (ACL) may not take effect.
Conditions This symptom is observed on a Cisco 12000 series Engine 4 plus interface on which the VRF Selection feature is enabled.
Workaround There is no workaround.
•CSCdz20079
Symptoms Configuring the hw-module slot shutdown global configuration command in the startup configuration may cause a router to reload.
Conditions This symptom is observed on a Cisco 10000 series router when you attempt to boot from an eboot image.
Workaround Do not configure the hw-module slot shutdown global configuration command in the startup configuration.
Alternate Workaround Change the configuration register to "0x40" to ignore the configuration during the bootup process.
•CSCdz21278
Symptoms A destination interface may not have a value in the NetFlow cache (that is, the destination interface may be null), but it should have a value.
Conditions This symptom is observed when the egress interface is on a Cisco 12000 series Engine 0 line card and a rate limit access list is applied to the egress interface. The rate limit access list may not cause packets to be dropped, but the destination interface is null in the NetFlow cache.
Workaround Disable the rate limit on the output interface.
•CSCdz23286
Symptoms A Cisco 12000 series router may reload during the bootup process.
Conditions This symptom is observed when you attempt to boot up the Cisco 12000 series router with an image of Cisco IOS Release 12.0(23)S and occurs before the image is loaded onto the router.
Workaround There is no workaround.
•CSCdz27562
Symptoms Executing an snmpwalk command on loopback interfaces does not yield any results.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround Execute the snmpwalk command on the physical interfaces instead.
•CSCdz31778
Symptoms Slow path forwarding on an Engine 3 line card of a provider edge (PE) router that is running IP version 6 (IPv6) in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) may not function.
Conditions This symptom is observed on a Cisco 12000 series router that is functioning as a 6PE router and occurs because the 6PE disposition does not function for aggregate 6PE labels on the Engine 3 line card.
Workaround There is no workaround.
•CSCdz37224
Symptoms "Alpha" error messages may be observed on the ingress or egress interface of a Cisco 12000 series 4-port OC-12c/STM-4c Packet over SONET (POS) synchronous digital hierarchy IP services engine line card. The following messages may be displayed on the egress interface of the Cisco 12000 series 4-port OC-12c/STM-4c POS synchronous digital hierarchy IP services engine line card:
%EE48-3-ALPHAERRS: TX ALPHA: ALPHA_CPU_PIPELINE_CTRL_INT error 1 SLOT 2: %EE48-3-ALPHAPAIR: TX ALPHA: POP PAIR
Conditions This symptom is observed if the shape, bandwidth, random detect, or priority value is configured and if both the set ip-dscp-value quality of service (QoS) policy map configuration command and the set mpls experimental policy map configuration command are disabled. This symptom is observed on a Cisco 12016 router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S or Release 12.0(21)ST2a.
Workaround Remove the transmit (TX) service policy and use Per Interface Rate Control (PIRC) instead.
Additional Notes The same symptom may occur when an error recovery is performed for hardware failures such as data path parity errors. The symptom under those circumstances would be a failed recovery. There is no workaround for the occurrence of this symptom when an error recovery is performed.
•CSCdz38742
Symptoms There may not be any label bindings on a Label Switch Router (LSR), but a Label Distribution Protocol (LDP) session may not be impaired.
Conditions This symptom is observed when an LDP session flaps quickly.
Workaround After you have brought down the LDP session, remove all label bindings, and bring the session up again.
•CSCdz39560
Symptoms Multiprotocol Label Switching (MPLS) Fast Reroute (FRR) may not function properly on an Engine 2 ingress line card.
Conditions This symptom is observed on a Cisco 12000 series router when a tunnel that is protected by FRR is a one-hop tunnel to a second router. A third router that is connected to the first and second router provides the backup path. When the primary path between the first and second router goes down, traffic is not redirected over the backup path.
Workaround There is no workaround.
•CSCin20514
Symptoms A Cisco 7200 series or Cisco 7500 series router may reload because a packet is not cleaned up properly.
Conditions This symptom is observed under rare circumstances when the Cisco 7200 series or Cisco 7500 series router is configured for Multiprotocol Label Switching (MPLS) through a 1-port Gigabit Ethernet port adapter (PA-GE) or an Enhanced Gigabit Ethernet Interface Processor (GEIP+).
Workaround There is no workaround.
•CSCin21259
Symptoms The ENTITY MIB fails to recognize redundant power supplies and recognizes only one power supply. In addition, the power supply, fans, and chassis interface are displayed as non field-replaceable units (non-FRUs).
Conditions This symptom is observed on a Cisco 7507 and a Cisco 7513 router.
Workaround There is no workaround.
•CSCuk37313
Symptoms When you configure an IP version 6 (IPv6) access list to match Encapsulated Security Payload (esp) or Authentication Header Protocol (ahp) protocol literal values, the access list appears to be configured to match IPv6 only.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCuk37975
Symptoms A router may reload while applying an Access Control List (ACL) to forwarded traffic via the ipv6 traffic-filter interface configuration command.
Conditions This symptom is observed when you enter illegal syntax in the submode of the ipv6 access-list global configuration command.
Workaround Do not enter illegal syntax in the submode of the ipv6 access-list global configuration command.
•CSCuk39337
Symptoms Virtual Private Network routing/forwarding (VRF) does not function properly on a Frame Relay link between a provider edge (PE) router and a customer edge (CE) router, and the CE router cannot ping the PE router.
Conditions These symptoms are observed on a Frame Relay link between a Cisco 10000 series router that is functioning as a PE router and another Cisco 10000 series router that is functioning as a CE router.
Workaround Reload the PE router to make the link between the PE router and the CE router function.
Resolved Caveats—Cisco IOS Release 12.0(23)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(23)S. This section describes only severity 1, severity 2, and select severity 3 caveats.
These caveats are documented in the following format:
•Symptoms: A description of what is observed when the caveat occurs.
•Conditions: The conditions under which the caveat has been known to occur.
•Workaround: Solutions, if available, to counteract the caveat.
Basic System Services
•CSCdw91761
Symptoms A Cisco 7200 series router reloads because of a bus error, a watchdog timeout, or an unspecified error (that is, no reload error message is provided).
Conditions This symptom is observed on a Cisco 7200 series router that is configured with a Network Processing Engine 200 (NPE-200), a PA-A1 port adapter, and a PA-FE port adapter when a medium to high traffic load occurs and the traffic load consists of large packet sizes.
Workaround Reduce traffic.
Alternate Workaround Use another model Network Processing Engine.
•CSCdx39018
Symptoms The ifOutOctets counter may decrease over a five-minute interval, but the counter is still accurate on a long term basis.
Conditions This symptom is observed on a Cisco 7500 series router when quality of service (QoS) is configured on the egress Versatile Interface Processor (VIP)
Workaround Disable QoS.
•CSCdx47520
Symptoms Simple Network Management Protocol (SNMP) ifIndexes may change after a switchover. This situation may occur when the bulk-synchronization of SNMP ifIndexes does not function.
Conditions This symptom is observed on a Cisco 7500 series router, Cisco 10000 series router, and Cisco 12000 series router.
Workaround There is no workaround.
•CSCdx68230
Symptoms A CPU hog condition may be observed on a router, and the router may reload.
Conditions These symptoms are observed when the snmp-server community global configuration command is executed on a Cisco router that is running Cisco IOS Release 12.1 and that has several thousand logical entities configured.
Workaround There is no workaround.
•CSCdx76361
Symptoms A router that is configured with a Route Switch Processor (RSP) drops multicast packets, which situation leads to a loss of connectivity.
Conditions This symptom is observed in a bridging environment, when the router that is configured with the RSP is running the rsp-jsv-mz image of Cisco IOS Release 12.2(10.7)T1 or Release 12.2(11.2) and the subscriber trunk is configured with a multicast policy that is set to "permit."
Workaround There is no workaround.
•CSCdx94801
Symptoms When you configure a Cisco 12000 series Internet router with ATM interfaces, the secondary Route Processor (RP) reloads.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx96327
Symptoms A router may reload if the no ip routing interface configuration command is configured on a router that has NetFlow configured.
Conditions This symptom is observed on a router while traffic is flowing through the router on the interface that has NetFlow configured.
Workaround Remove NetFlow before entering the no ip routing interface configuration command, or stop traffic from going through the interface that has NetFlow configured before entering the no ip routing interface configuration command.
•CSCdy02831
Symptoms A Multilayer Switch Feature Card 2 (MSFC2) may reload when the no ip routing global configuration command is entered.
Conditions This symptom is observed on a Catalyst 6000 MSFC2 that is running Cisco IOS Release 12.1(12)E.
Workaround Do not disable IP routing on the MSFC2.
•CSCdy06086
Symptoms The snmp-server host host-addr version 2c community-string global configuration command cannot be configured if the community-string argument is already configured via the snmp-server community string global configuration command.
Conditions This symptom is observed in Cisco IOS Release 12.0 S and is related to the introduction of the SNMP Support for VPNs feature.
Workaround There is no workaround.
•CSCin15495
Symptoms The output counters that are associated with an interface may remain zero, even though traffic is passed through the interface.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCuk36939
Symptoms Cisco IOS software fails to set up the Gigabit Ethernet Interface Processor (GEIP) MIBs correctly on a Cisco 7500 series router.
Conditions This symptom is observed when the hierarchy on the GEIP is incorrect; the port adapter and interface are shown at the same level as the GEIP. The GEIP should be at the top of the hierarchy, followed by the port adapter, followed by the interface.
Workaround There is no workaround.
EXEC and Configuration Parser
•CSCdy27230
Symptoms The router isis global configuration command is not properly synchronized to a standby Route Processor (RP). This situation prevents the standby RP from loading the correct configuration.
Conditions This symptom is observed when a router is running in redundancy mode.
Workaround There is no workaround.
•CSCdy53980
Symptoms The Open Shortest Path First (OSPF) network ip-address wildcard-mask area area-id router configuration command is accepted in an active Route Processor (RP) but not properly synchronized to the standby RP. The first command that you enter is synchronized correctly to the standby RP, but commands that are subsequently entered are not properly synchronized to the standby RP.
Conditions This symptom is observed on a Cisco 12000 series router when Stateful Switchover (SSO) is enabled.
Workaround There is no workaround.
Interfaces and Bridging
•CSCdx53873
Symptoms Multiprotocol Label Switching (MPLS) packets that are greater than 1498 bytes may not be received on a router.
Conditions This symptom is observed on a Cisco 7500 router that is running Cisco IOS Release 12.2(10a) and that is using dot1q encapsulation.
Workaround There is no workaround.
•CSCdx84574
Symptoms A Versatile Interface Processor (VIP) may reload and restart after a Fast Ethernet port adapter (PA-FE) is installed.
Conditions This symptom is observed on a VIP that is installed in a Cisco 7500 series router.
Workaround There is no workaround.
•CSCdx87818
Symptoms The following error message may be displayed on a router when a Cisco IOS software upgrade is performed:
%SYS-6-STACKLOW: Stack for process ATM PA Helper running low, 0/3000
Conditions This symptom is observed on a Cisco 7500 series router when you upgrade from Cisco IOS Release 12.0(7)T to Release 12.1(14).
Workaround There is no workaround.
•CSCdx87965
Symptoms A router that is configured with a multichannel port adapter reloads because of a bus error exception.
Conditions This symptom is observed when link flaps occur or interfaces are reset on a router that is configured with PA-MC-T1, PA-MC-E1, PA-MC-E3, or PA- MCX port adapters.
Workaround There is no workaround.
•CSCdx91957
Symptoms The mtu interface configuration command changes into the ip mtu interface configuration command when the VLAN ID changes on a subinterface of a Cisco 12000 series 3-port Gigabit Ethernet line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdy03204
Symptoms An Ethernet driver on an Ethernet interface may receive and forward packets that are not destined for itself.
Conditions This symptom is observed on an Ethernet interface that has the promiscuous mode enabled in a network that has multiple Hot Standby Router Protocol (HSRP) groups. This symptom is also observed when no transparent bridging is occurring.
Workaround There is no workaround.
•CSCdy09509
Symptoms A buffer leak may be observed in the small buffers on a router.
Conditions This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.2(10a) and that is using distributed Link Fragmentation and Interleaving (dLFI).
Workaround There is no workaround.
•CSCdy38335
Symptoms A router that is configured with a 2-port Fast Ethernet 100BASE-FX port adapter (PA-2FE-TX) may reload when the packet cleanup is not performed properly in the interrupt path of the port adapter.
Conditions This symptom is observed on a Cisco 7200 series router and a Cisco 7500 series router.
Workaround There is no workaround.
•CSCdy44854
Symptoms A router may be able to send but not be able to receive traffic via a Fast Ethernet subinterface that is configured for dot1q encapsulation.
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(21)ST3.
Workaround Reload the router, or reload microcode onto the Versatile Interface Processor (VIP) by entering the microcode reload slot-number global configuration command. Both workarounds cause a traffic interruption.
•CSCdy46927
Symptoms When you reload a Cisco 7500 series Versatile Interface Processor (VIP) or a Cisco 12000 series line card that is configured with VLAN subinterfaces that are in a shutdown state, the VLAN interfaces become active again.
Conditions This symptom is observed on distributed Cisco IOS platforms, such as the Cisco 7500 series router and the Cisco 12000 series router.
Workaround After the VIP or the line card has reloaded, enter the no shutdown interface configuration command followed by the shutdown interface configuration command for the affected subinterfaces.
•CSCdy51470
Symptoms Label controlled ATM (LC-ATM) bindings may not come up after a Stateful Switchover (SSO) is performed.
Conditions This symptom is observed on a Cisco 7500 series router that is configured with an LC-ATM interface.
Workaround There is no workaround.
•CSCdy51498
Symptoms A 1-port ATM Enhanced OC12/STM4 port adapter (PA-A3-OC12) that is configured with multiple Low Latency Queueing (LLQ) streams that are running near peak cell rate (PCR) may drop packets. The output of the show interfaces command displays that packets are sent out but that no packets are coming in. Input or output packet drops are not displayed.
Conditions This symptom is observed during a test on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S.
Temporary Workaround Enter the clear interface type number EXEC command each time the symptom occurs.
•CSCin10839
Symptoms A router may reload after a channelized T3 (CT3) port adapter that is configured as part of a Multilink PPP (MLP) bundle is removed, and the MLP bundle interface is shut down.
Conditions This symptom is observed in a network in which two Cisco 7200 series routers are connected back-to-back via channelized T3 (CT3) port adapters. Channel groups are created and configured for MLP, and a bundle interface multilink is created on both of the routers in this setup.
Workaround There is no workaround.
•CSCin16706
Symptoms Open Shortest Path First (OSPF) multicast packets are not received on a 1-port Fast Ethernet 100BASE-TX port adapter (PA-FE-TX).
Conditions This symptom is observed on a PA-FE-TX port adapter on a Cisco 7500 router that is configured with OSPF. The PA-FE-TX does not receive OSPF multicast traffic because MAC multicast entries are not added to the MAC table.
Workaround There is no workaround.
IP Routing Protocols
•CSCdu43164
Symptoms A memory leak may occur on a Cisco 7200 series router. The memory leak is caused by the Border Gateway Protocol (BGP) I/O process and occurs at the rate of 100 KB to 130 KB per hour (about 2.5 MB to 3 MB per day) after the show memory summary | incl BGP privileged EXEC command is entered. This situation occurs regardless of whether a BGP neighbor is flapping.
The output of the show processes memory | incl bgp privileged EXEC command shows the following:
Router#
show processes memory | incl bgp
PID TTY Allocated Freed Holding Getbufs Retbufs Process ... 104 0 3522569548 2139398320 21965976 297916 5184 BGP I/O ...
The show memory summary | incl bgp privileged EXEC command indicates that the "BGP (1) update" function allocates memory without deallocating it again after the process is completed:
Router#
show memory summary| incl bgp
Alloc PC Size Blocks Bytes What ... 0x607C42E0 65496 333 21810168 BGP (1) update ....
Conditions This symptom is observed on a Cisco 7206VXR router that is functioning as a Provider Edge (PE) router and that is running Cisco IOS Release 12.1(5a) in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) network.
Workaround Reload the router.
•CSCdx32611
Symptoms After you detach an interface from a Virtual Private Network (VPN) routing/forwarding (VRF) instance using the no ip vrf forwarding vrf-name command, the adjacency information that is associated with the removed interface still shows up in the VRF table.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdx48854
Symptoms In a failover configuration of a designated router (DR) and a non-DR, the DR fails, does not clear its connected flag, and continues to send Protocol Independent Multicast (PIM) join messages upstream. This situation causes unnecessary traffic. Upon failback, the non-DR does not clear its connected flag and continues to sends join-packet messages upstream long after the outgoing interface list of the mroute entry becomes empty.
Conditions This symptom is observed in a failover configuration of a DR and a non-DR that have directly connected receivers.
Workaround Clear the mroute entry.
•CSCdx53795
Symptoms If a peer advertises a replacement path (with the same multi-exit discriminator [MED] as the original path), the new path is inserted in the previous position of the original path.
Conditions This symptom may be observed on a Border Gateway Protocol (BGP) router that is using deterministic MED. When this symptom occurs, the replacement path may not be grouped with paths from the same autonomous system number (ASN). This ordering may result in incorrect routing and may cause routing loops.
Workaround Disable and reenable deterministic MED on the router after the router enters the incorrect state.
•CSCdx70216
Symptoms A router may reload. Also, a Multilayer Switch Feature Card 2 (MSFC 2) may reload with a bus error in the not so stubby area (NSSA) part of the Open Shortest Path First (OSPF) code.
Conditions This symptom is observed on any Cisco router that is running a Cisco IOS software release when a link-state advertisement (LSA) with an incontiguous mask is sent to a router.
Workaround Do not send address LSAs with illegal masks, that is masks that are not contiguous, to a router.
•CSCdx74432
Symptoms Memory allocation (MALLOC) failures may be observed when Border Gateway Protocol (BGP) updates are generated, and the following error message may be displayed:
%SYS-2-MALLOCFAIL: Memory allocation of 2093048 bytes failed from 0x602BDB08, alignment 0 Pool: Processor Free: 1546596 Cause: Not enough free memory
Alternate Pool: None Free: 0 Cause: No Alternate poolConditions This symptom is observed on a Cisco router.
Workaround There is no workaround.
•CSCdx74764
Symptoms A Performance Route Processor (PRP) can cause exception when trying to reload the router.
Conditions This symptom is observed on a PRP that is running Cisco IOS Release 12.0(21)3S and that has BGP/Interior Gateway Protocol (IGP) with Multiprotocol Label Switching-traffic engineering (MPLS-TE).
Workaround There is no workaround.
•CSCdx75987
Symptoms Tracebacks may occur.
Conditions This symptom is observed when you use the offset list router configuration command in Enhanced Interior Gateway Routing Protocol (EIGRP) and when you remove a summary address from an interface that has a Virtual Private Network (VPN) routing/forwarding (VRF) instance defined.
Workaround There is no workaround.
•CSCdx79227
Symptoms A router may reload after the show ip mroute summary EXEC command is entered.
Conditions This symptom is observed on Cisco router that is running Cisco IOS Release 12.2.
Workaround There is no workaround.
•CSCdx83393
Symptoms A router may reload when the Sham-Link Support feature is configured.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdx84465
Symptoms A router that has Fast Reroute (FRR) enabled may reload.
Conditions This symptom is observed when the input interface for a label switched path goes down and the label switched path has not been fast rerouted at the previous hop (PHOP) or at a hop before the PHOP.
Workaround There is no workaround.
•CSCdx86622
Symptoms Enhanced Interior Gateway Routing Protocol (EIGRP) may log a spurious access.
Conditions This symptom is observed during a test on a Cisco 7500 series router that is running the rsp-pv-mz image of Cisco IOS Release 12.0(21.4)SY.
Workaround There is no workaround.
•CSCdx87316
Symptoms In rare circumstances, a downstream multicast router may have a group in the mroute table, yet the upstream multicast router does not show the downstream multicast router in the outgoing interface list.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround Issue the clear ip mroute group interface configuration command.
•CSCdx89413
Symptoms Subnets in the /31 range may not be accepted.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.
Workaround There is no workaround.
•CSCdy04712
Symptoms A router that is configured with the neighbor address or the neighbor ibgp peer-group name nlri unicast multicast Border Gateway Protocol (BGP) commands does not automatically translate the no auto-summary command into the multicast address family.
Conditions The symptom is observed on a Cisco router when more than one address family is used under BGP.
Workaround Manually add the no auto-summary command into the multicast address family.
•CSCdy28568
Symptoms A route reflector does not change the nexthop to itself, even when it is set to do so via a route map.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdy42103
Symptoms A watchdog timeout may cause a software-forced reload on a router.
Conditions This symptom is observed on a Cisco 7500 router that is using the Border Gateway Protocol (BGP).
Workaround There is no workaround.
•CSCdy44251
Symptoms The Forwarding Information Base (FIB) table on a Cisco 12000 series Gigabit Route Processor (GRP) may be missing entries for directly connected subnets.
Conditions This symptom is observed on a Cisco 12000 series router after you have removed a large number of routes.
Workaround Enter the clear ip route network EXEC command for the affected prefixes. The following is an example:
Router#
show ip cef 10.2.0.4 255.255.255.224
%Prefix not found
Router#
clear ip route 10.2.0.4 255.255.255.224
Router#
show ip cef 10.2.0.4 255.255.255.224
10.2.0.4/30, version 285154, epoch 0, attached, connected, cached adjacency to POS1/0 0 packets, 0 bytes via POS1/0, 0 dependencies valid cached adjacency•CSCdy51434
Symptoms A router may reload unexpectedly if MD5 authentication is used with Open Shortest Path First (OSPF). The following message may be displayed when you enter the show version EXEC command:
System returned to ROM by error - a Software forced crash, PC 0x12345678
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(22)S. The symptom occurs only when corrupted OSPF packets are present.
Workaround Remove MD5 authentication for OSPF.
ISO CLNS
•CSCdy38827
Symptoms A Cisco router may install a suboptimal Intermediate System-to- Intermediate System (IS-IS) route into its routing table. Depending on the topology, this situation may create a routing loop.
Conditions This symptom is observed on an IS-IS Level 1 - Level 2 (L1L2) router that is running Cisco IOS Release 12.0 S or Release 12.0 ST and that has prefixes configured that are allowed to be leaked into Level 1, that is, prefixes that match the access list that is specified within the redistribute isis ip level-2 into level-1 distribute-list command. When route leaking is not configured, this condition is not observed.
Workaround There is no workaround. The condition resolves itself when the affected route is cleared by entering the clear ip route network EXEC command.
Miscellaneous
•CSCdt41343
Symptoms A Cisco router may reload during the bootup process.
Conditions This symptom is observed when a syslog server and syslog source interface have been defined before the source interface has been parsed and the configuration of the router is directly written from TFTP to NVRAM memory or you upgrade from Cisco IOS Release 12.0 to Release 12.1 or Release 12.2.
Workaround Place the syslog server and syslog source interface configurations after the source interface itself. To do this, you must edit the configuration offline, copy it to NVRAM memory, and then reboot the router.
•CSCdv01994
Symptoms Memory allocation failures (MALLOCFAIL) may be observed on a router after it is reloaded.
Conditions This symptom is observed on a Cisco 7500 series router.
Workaround There is no workaround.
•CSCdv04641
Symptoms When you apply a crypto map to a tunnel interface that has the ip cef distributed global configuration command enabled, a message very similar to the following one will appear:
Router(config)#
interface Tunnel0
Router(config-if)# crypto map testtag
ERROR: The VIP interface must be configured with cef distributed switching before enabling encryption.Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdv11028
Symptoms A queue may become stuck and display messages that are similar to the following:
%GRP-3-FABRIC_UNI: Unicast send timed out %QM-4-STUCK: Port 0 Queue mask 0x1
Conditions This symptom is observed when an OC-48 Packet-over-SONET (POS) interface is flapping and when updates are received.
Workaround Perform a microcode reload of the line card.
•CSCdv23918
Symptoms Pattern loss may occur on a T1 channel that is configured under a Virtual Tributary level 1.5 (VT1.5) stream on a router line card when you use the clock source internal controller configuration command.
Conditions This symptom is observed on a Cisco 10000 series 1-port channelized OC-12 line card.
Workaround Use the clock source line controller configuration command.
•CSCdw16580
Symptoms On a router that is configured as a provider edge (PE) router with multiple Virtual Private Network (VPN) routing/forwarding (VRF) instances, the VRF routing table may not be imported to the same PE router when routes are imported between the VRFs even when the PE router is displayed on the Border Gateway Protocol (BGP) VPN4 table.
Conditions This symptom is observed on a PE router in a Multiprotocol Label Switching (MPLS) and VPN environment.
Workaround There is no workaround.
•CSCdw50585
This caveat describes two symptoms, two conditions, and two workarounds:
Symptoms A The Egress NetFlow feature can be configured on a core Multiprotocol Label Switching (MPLS) interface by using the mpls netflow egress command-line interface (CLI) command. However, the Egress NetFlow feature is designed to work only on the outbound Virtual Private Network routing/forwarding (VRF) interfaces of an MPLS network. Enabling it in any other location should be considered a misconfiguration.
Conditions A Conditions do not apply to this situation.
Workaround A Do not configure the Egress NetFlow feature on any MPLS core interface. If the feature is enabled on any MPLS core interface, enter the no mpls netflow egress command to disable the feature.
Symptoms B IP packets that are looped back are wrongly accounted for. A new flow in the opposite direction should be created for those IP packets.
Conditions B This symptom is observed on an outgoing MPLS egress flow.
Workaround B There is no workaround.
•CSCdx01917
Symptoms Serial interfaces on a Cisco 10000 series 1-port channelized OC-12 line cards remain in a Down/Down state after the router has reloaded and the interfaces are defined in the startup configuration.
Conditions This symptom is observed when the startup configuration contains a large number of serial interfaces that are defined on multiple 1-port channelized OC-12 line cards.
Workaround Delete and recreate the affected interfaces.
•CSCdx35300
Symptoms A Gigabit Ethernet input queue may become wedged.
Conditions This symptom is observed on a Cisco 7400 router.
Workaround There is no workaround.
•CSCdx38125
Symptoms Traceback messages may be displayed after the ip accounting mac-address input interface configuration command is configured on VLANs that have an input access control list (ACL) present. The counters that are based on the source and destination MAC address stop incrementing after the traceback messages are observed.
Conditions These symptoms are observed on a 3-port Gigabit Ethernet line card when VLAN traffic is coming in.
Workaround Remove the input ACL from the VLAN interface.
•CSCdx42158
Symptoms A Buffer Management ASIC (BMA) error may occur, and the following messages are displayed:
SLOT 2:00:10:20: %LC-3-BMAERRS: FrFab BMA PLIM error 100000
SLOT 2:00:10:20: %LC-3-BMAERR: FrFab BMA error: msstat 440340B2 dma0 800 dma1 0 dma2 0 qm 1FFFF8 plim 100000 fia 0 l3 0 ms 0 sdram 0Conditions This symptom is observed on a Cisco 12000 series 6-port channelized T3 line card and 2-port channelized OC-3 line card and occurs when a packet with zero length is received by the BMA.
Workaround There is no workaround.
•CSCdx45205
Symptoms Open Shortest Path First (OSPF) fails across a multilink bundle.
Conditions This symptom is observed when a Cisco 7500 series router is placed back-to-back with any other peer router in a distributed Multilink PPP (dMLP) configuration that has links in a multilink bundle. When any of the links are removed from the bundle on the side of the peer router, the OSPF connectivity is lost for few seconds on the Cisco 7500 series router side and then recovers immediately.
Workaround There is no workaround.
•CSCdx47884
Symptoms When SONET level alarms occur, such as Loss of Signal (LOS), the SONET line active alarms field and the alarm indication signal (AIS) monitoring counter may indicate that no alarms are present when you are viewing the output from the show controllers sonet slot port line-number privileged EXEC command.
Conditions This symptom is observed when the line summary in the output of the show controllers sonet slot port line-number privileged EXEC command for a SONET controller on a Cisco 10000 series line card neither properly displays nor counts the AIS when a line alarm condition is present.
Workaround Use the section and path information in the output of the show controllers sonet slot port line-number privileged EXEC command to interpret whether a line alarm condition is present or not.
•CSCdx47936
Symptoms If you configure modular quality of service (QoS) using the command-line interface (CLI) on a 4-port OC-48 Dynamic Packet Transport (DPT) line card, a Cisco 12000 series Internet router fails.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)ST1.
Workaround Configure QoS using the traditional method.
•CSCdx59056
Symptoms Label Distribution Protocol (LDP) and Border Gateway Protocol (BGP) with IPv4+labels could be applied to the same Virtual Private Network (VPN) routing/forwarding instance (VRF) on the same router, which is restricted in the current code. Hence, the feature cannot work properly.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)3S1.
Workaround There is no workaround.
•CSCdx61632
Symptoms If there is a sequence mismatch between peer routers that have an interconnected multilink interface, the recovery sequence for the router that is out of synchronization may take an extended period of time and may affect the traffic that is on the router.
Conditions This symptom is observed on a Cisco 7500 series router that is running Multilink PPP (MLP).
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected multilink interface.
•CSCdx62768
Symptoms Traffic fails after a Performance Routing Engine (PRE) cutover on the provider edge (PE) router.
Conditions This symptom is observed on a Cisco 10000 series edge services router.
Workaround There is no workaround.
•CSCdx65248
Symptoms Cisco Express Forwarding (CEF) may be disabled on an ATM OC-3 line card after a memory leak occurs.
Conditions This symptom is observed on an ATM OC-3 line card.
Workaround There is no workaround.
•CSCdx66281
Symptoms A Cisco router that is running Cisco Express Forwarding (CEF) for IP version 6 (IPv6) may reload when you enter the show ipv6 cef internal EXEC command.
Conditions This symptom is observed when the IPv6 CEF forwarding table is changed while you enter the show ipv6 cef internal EXEC command.
Workaround There is no workaround.
•CSCdx67602
Symptoms An indefinite output pause may occur on a serial interface that is a member of a multilink group, and the following logs may be seen:
%RSP-3-RESTART: interface Serial3/0/0, not transmitting Serial3/0/0: microcode reload
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.2(10) with a PA-4T-V35 port adapter inserted in the Versatile Interface Processor (VIP)2-50 or in the VIP2-40 and where one physical interface is a member of a multilink group and another interface is configured for High-Level Data Link Control (HDLC), and where Cisco Express Forwarding (CEF) is enabled globally and disabled on the multilink interface (bundle master), and, lastly, where distributed weighted fair queuing (WFQ) is enabled on the interface configured for HDLC.
Workaround There is no workaround.
•CSCdx71843
Symptoms A loopback fails on an Engine 2 line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S2.
Workaround There is no workaround.
•CSCdx72807
Symptoms You may not be able to attach a service policy to an unspecified bit rate (UBR) ATM permanent virtual circuit (PVC). You can attach policies to variable bit rate (VBR) and available bit rate (ABR) PVCs if the bandwidth specified in the policy is lower than peak cell rate (PCR).
Conditions This symptom is observed on a Cisco 7500 series router.
Workaround There is no workaround.
•CSCdx73104
Symptoms An Engine 4 plus line card may perform Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) label disposition incorrectly and punt all packets that have sizes that are close to the maximum transmission unit (MTU) of the egress VPN interface to the line card CPU.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21.3)S2.
Workaround Increase the MTU of the egress interface.
•CSCdx73666
Symptoms Some channelized devices may be left down. Via Cisco Discovery Protocol (CDP) you can see that these devices are connected to different E1 controllers and time slots than those that were initially configured.
Conditions This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(21)ST when the redundancy force-failover main-cpu command is used.
Workaround A temporary workaround is to reconfigure the correct controller details.
•CSCdx73672
Symptoms Traffic may be dropped on a Cisco 12000 series router that is configured with an Engine 2 (E2) line card.
Conditions This symptom is observed when the following conditions are present:
–Traffic enters the router through the E2 line card.
–The E2 line card performs hardware-accelerated multicast switching because the hw-module slot number ip multicast hw-accelerate global configuration command is enabled.
–An output access control list (ACL) is configured on the egress interface.
Workaround Remove the hardware-accelerated multicast configuration, and reload the line card.
•CSCdx73857
Symptoms A router may fail to warn you that a policy map oversubscribes link bandwidth.
Conditions This symptom is observed when you use nested policies on Frame Relay or Gigabit Ethernet interfaces and the sum of the shape rate of all permanent virtual circuits (PVCs) or VLANs is greater than the interface bandwidth of the Frame Relay or Gigabit Ethernet interfaces.
Workaround Enter the show policy-map interface EXEC command to ensure that the policy map is successfully applied.
•CSCdx73916
Symptoms The Multiprotocol Label Switching (MPLS) forwarding table does not display a label for an aggregate route.
Conditions This symptom is observed on a Cisco 10720 Internet router and affects only the aggregate routes that are explicitly configured under the Border Gateway Protocol (BGP) configuration using the aggregate- address address mask summary- only command.
Workaround There is no workaround.
•CSCdx74709
Symptoms The Ring Access Controller (RAC) watchdog timer expires and forces the RAC to enter the pass-through mode.
Conditions This symptom typically occurs when CPU utilization remains at 100 percent for more than 90 seconds.
Workaround There is no workaround.
•CSCdx74864
Symptoms A bus error may occur on a router and the router returns to the ROM monitor (ROMmon) prompt.
Conditions This symptom is observed on a Cisco 10000 series edge services router when running an ATM test, atm_mult_card_mult_port_vbr_aggr_segm_and_reas_change_pcr. This error seems to happen on the unconfiguration part of the test.
Workaround There is no workaround.
•CSCdx76028
Symptoms Spurious accesses and alignment errors may occur on a Versatile Interface Processor (VIP), which may cause routes or interfaces to go down.
Conditions These symptoms are observed on a Cisco 7500 series router that has Multiprotocol Label Switching (MPLS) NetFlow enabled on the egress side through the mpls netflow egress interface configuration command.
Workaround Configure the ip cef global configuration command or the no ip route-cache distributed interface configuration command.
•CSCdx76085
Symptoms A few out of 1000 interfaces are not up after a Trivial File Transfer Protocol (TFTP) loading configuration has occurred.
Conditions This symptom is observed on a Cisco 10000 series edge services router.
Workaround There is no workaround.
•CSCdx76645
Symptoms A backup Clock Switch Card 0 (CSC 0) may enter the "going on" state.
Conditions This symptom is observed when an online insertion and removal (OIR) is performed on a Cisco 12406 router with the primary clock on CSC 1 (slot 17).
Workaround There is no workaround.
•CSCdx76907
Symptoms A Versatile Interface Processor (VIP4-80) may reload with a bus error when distributed Multilink PPP (dMLP) is configured.
Conditions This symptom occurs when traffic is passed through the dMLP bundle and occurs just after the interface comes up. This symptom is specific to the dMLP feature and will occur only if dMLP is configured on a platform. The dMLP feature is independent of other features and does not affect other features.
Workaround There is no workaround.
•CSCdx79262
Symptoms Line cards may reload while trying to send traffic in a basic Virtual Private Network (VPN) setup.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.
Workaround There is no workaround.
•CSCdx79282
Symptoms NetFlow statistics may not be recorded for some packet flows.
Conditions This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(20)ST3. If there are many active flows and they stop all at once, the NetFlow statistics for many of the flows may not be recorded.
Workaround There is no workaround.
•CSCdx79327
Symptoms Under rare situations Parallel Express Forwarding (PXF) may reload with the following message:
%PXF-2-FAULT: T0 Local Bus Exception: CPU[t0r1c1] TBACB
Conditions This symptom is observed on a Cisco 10000 series edge services router. The symptom persists while forwarding to a particular IP address. The address cannot readily be predetermined.
In Cisco IOS Release 12.0(20)ST, Release 12.0(21)ST, and Release 12.0(21)SX on Performance Routing Engine (PRE)-1, no reload occurs, but traffic for the affected IP address is not forwarded.
Workaround There is no workaround.
•CSCdx80546
Symptoms A standby Route Processor (RP) may reload when a primary configuration is changed.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx80891
Symptoms If policing is enabled using the modular quality of service QoS command-line interface CLI (MQC), it may not work with Class-Based Weighted Fair Queueing (CBWFQ) on a Frame Relay subinterface, although it may work properly with Low Latency Queueing (LLQ).
Conditions This symptom is observed on a Cisco 7500 series router when packets are Cisco Express Forwarding (CEF) switched instead of distributed Cisco Express Forwarding (dCEF) switched. Also, if output policing is enabled on the router, output policing and output queueing may not work.
Workaround Disable output policing, or make sure that packets are dCEF switched instead of non-dCEF switched.
•CSCdx80911
Symptoms An Ethernet over Multiprotocol Label Switching Ether Frame with a destination MAC address that starts from 0x4 may high drop on the egress provider edge (PE) router.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx80940
Symptoms The Tag Forwarding Information Base (TFIB) is not enabled on a router.
Conditions This symptom is observed on a Cisco 12000 series router if the tag-switching ip interface configuration command is not configured on any interface on a Carrier Supporting Carrier customer edge (CSC- CE) router or if the tag tdp discovery direct-hello accept global configuration command is not configured on a CSC-CE, and if there is only IP version 4 (IPv4) Border Gateway Protocol (BGP) label distribution between the Carrier Supporting Carrier provider edge (CSC-PE) router and the CSC-CE router.
Workaround Configure the tag-switching ip interface configuration command on an interface on the router.
•CSCdx81556
Symptoms Virtual Private Network (VPN) routing/forwarding (VRF) VLAN packet switch ASIC (PSA) registry memory does not reinitialize when another PSA loads and then unloads because higher-priority PSA features are being configured and then unconfigured. This situation prevents VRF VLAN forwarding to function.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx81839
Symptoms Routes from a remote customer edge (CE) router may not appear on another CE router. Or, routes from a remote CE router may appear on another CE router, but the addresses from the remote CE router cannot be pinged. Virtual Private Network (VPN) routes between the CEs may be lost.
Conditions These symptoms are observed when the MPLS VPN Inter-AS—IPv4 BGP Label Distribution feature is enabled on two Multiprotocol Label Switching (MPLS) VPN autonomous systems that are separated by a non-MPLS VPN autonomous system, and when the interfaces on the autonomous system border routers (ASBRs) between the MPLS VPN autonomous systems and the non-MPLS VPN autonomous system are interfaces of 3-port Gigabit Ethernet line cards. The ASBR routers are Cisco 12406 routers that are running the gsr-p-mz image of Cisco IOS Release 12.0(22.1)S1.
In the above-mentioned topology, if you enter the clear ip route * EXEC command on any of the ASBRs or CE routers, VPN routes between the CEs may be lost.
Workaround Do not enter the clear ip route * EXEC command on any of the ASBRs or CE routers.
If you need to enter the clear ip route * EXEC command, reload the ASBR router on each side of the Gigabit Ethernet link (that is, the ASBR at the side of the MPLS VPN autonomous system and the ASBR at the side of the non-MPLS VPN autonomous system).
Note Reloading a router may have a severe impact upon a network and its users, depending upon the topology and the time of day.
•CSCdx82050
Symptoms The Virtual Private Network (VPN) routing/forwarding (VRF) selection driver may not initialize the VRF selection registers when the VRF selection bundle is loaded.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround Reload microcode onto the line card.
•CSCdx82381
Symptoms Traceback may occur under certain instances when Border Gateway Protocol (BGP) invokes the Tag Forwarding Information Base (TFIB) module of a provider edge (PE) router that is running IPv6 in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) to add a router when nexthop is not set.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx82969
Symptoms Adding multicast group entries via the ip igmp join-group group-address interface configuration command to a Cisco 10000 series Gigabit Ethernet Half-Height line card causes the line card to reset and eventually the router to reload.
Conditions This symptom is observed when about 50 multicast group entries are added via the ip igmp join-group group-address interface configuration command.
Workaround Add fewer multicast group entries, and add them gradually.
•CSCdx83597
Symptoms Label Distribution Protocol (LDP) may not come up. The show mpls ldp discovery command displays the following output message:
TDP running; needs TDP identifier ..
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(21.4)S only if the router is capable of using Stateful Switchover (SSO) after a switchover.
Workaround Reload the active Route Processor (RP).
•CSCdx83707
Symptoms Parallel Express Forwarding (PXF) may reload and restart.
Conditions This symptom is observed on a Cisco 10000 series edge services router when deleting an attached policy map.
Workaround Remove the policy from all interfaces before deleting the policy from the configuration.
•CSCdx84445
Symptoms A line card may be stuck in the off-for-download state.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S2. This symptom may be indicated in the output of the show cef linecard EXEC command.
Workaround There is no workaround.
•CSCdx84984
Symptoms On a router that is configured with two Route Processors (RPs) and that has the Route Processor Redundancy Plus (RPR+) feature enabled, if the standby RP is reloaded before it is fully initialized, the global configuration on the active RP gets locked.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21.4)S. The symptom occurs only if the standby RP is reloaded by an operator command while a bulk synchronization is performed on the running configuration.
Workaround There is no workaround.
•CSCdx86498
Symptoms A ping fails over a Multiprotocol Label Switching Traffic Engineering (MPLS-TE) tunnel.
Conditions This symptom is observed on a Cisco 12000 series Internet router when the uplink interface is a Gigabit Ethernet line card.
Workaround There is no workaround.
•CSCdx86570
Symptoms Spurious accesses occur on a per-packet basis on a Versatile Interface Processor (VIP). In addition, interfaces and routing protocols on the affected VIP and other interfaces on the router may flap.
Conditions This symptom is observed on a Cisco 7500 series router when Multiprotocol Label Switching (MPLS) is enabled on one of the VIP interfaces.
Workaround There is no workaround.
•CSCdx86907
This caveat describes two symptoms, two conditions, and two workarounds:
Symptoms A An access control list (ACL) does not operate correctly to match Layer 4 Operation (L4Op) entries. The ACL clears the logical operator unit (LOU) while it is still being used by other interfaces.
Conditions A This symptom is observed when an ACL is removed from one interface after the ACL is applied to multiple interfaces.
Workaround A Remove the ACL from all interfaces to which the ACL has been applied and reapply the ACL to the interfaces as needed.
Symptoms B A ternary content addressable memory (TCAM) LOU capacity error may occur even though the number of used LOUs in the existing ACLs is less than the set limit.
Conditions B This symptom is observed when two different ACLs are applied to two different interfaces (ACL A on interface A and ACL B on interface B). When ACL A is applied to interface B, the LOU from ACL B is not cleared. This behavior causes LOUs to be wasted in TCAM.
Workaround B First remove ACL B from the interface, and then reapply ACL A to that interface.
•CSCdx87271
Symptoms A standby Route Processor (RP) may reload after a Route Processor Redundancy Plus (RPR+) switchover.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.
Workaround There is no workaround.
•CSCdx87293
Symptoms When Field Diagnostics are executed on a line card, Framer Loopback tests may fail if fiber is connected to the line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.
Workaround Do not run Field Diagnostics on line cards that have fiber connected to them.
•CSCdx87951
Symptoms When you configure a Packet-over-SONET interface, a call control block (CCB) playback error occurs, and a standby Route Processor (RP) reloads. The following error messages are generated:
%HA-3-SYNC_ERROR: CCB Playback error.
%HA-5-SYNC_RETRY: Reloading standby and retrying sync operation (retry 1).Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0 S after a Stateful Switchover (SSO) has occurred.
Workaround There is no workaround.
•CSCdx87998
Symptoms Fast Reroute (FRR) does not fully deconfigure.
Conditions This symptom is observed when the mpls traffic-eng signaling forwarding sync command is enabled.
Workaround Do not use FRR when the mpls traffic-eng signaling forwarding sync command is enabled.
•CSCdx88897
Symptoms Label distribution protocol (LDP) cannot create a Tag Information Base (TIB) entry for 0.0.0.0, which prevents LDP from performing label switching on a packet that is routed using the default route.
Conditions This symptom is observed in Cisco IOS Release 12.0(21.4)S, Release 12.0(21.4)SY, Release 12.2(11.3), Release 12.2(11.3)S, and Release 12.2(11.3)T.
Workaround There is no workaround.
•CSCdx90522
Symptoms Multicast packets are not reaching the IP/Open Shortest Path First (OSPF) layer in a router.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx90908
Symptoms The value of the ciscoEnvMonTemperatureThreshold variable is incorrectly reported as 7 degrees or 65,535 degrees. This condition causes the Device Fault Manager (DFM) to send high-temperature alarms for sensors that indicate that the value of the ciscoEnvMonTemperatureThreshold variable is equal to 7 degrees.
Conditions These symptoms are observed on a Cisco 12016 router.
Workaround There is no workaround.
•CSCdx91397
Symptoms The Multilink PPP (MLPPP) sequence number may not be updating correctly, and traffic is sent to the Route Processor (RP).
Conditions This symptom is observed after a Performance Routing Engine (PRE) switchover on a Cisco 10000 series router that is running Cisco IOS Release 12.0(21.4)S and that is connected to a Cisco 7500 series router via a channelized T3 interface.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the multilink interfaces after the cutover.
•CSCdx91482
Symptoms A master Route Switch Processor 8 (RSP8) may reload after an online insertion and removal (OIR) of a line card.
Conditions This symptom is observed on a Cisco 7500 series router that is configured with dual RSP8s.
Avoiding an OIR following the bootup of the slave RSP8 reduces the chance that the master RSP8 will reload. The symptoms have not been observed on other RSPs (that is, other than the RSP8s).
Workaround There is no workaround.
•CSCdx92027
Symptoms A Route Switch Processor 8 (RSP8) pauses indefinitely.
Conditions This symptom is observed when you enter the ip cef global configuration command on a Cisco 7500 series router that is running Cisco IOS 12.1(12c)E.
Workaround There is no workaround.
•CSCdx92475
Symptoms A Cisco IOS Versatile Interface Processor Software (SVIP) for a Cisco 7500 series router may fail to compile because of new function calls that are not included in its crypto-related subsystem.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx92768
Symptoms When a permanent virtual connection (PVC) that is configured on a Cisco 12000 series Engine 2 8-port OC-3 ATM line card is changed from a virtual circuit (VC) bundle to regular VC mode, the PVC stops forwarding traffic. In addition, the MacString appears to be broken and an error message indicates that there are spurious memory accesses.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx93548
Symptoms You may not be able to change the mode of a 24-port channelized E1/T1 line card from E1 to T1, from T1 to E1, or—as a test—from its present mode to its present mode.
In the examples below, line card 2/0 is already configured in the T1 mode:
Router(config)#
card 2/0 24che1t1-1 mode e1
Card provisioning conflict
Router(config)#
card 2/0 24che1t1-1 mode t1
Card provisioning conflictConditions This symptom is observed on a Cisco 10000 series router that is running the c10k-p10-mz image of Cisco IOS Release 12.0 S.
Workaround There is no workaround.
•CSCdx93629
Symptoms The following error messages may be displayed on a router:
SLOT 8:00:27:52: %EE48-5-TM_PROC: TCAM Delete Table not free(40), Alpha:RX Lbl:4099 Appl:2 fail: 40
-Traceback= 403503E0 403504FC 40356E34 4035779C 403579B0 400B3DFC400B3DE8
SLOT 8:00:28:00: %EE48-5-TM_PROC: TCAM Delete Invalid Parameters(35), Alpha:RX Lbl:4099 Appl:2 fail: 35
-Traceback= 403503E0 403504FC 40356E34 4035779C 403579B0 400B3DFC400B3DE8The access control list (ACL) stops functioning properly after this symptom occurs.
Conditions This symptom is observed if the same ACL is applied to multiple interfaces on an IP Service Engine (ISE) that is installed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx94144
Symptoms A Versatile Interface Processor (VIP) reloads after a Stateful Switchover (SSO) has occurred.
Conditions This symptom is observed on a Cisco 7500 series router.
Workaround There is no workaround.
•CSCdx94390
Symptoms The following error message appears on a Cisco 12000 series Internet router when you enable a turbo access control list (Turbo ACL):
%SYS-2-MALLOCFAIL: Memory allocation of 10980020 bytes failed from 0x400BE22C, alignment 32
Pool: Processor Free: 25912464 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "TurboACL", ipl= 0, pid= 41
-Traceback= 400BB150 400BD4E4 400BE234 40BCDBE4 40BCDA70 40BCDAB8 40BCDAB8 40BCD97C 40BCFD00 40BD1650 400B3DFC 400B3DE8Conditions This symptom is observed on a a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S2 and that is configured with an 8-port Fast Ethernet 100-Base-TX interface with 128 MB of route memory.
Workaround Turn off compiled access lists using the no access-list compiled global configuration command.
•CSCdx94409
Symptoms Fast Reroute (FRR) tunnels that are created bidirectionally for each of two parallel links (that is, a total of four backup tunnels) fail to remain up when one or both of the links go down.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx94588
Symptoms A CyBus 10 error and a QAERROR occur after a Stateful Switchover (SSO) has occurred.
Conditions This symptom is observed on a Cisco 7500 series router when the standby Route Switch Processor (RSP) is being reloaded.
Workaround There is no workaround.
•CSCdx94633
Symptoms A router may reload under a heavy packet load.
Conditions This symptom is observed when large IP version 6 (IPv6) packets (of 18,008 bytes) are sent to an IPv6 nonbroadcast multiaccess (NBMA) tunnel source address.
The symptoms are caused by the use of a packet flag after the packet has been returned to the system. This is incorrect, but only causes a router with a heavy packet load to reload.
Workaround Set the maximum transmission units (MTUs) correctly, both on the IPv6 tunnel interface and on the IP version 4 (IPv4) interfaces, to ensure that fragmentation of IPv6 packets occurs only at the IPv6 layer and not at the IPv4 layer.
•CSCdx94730
Symptoms An IronBus error occurs on a Cisco 10000 series 1-port channelized OC-12 line card. The console log shows the following information:
%C10KEVENTMGR-1-IRONBUS_FAULT: Ironbus Event 2/1, Restarting Ironbus %IPCGRP-3-SYSCALL: System call for command 203 (slot2/0): ipc_send_rpc_blocked failed (Cause: timeout)
-Traceback= 603C4208 603C4698 603C53E8 6013BFC0 60089C64 600248D4 60024C4C 6035270C 603526F8%IPCOIR-3-TIMEOUT: Timeout waiting for a response from slot 2/0. %IPCOIR-2-CARD_UP_DOWN: Card in slot 2/0 is down. Notifying 1choc12-1 driver. %C10K_ALARM-6-INFO: ASSERT CRITICAL slot 2 Card Stopped Responding OIR Alarm %IPCOIR-5-CARD_DETECTED: Card type 1choc12-1 (0x1BB) in slot 2/0 %IPCOIR-5-CARD_LOADING: Loading card in slot 2/0
%C10K-5-LC_NOTICE: Slot[2/0] 1choc12-1 Image Downloaded...Booting...
%PXF_DMA-3-IRONBUS_NOTRUNNING: Data path to slot 2/1 failed to synchronize (TIB Not Running)Conditions This symptom is observed on a Cisco 10000 series edge services router when you copy a configuration for creating 768 DS0 interfaces under a Virtual Tributary (VT) on the 1-port channelized OC-12 line card onto the running configuration.
Workaround Limit the number of DS0 interfaces to 575 or fewer.
•CSCdx96063
Symptoms Missing Tag Forwarding Information Base (TFIB) entries may be observed after the clear ip route * privileged EXEC command is entered.
Conditions This symptom is observed in a cell-based Multiprotocol Label Switching (MPLS) network while the multiple virtual circuit (VC) feature is enabled.
Workaround Use the clear ip route prefix privileged EXEC command instead of the clear ip route * privileged EXEC command.
•CSCdx96315
Symptoms A line card reloads when you remove a static route from a Cisco 12000 series Internet router.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdx96410
Symptoms Traffic that is travelling into the core from a autonomous system border router (ASBR) is dropped from an inter-autonomous system setup because some packets that are travelling out of the ASBR are corrupted in the hardware of a Cisco 12000 series Engine 2 line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdy01077
Symptoms The following error messages may be displayed on the console port of a Cisco Catalyst 6000 switch:
%TFIB-7-SCANSABORTED: TFIB scan not completing. MAC string updated. %TFIB-DFC8-7-SCANSABORTED: TFIB scan not completing. MAC string updated. *
The messages may continue to be displayed until the Cisco Catalyst 6000 switch is reloaded. The error messages are informational and indicate that an excessive amount of network or line transitions may cause an excessive number of Forwarding Information Base (FIB) scans. Processes that are attempting to converge on the network may cause the Route Processor (RP) and the Switch Processor (SP) CPU utilization to occasionally reach 100 percent.
Conditions This symptom is observed on a Cisco Catalyst 6000 switch that is running Cisco IOS Release 12.2.
Workaround There is no workaround.
•CSCdy01678
Symptoms Traffic is forwarded to the correct egress interface, but no labels are imposed on the traffic.
Conditions This symptom is observed in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) inter-autonomous system when an Engine 4 plus line card receives traffic on a VPN routing/forwarding (VRF) interface on an autonomous system border router (ASBR).
Workaround There is no workaround.
•CSCdy02248
Symptoms A standby Route Processor (RP) may reload.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(22.1)S when a microcode reload occurs after Border Gateway Protocol (BGP) peers come up accompanied by high CPU utilization.
Workaround There is no workaround.
•CSCdy02479
Symptoms Some Hot Standby Router Protocol (HSRP) hello packets may drop. The output of the debug standby command and the debug ip packet detail command shows if packets drop.
Conditions This symptom is observed on a Cisco 12000 series router that is configured with an 8-port Fast Ethernet line card when HSRP is enabled.
Workaround Enter the debug line card no-throttle EXEC command from the line card console, and verify that the HSRP packets no longer drop.
•CSCdy03533
Symptoms A Cisco 10720 router cannot forward full line-rate OC-48 Spatial Reuse Protocol (SRP) transit traffic on an inner ring, an outer ring, or on both rings if the SRP frame size (including the cyclic redundancy check [CRC]) is between 52 and 102 bytes. The transit performance can be as low as 1.6 Gbps in one direction. Any frame size that is larger than 102 bytes can be forwarded at full line rate.
Conditions This symptom is observed on high-rate small-transit SRP frames on a Cisco 10720 router that is running Cisco IOS Release 12.0(19)SP, Release 12.0(20)SP, or Release 12.0(21)SP.
Workaround There is no workaround.
•CSCdy04039
Symptoms A 3-port Gigabit Ethernet card may reload following the configuration of Border Gateway Protocol (BGP) Policy Accounting on either the main interface or a subinterface.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21.4)S2.
Workaround There is no workaround.
•CSCdy04062
Symptoms A tunnel that is configured for IP version 6 (IPv6) does not pass traffic.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S.
Workaround There is no workaround.
•CSCdy04143
Symptoms The rate-limit output bps interface configuration command is not supported if the bps argument has a value of 80,000 or higher.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy04218
Symptoms You cannot set a maximum transmission unit (MTU) size other than the default size.
Conditions This symptom is observed on a Packet-over-SONET interface that is configured on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy04271
Symptoms When Route Processor Redundancy Plus (RPR+) is enabled and you perform a microcode reload on an active Route Processor (RP) but the router is not configured with a standby RP, the configuration mode pauses indefinitely.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.01)S.
Workaround There is no workaround.
•CSCdy05218
Symptoms On all components of a standby Route Processor (RP), dir, show, copy, and write commands may fail.
Conditions This symptom is observed on a Cisco 12000 series router when the active RP is running a release earlier than Cisco IOS Release 12.0(21.1)S1 and the standby RP is running Cisco IOS Release 12.0(21.1)S1 or a later release.
Workaround There is no workaround.
•CSCdy09292
Symptoms Physical inverse multiplexing over ATM (IMA) ports are not indexed in the IF-MIB.
Conditions This symptom is observed on a Cisco router that has IMA interfaces. This symptom is resolved in Cisco IOS Release 12.2(3)T but may occur in Cisco IOS Release 12.2(8)T and Release 12.2(10.3)T2.
The following example of the IF-MIB shows ATM1/IMA0 (index 43), but the interface is not indexed:
ifDescr.40 = ATM1/7-aal5 layer
ifDescr.41 = ATM1/7.0-aal5 layer
ifDescr.42 = Null0
ifDescr.43 = ATM1/ima0 <----
ifDescr.44 = ATM1/ima0-atm layer
ifDescr.45 = ATM1/ima0.0-atm subif
ifDescr.46 = ATM1/ima0-aal5 layer
ifDescr.47 = ATM1/ima0.0-aal5 layer
ifDescr.48 = ATM1/ima0.40-atm subif
ifDescr.49 = ATM1/ima0.40-aal5 layerWorkaround There is no workaround.
•CSCdy09632
Symptoms An access control list (ACL) may fail when there are more than 128 ACLs configured.
Conditions This symptom is observed on any Engine 2 line card that is installed in a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S.
Workaround There is no workaround.
•CSCdy09979
Symptoms A Route Processor (RP) may reload when traffic engineering (TE) tunnels are configured.
Conditions This symptom is observed on an RP that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.1)S. The reload typically occurs after one or more tunnels are removed by entering the no interface interface-type interface-number global configuration command.
Workaround Do not remove the tunnel interfaces.
•CSCdy10293
Symptoms A Versatile Interface Processor (VIP) on a Cisco 7500 series router may run out of memory and generate the following memory allocation (MALLOC) failure messages:
%SYS-2-MALLOCFAIL: Memory allocation of 65556 bytes failed from 0x6010EB8C, alignment 32 Pool: Processor Free: 173756 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "CEF IPC Background", ipl= 0, pid= 31The show process memory section in the output of the show tech EXEC command indicates that the Multiprotocol Label Switching (MPLS) Cisco Express Forwarding (CEF) interprocess communication (IPC) background process is holding up a large portion of the memory.
Conditions This symptom is observed on the VIP of a Cisco 7500 series router.
Workaround There is no workaround.
•CSCdy11148
Symptoms An active Route Processor (RP) is not able to access any of components of the standby RP, and the router cannot enable the Stateful Switchover (SSO) feature.
Conditions These symptoms are observed when the active RP is running Cisco IOS Release 12.0(22)S on a Cisco 7500 series, Cisco 10000 series, or Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy12694
Symptoms The line protocol of several channels that are configured on several 24-port channelized E1/T1 line cards does not come up.
Conditions This symptom is observed during scaling tests and occurs at a pseudorandom pattern when seven 24-port channelized E1/T1 line cards are installed in a Cisco 10000 series router and 168 ports are configured as 24 time-slot channels with PPP encapsulation. In this configuration, the line protocol of 8 out of 168 channels does not come up.
Workaround To recover from the situation, enter the hw-module slot reload EXEC command.
•CSCdy13460
Symptoms Multiprotocol Label Switching (MPLS) packets that come in on a dense OC-48 Spatial Reuse Protocol (SRP) ring are not correctly handled and switched to the next hop. IP traffic works fine.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdy13504
Symptoms Basic Frame Relay connectivity does not function on a Cisco 7200 series router.
Conditions This symptom is observed on a Cisco 7200 series router that is running the c7200-p-mz image of Cisco IOS Release 12.0(22)S or Release 12.0(22.1)S1.
Workaround There is no workaround.
•CSCdy14361
Symptoms When a Cisco 10720 router is forwarding Multiprotocol Label Switching (MPLS) packets at a very high rate, the Parallel Express Forwarding (PXF) data plane may reload.
Conditions This symptom is observed when the Cisco 10720 router is forwarding MPLS traffic near the system limitation of 2 million packets per second and a routing change occurs that causes traffic to be forwarded to the Packet-over-SONET (POS)/Spatial Reuse Protocol (SRP) uplink interface instead of to an interface on the Fast Ethernet (FE) or Gigabit Ethernet (GE) line card, or the other way around, that is, to the interface on the FE or GE line card instead of to the POS/SRP uplink interface.
Workaround There is no workaround.
•CSCdy15610
Symptoms IP traffic that leaves a Virtual Private Network routing/forwarding (VRF) interface that has dot1q encapsulation enabled may not have Address Resolution Protocol (ARP) entries and may fail.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(22.01)S1.
Workaround There is no workaround.
•CSCdy15917
Symptoms Policy-based routing commands on subinterfaces of an IP Service Engine (ISE) line card may not take effect properly.
Conditions This symptom is observed on a Cisco 12000 series router when multiple Frame Relay subinterfaces are configured on an ISE line card.
Workaround There is no workaround.
•CSCdy17735
Symptoms A single headend rewrite that is used by all prefixes that are routed over a tunnel is not updated properly when the label switched path tunnel state changes and there are no prefixes being routed over the tunnel.
In addition, the output of the show mpls traffic-eng fast-reroute database command inaccurately represents the entries that are contained within the Fast Reroute (FRR) database. Prefix information is not applicable to the headend tunnel rewrite and should be displayed separately.
The output of the show mpls traffic-eng fast-reroute database command does not display any tunnel data, but, as long as the headend tunnel is up, there should always be one entry for the headend tunnel.
Conditions These symptoms are observed when FRR protection is enabled on a tunnel, when there are no prefixes being routed over this tunnel, and when Label Distribution Protocol (LDP) is not enabled.
Workaround There is no workaround.
•CSCdy18236
Symptoms A Cisco 12000 series Engine 4 plus line card reloads during the bootup process.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdy18641
Symptoms A router may reload unexpectedly when a Layer 2 Tunneling Protocol (L2TP) connection is established.
Conditions This symptom is observed on a Cisco 7401ASR router that is used as a Layer 2 Tunneling Protocol (L2TP) network server (LNS).
Workaround There is no workaround.
•CSCdy19913
Symptoms A virtual circuit (VC) bundle fails on an Virtual Private Network routing/forwarding (VRF) interface of an Engine 2 8-port OC-3 STM-1 ATM line card.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.
•CSCdy20257
Symptoms When customer edge (CE) routers are connected over a Layer 2 Tunneling Protocol version 3 (L2TPv3) tunnel, pings may not go through.
Conditions This symptom is observed when the CE routers are connected to provider edge (PE) routers via Gigabit Ethernet links that have 802.1 encapsulation enabled. If the links are changed to Fast Ethernet, the symptom does not occur.
Workaround There is no workaround.
•CSCdy20461
Symptoms After a standby Route Processor (RP) has fully initialized and you perform a microcode reload followed by a Route Processor Redundancy Plus (RPR+) switchover, both the active RP and the standby RP pause indefinitely when the line cards are coming back up.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S1 in a configuration with 2000 ATM subinterfaces and 200 Border Gateway Protocol (BGP) peers that are advertising 180,000 BGP routes.
Workaround There is no workaround. To recover from the situation, send a break.
•CSCdy21549
Symptoms When PPP encapsulation is enabled on Section Data Communications Channel (SDCC) interfaces on an OC-48 line card, connectivity is lost.
Conditions This symptom is observed on a Cisco 10000 series router.
Workaround Use only High-Level Data Link Control (HDLC) encapsulation.
•CSCdy22453
Symptoms When Multiprotocol Label Switching traffic engineering (MPLS TE) reoptimizes to a PPP link that just came up, traffic may be dropped for up to 1 minute.
Conditions This symptom is observed when Label Distribution Protocol (LDP) is enabled.
Workaround Use High-Level Data Link Control (HDLC).
Alternate Workaround Disable LDP.
•CSCdy22521
Symptoms An Engine 4 (E4) Packet-over-SONET (POS) line card that is functioning as an ingress IP version 6 (IPv6) interface for traffic that is routed over IPv6 tunnels may reload.
Conditions This symptom is observed on a Cisco 12000 series router when traffic is flowing through the E4 POS line card.
Workaround There is no workaround.
•CSCdy22744
Symptoms The fix for CSCdx47695 that was integrated into Cisco IOS Release 12.0(21)S3 introduced a throttling mechanism that may be used when the physical layer interface module (PLIM) is congested. The throttling mechanism prevents interfaces or a bundle, or both, from flapping when bidirectional traffic with small packets is sent through either a 6-port channelized T3 line card or a 2-port channelized OC-3/STM-1 (DS1/E1) line card.
The throttling mechanism produces a severe performance impact, although no link flaps occur.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround. The fix for this caveat consists of a knob for the throttling.
•CSCdy23912
Symptoms A Cisco 7200 series router reloads when you enter the show access-list compiled EXEC command.
Conditions This symptom is observed on Cisco 7200 series router that is configured with a Network Processing Engine G1 (NPE-G1) when there is an empty IP version 4 (IP4) or IP version 6 (IPv6) access control list (ACL).
Workaround Ensure that the IPv4 or IPv6 ACL is not empty when you enter the show access-list compiled EXEC command.
•CSCdy24263
Symptoms If you perform an online insertion and removal (OIR) of a 4-port Packet-over-SONET OC-3c/STM-1 line card before a standby Route Processor (RP) is fully initialized, the line card disappears from the Cisco IOS configuration after the standby RP is fully initialized.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.2)S and that has the Route Processor Redundancy Plus (RPR+) feature enabled, 2000 ATM subinterfaces configured, and 200 Border Gateway Protocol (BGP) peers configured that are advertising 180,000 BGP routes.
Workaround Boot both the active RP and the standby RP at the same time.
•CSCdy25563
Symptoms When a Cisco 12000 series router is booted up or when a 10-port 1-Gigabit Ethernet line cards is reloaded, a CPUHOG message may occur in the Cisco Express Forwarding (CEF) line card interprocess communication (IPC) background process, as is displayed in the following error message:
%SYS-3-CPUHOG: Task ran for 3120 msec (0/0), process = CEF LC IPC Background, PC = 40CEC7E0.
-Traceback= 40CEC7E8 40CDCDC0 40CF2498 40CEF65C 40CEF90C 40CEFBDC 40CF0604 40 0B9BCC 400B9BB8Conditions This symptom is observed on a Cisco 12416 router that is running Cisco IOS Release 12.0(22.1)S1 and that is configured with a Performance Route Processor (PRP), two 10-port 1-Gigabit Ethernet line cards, two 8/16-port OC-3 Packet-over-SONET (POS) line cards, each of which is configured with an even distribution of about 2000 Frame Relay permanent virtual circuit (PVC) subinterfaces, and 700 Border Gateway Protocol (BGP) peers.
Workaround There is no workaround.
•CSCdy25753
Symptoms The Any Transport over Multiprotocol Label Switching (AToM) feature does not generate syslog messages that indicate if or when labels are being imposed or withdrawn on remote provider edge (PE) routers.
Conditions This symptom is observed when AToM virtual circuit (VC) labels are imposed or withdrawn.
Workaround If available in the software image that you are running, enable the debug logging commands.
•CSCdy26487
Symptoms An E1 interface may report that it is handling more than its maximum bandwidth of 1984 kbps.
Conditions This symptom is observed on an E1 channel group that is configured with 31 time slots.
Workaround There is no workaround.
•CSCdy26606
Symptoms A Versatile Interface Processor (VIP) that has a High-Speed Serial Interface (HSSI) reloads continuously after the router is reloaded.
Conditions This symptom is observed when the HSSI interface is in the shutdown state and when it is configured for Frame Relay encapsulation while a quality of service (QoS) with priority feature is enabled.
Workaround Enter the no shutdown interface configuration command on the interface or remove the QoS policy before reloading the router.
mechanism, for which the default position is "Off."
•CSCdy27294
Symptoms On a Cisco 12000 series router that is functioning as a provider edge (PE) router and that is configured with Engine 2 line cards in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) environment, route aggregation in Border Gateway Protocol (BGP) breaks connectivity because the more specific routes are not in the BGP VPN routing/forwarding (VRF) table.
Conditions This symptom is observed when there are multiple customer edge (CE) routers attached to a 3-port Gigabit Ethernet line card, when route aggregation is used in the BGP IP version 4 (IPv4) VRF address family, and when more specific routes are suppressed.
Workaround Ensure that the more specific routes are imported into the BGP VRF table by either redistribution or network statements.
•CSCdy28243
Symptoms After a Cisco 12000 series router performs a switchover, a Cisco Express Forwarding (CEF) CPUHOG message occurs and the router reloads.
Conditions This symptom is observed when the Cisco 12000 series router is configured for IP routing and has IP CEF enabled and when the Address Resolution Protocol (ARP) table is filled with 50,000 entries.
Workaround There is no workaround.
•CSCdy28534
Symptoms Attempting to perform a Fast Software Upgrade (FSU) causes a standby Route Switch Processor (RSP) to enter a continuous reboot cycle.
Conditions This symptom is observed on a Cisco 7500 series router when you attempt to perform an FSU from Cisco IOS Release 12.0(22)S to Release 12.0(22.2)S or later releases.
Workaround Perform a full software upgrade instead of an FSU.
•CSCdy29545
Symptoms Packets that are traversing an Engine 4 plus (E4+) OC-192 line card in a Cisco 12000 series router that has tag switching enabled may be dropped.
Conditions This symptom is observed in a traffic engineering (TE) configuration and occurs when traffic is load balancing across multiple TE tunnels at the headend or when label imposition is performed over multiple paths.
Workaround Enter the clear ip route network mask command on the ingress side of the OC-192 link. Use caution because entering the clear ip route * command may invoke the symptoms.
•CSCdy29962
Symptoms Traffic that is destined for a line card is forwarded to a Route Processor (RP).
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.2)S when you apply an access control list (ACL) to a Virtual Private Network routing/forwarding (VRF) interface of an Engine 2 Packet-over-SONET line card.
Workaround There is no workaround.
•CSCdy29983
Symptoms Border Gateway Protocol (BGP) policy accounting counters on a 3-port Gigabit Ethernet line card increment incorrectly.
The output of the show cef interface type number statistics EXEC command displays that the average rate of index 1 through 3 is about 200 to 300 Mbps while the actual traffic is about 400 kbps.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy30438
Symptoms An Engine 4 line card may reload and may become stuck in the REQ DUMP state.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.2)S when you enter the show controllers forwarding memory manager command.
Workaround There is no workaround. The show controllers forwarding memory manager command is a line-card specific command. Although it is not a hidden command, in general, you should not use it.
•CSCdy30484
Symptoms An Engine 2 3-port Gigabit Ethernet line card that receives a tag packet with a Time to Live (TTL) value of 1 may reload.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy30595
Symptoms A Route Processor reloads and returns to the ROM monitor (ROMmon) prompt.
Conditions This symptom is observed on a Cisco 12000 series router when you attach a Cell Loss Priority (CLP) bit setting hierarchical policy to an interface of an Engine 2 8-port OC-3 ATM line card.
Workaround There is no workaround.
•CSCdy30761
Symptoms Extended pings fail to send packets in a mixed IP and Multiprotocol Label Switching (MPLS) network.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.2)S.
Workaround There is no workaround.
•CSCdy30797
Symptoms A line card does not recover from a system interruption such as a router reload or a microcode reload onto the line card.
Conditions This symptom is observed on a Cisco 12000 series router that is configured with an Engine 2 line card on which 100 Virtual Private Network (VPN) Frame Relay subinterfaces are configured.
Workaround There is no workaround. However, in rare cases the line card may recover from an additional router reload.
•CSCdy31191
Symptoms Packets that enter a provider edge (PE) router over an Engine 4 plus (E4+) line card may not be filtered properly.
Conditions This symptom is observed on a Cisco 12000 series router that is configured with an E4+ 1-port OC-192 or an E4+ 4-port OC-48 line card, when the packets are forwarded out of a Virtual Private Network routing/forwarding (VRF) customer-facing interface that has an output access control list (ACL) configured.
Workaround There is no workaround.
•CSCdy31315
Symptoms A Cisco 12000 series router may reload in the ipc_open_port_by_name function.
Conditions This symptom is observed on a Cisco 12416 router that is running Cisco IOS Release 12.0(22.1)S1 and that is configured with a Performance Route Processor (PRP), two 8/16-port OC-3 Packet-over-SONET (POS) line cards, each of which is configured with 1000 permanent virtual circuit (PVC) subinterfaces, and 700 Border Gateway Protocol (BGP) peers.
Workaround There is no workaround.
•CSCdy31765
Symptoms The following symptoms may be observed on a Cisco 12000 series Engine 2 (E2) ingress line card that is installed in a provider edge (PE) router.
When traffic is destined for an IP address for which the Cisco Express Forwarding (CEF) adjacency is an Ethernet MAC address and the Address Resolution Protocol (ARP) cache is either empty or incomplete, traffic is punted to the CPU of the line card. The CPU attempts to resolve the adjacency and drops the traffic.
While the ARP cache for the Ethernet MAC address is incomplete but traffic is being received for the IP address, the CPU utilization of the line card may increase to 99 percent. This situation may lead to a loss of Interior Gateway Protocol (IGP) neighbors and fabric-unicast ping timeouts, which in turn may cause the line card to reload.
When the CEF adjacency moves from an incomplete state to a MAC address, buffer management application-specific integrated circuit (ASIC) (BMA) errors are triggered and packet switch ASIC (PSA) pipeline stall messages may be displayed:
%LC-3-BMAERRS: ToFab BMA BMA error status error 10
%QM-3-ERROR: ToFab Register 0x40007.
-Traceback= 403F0074 4036DBF4 40498814 400CCF98
%LC-3-BMAERRS: ToFab BMA QM error 1Conditions These symptoms are observed in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) in which a Cisco 12000 series router that is functioning as a PE router is connected to a provider (P) router through an E2 line card and the connection between the PE router and the customer edge (CE) router is a Gigabit Ethernet link.
Workaround The following sequence of commands will prevent the loss of IGP neighbors and fabric-unicast ping timeouts:
a. Enter the attach slot-number privileged EXEC command for the E2 line card.
b. Enter the enable EXEC command.
c. Enter the configure terminal privileged EXEC command.
d. Enter the controller hw-throttle privileged EXEC (hidden) command.
This sequence of commands will not prevent BMA errors and PSA pipeline stall messages, but will prevent the IGP neighbors from being lost and the line card from reloading. Note that these commands will no longer be enabled if the line card or router reloads.
•CSCdy32226
Symptoms After a forced switchover, the new standby Route Processor (RP) does not come up properly. The startup configuration fails to synchronize to the new standby RP.
Conditions These symptoms are observed on a Cisco 12000 series router after you have entered the redundancy force-switchover EXEC command.
Workaround There is no workaround.
•CSCdy33106
Symptoms An IP Service Engine (ISE) line card reloads because of a software error.
Conditions This symptom is observed after you have reloaded a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S or a later release while traffic was active, and the ISE line card has Virtual Private Networks (VPNs) configured on Frame Relay subinterfaces. After the router has reloaded, the line card comes up, reports a software error, and reloads.
Workaround First terminate the traffic before you reload the router. After the router has reloaded, resume the traffic after the ISE line card has reached the Cisco IOS "Run" state.
•CSCdy34017
Symptoms An access control list (ACL) with an Internet Control Message Protocol (ICMP) entry may be incorrectly processed by (the packet switch ASIC [PSA] of) an Engine 2 line card.
Conditions This symptom is observed on a Cisco 12000 series Engine line card when an ACL entry matches an ICMP packet that is specifying its type but not its code.
Workaround Specify the code in all ICMP entries.
•CSCdy35263
Symptoms A Cisco 12000 series 4-port ATM line card repeatedly reloads after you have performed a microcode reload.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S when the carrier supporting carrier feature configured on the 4-port ATM line card.
Workaround There is no workaround.
•CSCdy36370
Symptoms Label controlled ATM (LC-ATM) bindings may not come up after a Stateful Switchover (SSO) is performed.
Conditions This symptom is observed on a Cisco 7500 series router that is configured with an LC-ATM interface.
Workaround There is no workaround.
•CSCdy37630
Symptoms A customer edge (CE) router cannot send Virtual Private Network (VPN) traffic to other CE routers that are connected to the same network core.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.3)S and that is functioning as a CE router that is attached to a provider edge (PE) router. The PE router is configured with an Engine 4 plus dense OC-48 line card that is facing the network core.
Workaround There is no workaround.
•CSCdy38681
Symptoms A 1-port ATM Enhanced OC12/STM4 port adapter (PA-A3-OC12) that is configured with multiple Low Latency Queueing (LLQ) streams that are running near peak cell rate (PCR) may drop packets. The output of the show interfaces command displays that packets are sent out but no packets are coming in. Input or output packet drops are not displayed.
Conditions This symptom is observed during a test on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S.
Temporary Workaround Enter the clear interface type number EXEC command each time the symptom occurs.
•CSCdy39079
Symptoms If a channel is shut down while there is a large amount of line-rate traffic flowing through a line card, the channel may stay down even after you enter the no shutdown interface configuration command on the interface on which the channel is configured. If you enter the shutdown interface configuration command followed by the no shutdown interface configuration command multiple times on the affected interface, the channel still does not come back up.
Conditions This symptom is observed under rare situations.
Workaround There is no workaround. To recover from the situation, reload the line card.
•CSCdy39795
Symptoms The CPUs of all line cards on a router may show very high utilization, and interprocess communication (IPC) between the Route Processor (RP) and the line cards may fail, which may disable the Forwarding Information Base (FIB) and Multicast Distributed Fast Switching (MDFS) and may cause line cards to reload.
Conditions These symptoms are observed on a Cisco 12400 series router that is running Cisco IOS Release 12.0(22.3)S when there is a large number of Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel interfaces configured and the ip multicast-routing distributed global configuration command is enabled.
Workaround There is no workaround.
•CSCdy40704
Symptoms When you disable Link Bundling on the interfaces of a Cisco 12000 series Engine 2 line card, single-mode Link Bundling microcode is not unloaded.
Conditions This symptom is observed when Link Bundling is configured on a Cisco 12000 series router.
Workaround Reload default microcode onto the affected line cards.
•CSCdy41363
Symptoms Incoming traffic may be dropped because of giant packets.
Conditions This symptom is observed when packets that are larger than 16,000 bytes come in and cause a significant memory leak in the packet memory.
Workaround There is no workaround.
•CSCdy41415
Symptoms The global configuration mode becomes unlocked before a standby Route Processor (RP) is fully booted up.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.03)S and that is configured with two RPs.
Workaround There is no workaround.
•CSCdy41605
Symptoms Traffic cannot pass out of a priority queue.
Conditions This symptom is observed on a Cisco 10000 series router when a priority queue is configured on any interface.
Workaround There is no workaround.
•CSCdy41760
Symptoms A standby Route Processor (RP) fails to come up to standby mode and reloads when a switchover occurs.
Conditions This symptom is observed on a Cisco 12000 series router that is configured with two RPs. The LED shows that the secondary RP is in standby mode, but if you make a console connection to the standby RP, the standby RP fails to respond.
Workaround There is no workaround.
•CSCdy43056
Symptoms Continuous fragmented generic routing encapsulation (GRE) packets in the core may cause a line card to reload.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S, Release 12.0(22)S, or Release 12.0(22.3)S.
Workaround There is no workaround.
•CSCdy43671
Symptoms An Engine 0 ATM line card may reload.
Conditions This symptom is observed under rare circumstances when a Cisco 12000 series router is booted up with Cisco IOS Release 12.0(21)ST3.
Workaround There is no workaround.
•CSCdy46586
Symptoms "CBUS-4-FIXBADTXVC" tracebacks occur when traffic is being passed. These tracebacks have no operational side effects.
Conditions This symptom is observed in Cisco IOS Release 12.0 S when Xconnect uses Layer 2 Tunneling Protocol version 3 (L2TPv3) for channelized interfaces with PPP or High-Level Data Link Control (HDLC) encapsulation.
Workaround There is no workaround.
•CSCdy46676
Symptoms Performance degradation may occur on an Engine 4 plus line card when traffic engineering (TE) tunnel load balancing is enabled.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.3)S.
Workaround There is no workaround.
•CSCdy47173
Symptoms A Route Processor (RP) may reload when you install a Flash card in slot 1 of the RP.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy47439
Symptoms The input queue on a Packet-over-SONET (POS) channel (that is, a physical interface in a channel group) may be wedged.
Conditions This symptom is observed on a Cisco 12000 series router when you configure a POS channel.
Workaround There is no workaround.
•CSCdy47645
Symptoms You cannot attach an output service policy with Class-Based Weighted Fair Queueing (CBWFQ) to an ATM subinterface that is configured for tag switching.
Conditions This symptom is observed on a Cisco 7500 series router.
Workaround There is no workaround.
•CSCdy48075
Symptoms If an active Performance Routing Engine (PRE) fails before a standby Performance Route Processor (PRP) is fully configured, the standby PRP may not perform a switchover correctly.
Conditions This symptom is observed on a Cisco 10000 series router in a redundant configuration.
Workaround Do not force a switchover until the standby PRP is fully initialized. If the active PRP fails and the standby PRP does not switch over correctly, reload the standby PRP.
•CSCdy48985
Symptoms During Intermediate System-to-Intermediate System (IS-IS) fragmentation through a Layer 2 Tunneling Protocol version 3 (L2TPv3) session, a "%LINK-4-TOOBIG" error may occur.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.3)S.
Workaround There is no workaround.
•CSCdy50509
Symptoms An extended security access control list (ACL) that has the "lt 0" or "gt 65535" keyword should not match any port. However, when you use a Turbo ACL that has the access-list compiled global configuration command enabled, the "lt 0" or "gt 65535" keyword will match any port.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround Remove the "lt 0" or "gt 65535" keyword.
•CSCdy51197
Symptoms Fast Reroute (FRR) may fail to trigger if the cause of the failure is registered in the Route Processor (RP) when the link state is already down.
Conditions This symptom may be observed when triggers are delayed, for example when the pos delay triggers interface configuration command is enabled.
Workaround Disable the pos delay triggers interface configuration command.
•CSCdy52055
Symptoms The running configuration is no longer synchronized after you perform an online insertion and removal (OIR) of the line card followed by a Stateful Switchover (SSO).
Conditions This symptom is observed on a Cisco 10000 series router that is functioning in a high availability (HA) environment and that is connected to a Cisco 12000 series router via an 8-port Fast Ethernet line card, a Gigabit Ethernet line card, or a Gigabit Ethernet Half-Height line card, when the following sequence of events occurs:
a. The IP address of the line card is configured and saved to the startup configuration.
b. The Cisco 12000 series router issues a continuous ping.
c. You perform and OIR on the line card that connects the Cisco 10000 series router to the Cisco 12000 series router.
d. When the continuous ping of the Cisco 12000 series router is registered again, you enter the redundancy force-failover main-cpu EXEC command on the Cisco 10000 series router.
The output of the show running-config EXEC command and the show ip interface brief EXEC command displays that the line card that connects the Cisco 10000 series router to the Cisco 12000 series router no longer has an IP address configured.
Workaround To restore the proper configuration, enter the copy startup-config running-config EXEC command.
•CSCdy52168
Symptoms A standby Performance Routing Engine (PRE) may not detect all line cards, which causes traffic not to resume after a Stateful Switchover (SSO) has occurred.
Conditions This symptom is observed on a Cisco 10000 series router.
Workaround There is no workaround.
•CSCdy52429
Symptoms Label controlled ATM (LC-ATM) bindings may not come up after a Stateful Switchover (SSO) is performed.
Conditions This symptom is observed on a Cisco 7500 series router that is configured with an LC-ATM interface.
Workaround There is no workaround.
•CSCdy53082
Symptoms There is no local tag in the Label Forwarding Information Base (LFIB) for a prefix or tag that is learnt through IP version 4 (IPv4) Border Gateway Protocol (BGP).
Conditions This symptom is observed when the prefix or tag is redistributed through Interior Gateway Protocol (IGP)/Label Distribution Protocol (LDP).
Workaround There is no workaround.
•CSCdy54559
Symptoms If a policy map configuration is based on Multiprotocol Label Switching (MPLS) experimental (EXP) bits, the Weighted Random Early Detection (WRED) profile matching on the EXP bits is not accepted by the policy map.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy54781
Symptoms The software access control list (ACL) counter may not increase, but the hardware counter does.
Conditions This symptom is observed when you apply an ACL to multiple interfaces and then update the ACL.
Workaround First remove the ACL from the interfaces, update the ACL, and then apply the ACL again to the interfaces.
•CSCdy55441
Symptoms If a 128-line input access control list (ACL) is configured on an Engine 2 Quad OC-12 line card that has interfaces configured for Virtual Private Network (VPN) and one subinterface for Frame Relay, the line card may reload.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S.
Workaround There is no workaround.
•CSCdy55672
Symptoms Cisco Express Forwarding (CEF) entries are not installed correctly for loopback IP version 6 (IPv6) addresses.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround To enable the entries to be installed, enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected interface.
•CSCdy57386
Symptoms A router may reload when you change the router identity (ID).
Conditions This symptom is observed when an Any Transport over Multiprotocol Label Switching (AToM) virtual circuit (VC) is operational.
Workaround To ensure that the router ID is not changed, configure a loopback interface and enter the mpls ldp router-id loopback force command.
•CSCdy59030
Symptoms On an active Route Processor (RP), label virtual circuits (LVCs) are created, but on a standby RP, LVCs are not created and the control virtual circuit (VC) is blocked. When a switchover occurs, LVCs are still present on an ATM line card. Because the Multiprotocol Label Switching (MPLS) feature only deletes tag entries that time out, stray VCs may remain configured on the router without being noticed.
Conditions These symptoms are observed when tag switching is configured over an ATM interface that is installed in a router that functions in an MPLS environment. When the control VC is set up, ATM LVCs are created automatically when routes are created, but they are only created on the active RP and not on the standby RP.
Workaround There is no workaround.
•CSCdy59340
Symptoms Multiprotocol Label Switching Virtual Private Network (MPLS VPN) may not function on the subinterfaces of a 3-port Gigabit Ethernet (GE) line card. Border Gateway Protocol (BGP) becomes stuck in the "open sent" state on a provider edge (PR) router that is connected to one end of the GE link.
Conditions These symptoms are observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.4)S when Ethernet over MPLS (EoMPLS) microcode is loaded onto the 3-port GE line card.
Workaround There is no workaround.
•CSCdy59895
Symptoms Traffic is not sent through a network when you use an ATM link between a Cisco customer edge (CE) router and a Cisco provider edge (PE) router.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.4.)S.
Workaround There is no workaround.
•CSCdy65452
Symptoms A standby Route Processor (RP) reloads during initialization.
Conditions This symptom is observed on a Cisco 12000 series router that is configured with two RPs when the Stateful Switchover (SSO) feature is enabled.
Workaround There is no workaround.
•CSCdy66571
Symptoms The shadow state on a standby Route Processor (RP) remains down after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the router interfaces.
Conditions This symptom is observed on a Cisco 12000 series router that is configured with two RPs when the Stateful Switchover (SSO) feature is enabled.
Workaround There is no workaround.
•CSCdy67004
Symptoms The following error message may be displayed on the console of a standby Performance Routing Engine (PRE):
%CHSTM1-3-STATESYNC: Redundancy state synchronization failure slot 1/0 - (invalid parameters)
This message indicates that some of the redundancy features are not functioning correctly on a 1-port channelized OC-12 line card.
Conditions This symptom is observed when at least one 1-port channelized OC-12 line card is installed in a Cisco 10000 series router that is configured with redundant PREs.
Workaround There is no workaround.
•CSCdy73001
Symptoms If a primary Clock Scheduler Card (CSC) is pulled out and reinserted while traffic through an OC-48 line card is running, the inbound traffic will stop being forwarded and the line card may reload.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy74457
Symptoms The forwarding of IP version 6 (IPv6) packets from a Cisco 12000 series Engine 3 line card to a Cisco 12000 series Engine 0 line card does not function for certain directly connected hops.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S or Release 12.0(22)S1.
Workaround There is no workaround.
•CSCdy74512
Symptoms Layer 2 Tunneling Protocol version 3 (L2TPv3) Ethernet Xconnect does not transport 802.3-encapsulated packets such as Systems Network Architecture (SNA) packets, Connectionless Network Protocol (CLNP) packets, and Intermediate System-to-Intermediate System (IS-IS) packets.
Conditions This symptom is observed on Cisco 7200 series routers and low-end platforms. The symptom is also observed on Cisco 7500 series routers in nondistributed mode.
Workaround There is no workaround.
•CSCdy75485
Symptoms All Layer 2 management packets are dropped, which causes all interfaces that depend upon keepalives to transition to the down state.
Conditions This symptom is observed on a Cisco 10000 series router in a configuration with a large numbers of interfaces.
Workaround There is no workaround.
•CSCdy76964
Symptoms When you configure Per-Packet Load Balancing (PPLB) and Layer 2 Tunneling Protocol version 3 (L2TPv3) on a 3-port Gigabit Ethernet line card, L2TPv3 may drop packets.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.4)S.
Workaround Disable PPLB on the line card.
•CSCdy78808
Symptoms An Engine 2 line card may generate "QM-4-STUCK" messages and may stop forwarding traffic.
Conditions This symptom is observed on a Cisco 12000 series router when an adjacent router is booted up.
Workaround Reload microcode onto the Engine 2 line card.
•CSCdy81016
Symptoms An ATM interface may have some initialization difficulties. Although a ping can pass the ATM interface, when the ATM interface sends traffic and the traffic rate is more than 10 packets per second, the packets will be dropped.
Conditions This symptom is observed randomly. After the router has booted up, some ATM subinterfaces function correctly, whereas some do not.
Workaround Remove the virtual circuit (VC) under the affected subinterface, and reconfigure the VC.
•CSCdy81098
Symptoms A Cisco router may reload when a Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel interface changes to the "Up" state.
Conditions This symptom is observed when load-balanced Interior Gateway Protocol (IGP) paths are configured.
Workaround There is no workaround.
•CSCdy81738
Symptoms The routes in a Cisco Express Forwarding (CEF) table may be mismatched between the Gigabit Route Processor (GRP) and the line cards. You can clear the mismatch by entering the clear cef linecard EXEC command, but if the routes are relearned, the situation will reoccur.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S4 or Release 12.0(22)S when an access control list (ACL) is configured to deny Simple Network Management Protocol (SNMP) packets.
Workaround Disable the ACL that denies the SNMP packets.
Alternate Workaround Run Cisco IOS Release 12.0(21)S3.
•CSCdy82049
Symptoms Applying some features that are found in the Vanilla uCode bundle on interfaces that have Xconnect enabled may cause Internet Control Message Protocol (ICMP) to fail when the maximum transmission unit (MTU) is exceeded.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.4)S.
Workaround Remove the above-mentioned features from interfaces that have Xconnect enabled.
•CSCdy86230
Symptoms The Small Form-Factor Plugable (SFP) command-line interface (CLI) is enabled on production images. It should be enabled on nonproduction images and disabled on production images.
Conditions This symptom is observed in Cisco IOS Release 12.0 S.
Workaround There is no workaround.
•CSCdy87479
Symptoms An OC-12 Dynamic Packet Transport (DPT) line card may reload when IP version 6 (IPv6) is configured on the interface.
Conditions This symptom is observed when IPv6 traffic enters the interface.
Workaround Unconfigure IPv6 on the interface, and use tunnels instead.
•CSCdy87514
Symptoms A Gigabit Route Processor (GRP) or line card may reload at tfib_frr_update_group_output_if.
Conditions This symptom is observed on a Cisco 12000 series router that is configured for Multiprotocol Label Switching traffic engineering (MPLS TE) with Fast Reroute (FRR).
Workaround There is no workaround.
•CSCdy89077
Symptoms A Cisco 12000 series Engine 2 line card may incorrectly drop all packets that are destined for the router. This condition may result in the loss of routing protocol packets, and the protocol connectivity with neighbors may reset.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(18)ST or a later release, or Release 12.0(22)S or a later release when heavy utilization of the CPU of the line card occurs.
Workaround There is no workaround.
•CSCdz00424
Symptoms A line card reloads when you enter the shutdown PVC range configuration command followed by the no shutdown PVC range configuration command on a permanent virtual circuit (PVC) through which traffic flows.
Conditions This symptom is observed only when there are multiple PVCs configured and does not occur when a single PVC is shut down and brought up again.
Workaround There is no workaround.
•CSCdz06149
Symptoms When an input access control list (ACL) is configured and the ip unreachables interface configuration command is enabled (which is enabled by default) on an interface, a low rate of packet leakage occurs for those packets that are dropped by the ACL. The rate is the same or less than the expected rate of Internet Control Message Protocol (ICMP) unreachable packets that are sent back to the source. The leak occurs only for IP packets (without the IP Header [L3] option) that have a size that is smaller than 56 bytes.
Conditions This symptom is observed in Cisco IOS Release 12.0 S on a Cisco 12000 series 4-port OC-48c/STM-16c Packet-over-SONET Enhanced Services line card and on a Cisco 12000 series 1-port OC-192c/STM-64 Packet-over-SONET Enhanced Services line card.
This symptom does not occur in Cisco IOS Release 12.0 ST.
Workaround Enter the no ip unreachables interface configuration command on the interface to prevent the packet leakage. However, in this situation, ICMP unreachable packets are not sent back to the source when packets are dropped by the ACL.
•CSCdz06300
Symptoms The IP Source Tracker feature unexpectedly stops functioning on a line card, and packets for the source-tracked destination are not forwarded because the IP Source Tracker feature is stuck in the throttling mode.
Conditions This symptom is observed on a Cisco 12000 series Engine 2 line card. To determine if the line card is in the above-mentioned condition, enable the debug lc hw-throttle hidden command; if the following message recurs every two seconds—even when there is low CPU utilization—the IP Source Tracker feature is stuck in the throttling mode:
SLOT 0: GLC_HW: Disabled HW DOS throttling (CPU at 0%, sched skew: -1%)
Workaround Reload the line card.
•CSCdz07976
Symptoms An Engine 2 line card may reload continuously.
Conditions This symptom is observed on a Cisco 12000 series router when a router that is adjacent to the Cisco 12000 series router is rebooted while Border Gateway Protocol (BGP) policy accounting is configured on the Engine 2 line card and traffic is flowing through the line card.
Workaround There is no workaround. When this situation occurs, stop the traffic that is flowing through the Engine 2 line card until Cisco Express Forwarding (CEF) is loaded onto the line card.
•CSCin10067
Symptoms When member links are removed from a multilink bundle (M2) and configured as members of another multilink bundle (M5), the M5 multilink bundle does not come up.
Conditions This symptom is observed only with the distributed Multilink PPP (MLP) feature when a member link is reconfigured to be a member link of another multilink bundle. This symptom is observed only on Cisco 7500 series and Cisco 7600 series routers.
Workaround There is no workaround.
•CSCin10568
Symptoms Untagged entries appear in the Tag Forwarding Information Base (TFIB).
Conditions This symptom is observed when you toggle a Label Distribution Protocol (LDP)/Tag Distribution Protocol (TDP) session by toggling the LDP router identification (ID). This situation occurs in Cisco IOS Release 12.0 (21.1)S2, Release 12.0(21.1)SY2, Release 12.2(8.4), Release 12.2(8.4)S, Release 12.2(8.5)T, or later versions of the above-mentioned releases.
Workaround Enter the clear ip route network command to recover from the situation.
•CSCdz10787
Symptoms When a label switching router (LSR) reroutes some destinations and selects another interface, the upstream LSR for these destinations may lose the headend label bindings for them.
Conditions This symptom is observed in a Multiprotocol Label Switching (MPLS) ATM network when Intermediate System-to-Intermediate System (IS-IS) is used as the routing protocol.
Temporary Workaround Enter the clear ip route network EXEC command for the affected destinations until the symptom occurs again.
•CSCin12742
Symptoms The alarm indication signal (AIS) that is sent by a port adapter is not recognized. The AIS that is sent by the port adapter does not conform to existing standards.
Conditions This symptom is observed in a network in which two T3 multichannel port adapters (PA-MC-2T3) are configured in a back-to-back configuration for M23 framing.
Workaround There is no workaround.
•CSCuk35272
Symptoms A Cisco 12000 series Internet router may reload when the shutdown interface configuration command followed by the no shutdown interface configuration command is entered on a multilink bundle that is connected to a Cisco 7200 series router.
Conditions This symptom is observed on a Cisco 12000 series Internet router that has a 2-port CHOC3/STM1 T1/E1 line card that is connected through an Add-Drop Multiplexor (ADM) to a Cisco 7200 series router that has a channelized E1 PRI port adapter. This symptom is observed in Cisco IOS Release 12.0(17)ST6 and Release 12.0(21)ST2.
Workaround There is no workaround.
•CSCuk35313
Symptoms A Cisco 12000 series 8-port Packet-over-SONET OC-3c/STM-1 line card may reload.
Conditions This symptom is observed when the encapsulation type of one of the interfaces of the line card is set to Frame Relay.
Workaround There is no workaround.
•CSCuk35848
Symptoms Adjacencies that are required to forward packets to an IP Service Engine (ISE) line card are not created properly, and packets cannot be forwarded through a pseudowire or tunnel.
Conditions This symptom is observed on a Cisco 12000 series router when Layer 2 Tunneling Protocol version 3 (L2TPv3) and generic routing encapsulation (GRE) are configured.
Workaround There is no workaround.
•CSCuk36097
Symptoms The "receive" adjacency of an IP Service Engine (ISE) line card may not be created correctly on ingress line cards. This situation prevents a generic routing encapsulation (GRE) tunnel from forwarding packets.
Conditions This symptom is observed when a Cisco 12000 series router is configured with an ISE line card and with more than one GRE tunnel.
Workaround There is no workaround.
•CSCuk36359
Symptoms A Layer 2 Tunneling Protocol version 3 (L2TPv3) connection may not function because the tunnel endpoint cannot be learned.
Conditions This symptom is observed in Cisco IOS Release 12.0(22.1)S.
Workaround There is no workaround.
•CSCuk37123
Symptoms Traffic that is sent from an Engine 3 line card over the switch fabric to Multilink PPP (MLP) bundles that are configured on a 2-port channelized OC-3/STM-1 (DS1/E1) line card drops.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S2 or Release 12.0(22.3)S and that is configured with a 4-port IP Service Engine (ISE) OC-12c/STM-42 Packet-over-SONET line card and a 2-port channelized OC-3/STM-1 (DS1/E1) line card.
Workaround There is no workaround.
•CSCuk37799
Symptoms A Cisco 12000 series IP Service Engine (ISE) line card reloads when you exceed the hardware limitation during the configuration of an access control list (ACL).
Conditions This symptom is observed after you have first attached the ACL to several Frame Relay subinterfaces.
Workaround First configure the ACL, and then attach it to the subinterfaces.
•CSCuk38075
Symptoms Web Cache Communication Protocol (WCCP) does not function properly when Cisco Express Forwarding (CEF) is enabled. Bypass packets from the cache engine are dropped instead of being forwarded.
Conditions This symptom is observed when both WCCP and CEF are enabled.
Workaround Disable CEF on the router, and rely on IP fast switching.
Novell IPX, XNS, and Apollo Domain
•CSCdx83726
Symptoms A router may display a bus error or, if a hard watchdog reset is performed, the router may display a hard watchdog reset_message.
Conditions This symptom is observed on a router that is running Cisco IOS Release 12.2 PI when Internetwork Packet Exchange (IPX) Enhanced Interior Gateway Routing Protocol (EIGRP) is being used.
Workaround There is no workaround.
Wide-Area Networking
•CSCdv16842
Symptoms A router may reload when it is performing heavy IP Control Protocol (IPCP) address negotiations such as those that occur when several hundred links are brought up simultaneously on an ATM or Frame Relay interface.
Conditions This symptom is observed when several hundred IPCP sessions are renegotiated without a recycle of Link Control Protocol (LCP).
Workaround There is no workaround.
•CSCdw87830
Symptoms If you copy the configuration to the running configuration using TFTP, not all of the multilink bundles may transition into the "Up" state.
Conditions This symptom is observed on a Cisco 10000 series router that has a configuration with many multilink bundles.
Workaround There is no workaround.
•CSCdy16126
Symptoms Frame Relay switching does not work on a router when distributed Cisco Express Forwarding (CEF) is configured.
Conditions This symptom is observed if a switched data-link connection identifier (DLCI) is configured directly on a Local Management Interface (LMI) DTE interface on a Cisco 7500 router that has distributed Cisco Express Forwarding (DCEF) configured by entering the frame-relay interface-dlci dlci interface configuration command.
This symptom does not occur with an LMI DCE or a Network Node Interface (NNI).
Workaround Use the frame-relay route interface configuration command on the DTE instead of the frame-relay interface-dlci dlci interface configuration command.
•CSCdy17559
Symptoms The frame-relay map interface configuration command may not synchronize correctly to a standby Route Processor (RP).
Conditions This symptom is observed on a Cisco 12000 series router when Frame Relay switching occurs. The symptom is not observed when back-to-back Frame Relay encapsulation is configured.
Workaround There is no workaround.
•CSCdy27349
Symptoms A locally switched Frame Relay connection that is enabled with the connect Frame Relay global configuration command may remain administratively down after a Stateful Switchover (SSO) has occurred, even though the permanent virtual circuit (PVC) state is "active."
Conditions This symptom is observed on a Cisco 7500 series router. The symptom does not occur when you enable the locally switched Frame Relay connection with the frame-relay route interface configuration command.
Workaround To reestablish the connection, enter the no shutdown interface configuration command in the connect submode.
Alternate Workaround To reestablish the connection, enter the shutdown interface configuration command followed by the no shutdown interface configuration command on one of the Frame Relay interfaces.
•CSCin15119
Symptoms A router may reload because of an SSS memory allocation failure (MALLOCFAIL) during a session establishment.
Conditions This symptom is observed on a Cisco router that functions as a Virtual Private Dialup Network (VPDN) home gateway (HGW) that is using Layer 2 Forwarding (L2F), Layer 2 Tunneling Protocol (L2TP), or PPP Tunnel Protocol (PPTP) as the tunneling protocol.
Workaround There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(22)S6
Cisco IOS Release 12.0(22)S6 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S6 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.
The following information is provided for each caveat:
•Symptoms—A description of what is observed when the caveat occurs.
•Conditions—The conditions under which the caveat has been known to occur.
•Workaround—Solutions, if available, to counteract the caveat.
IP Routing Protocols
•CSCec16481
A Cisco device running Internetwork Operating System (IOS) and enabled for the Open Shortest Path First (OSPF) Protocol is vulnerable to a Denial of Service (DoS) attack from a malformed OSPF packet. The OSPF protocol is not enabled by default.
The vulnerability is only present in IOS release trains based on 12.0S, 12.2, and 12.3. Releases based on 12.0, 12.1 mainlines and all IOS images prior to 12.0 are not affected. Refer to the Security Advisory for a complete list of affected release trains.
Further details and the workarounds to mitigate the effects are explained in the Security Advisory which is available at the following URL:
http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml.
Miscellaneous
•CSCdy74384
Symptoms: Per Interface Rate Control (PIRC) does not act on IP traffic that would have otherwise been tagged (MPLS) if the current hop was not the penultimate hop for a given destination. PIRC does not act on IP traffic with destination addresses that have an implicit-null label as their label binding.
Conditions: This symptom is observed on a Cisco 12000 series router.
Workaround: There is no workaround.
•CSCdz54497
This caveat consists of two symptoms, two conditions, and two workarounds:
Symptom 1: The interface index of a tunnel interface may be corrupt, and the output of the show running-config privileged EXEC command may display the following information:
%FIB-2-IFINDEXILLEGAL: An internal software error occurred. Argument ifindex is out of bounds at -1.
Condition 1: This symptom is observed on a Cisco 7500 series after a switchover has occurred and you first add a tunnel interface, then remove the tunnel interface, and then add the tunnel interface again.
Workaround 1: There is no workaround.
Symptom 2: Cisco Express Forwarding (CEF) may not form adjacencies across a 2-port multichannel T3 port adapter (PA-MC-2T3+) as is indicated in the output of the show cef interface type number EXEC command (in this example, serial interface 12/0/0/8:0 is used):
% CEF IDB corresponding to Serial12/0/0/8:0 is not found
Condition 2: This symptom is observed on a Cisco 7500 series after a switchover has occurred and you first add a serial interface, then remove the serial interface, and then add the serial interface again.
Workaround 2: There is no workaround.
•CSCea05010
Symptoms: An outgoing adjacency for a Virtual Private Network (VPN) routing/forwarding (VRF) prefix always points to a virtual interface in distributed Cisco Express Forwarding (dCEF).
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S5.
Workaround: There is no workaround.
•CSCeb54951
Symptoms: A Performance Route Processor (PRP) on a Cisco 12000 series can reload with a SIGTRAP exception after receiving a 1612 bytes or longer frame on an Ethernet0 or Ethernet1 interface.
Conditions: This symptom is observed only on the PRP. The Gigabit Route Processor (GRP) is not affected.
Workaround: Isolate the PRP Ethernet ports to an isolated Ethernet segment.
•CSCeb81538
Symptoms: An Engine 4 line card may reload when an Engine 2 line card sends a corrupt Multiprotocol Label Switching (MPLS) packet.
Conditions: This symptom is observed on a Cisco 12000 series that is configured for MPLS.
Workaround: There is no workaround.
•CSCec13559
Symptoms: On Packet-over-SONET (POS) Engine 2 line cards for a Cisco 12000 series router, IP2TAG traffic does not get rate limited by Per Interface Rate Control (PIRC).
Conditions: This symptom is observed when PIRC is enabled on ingress interface, Multiprotocol Label Switching (MPLS) is enabled on egress interface, and the IP destination is more than one hop away. This symptom is also observed on Engine 2 Gigabit Ethernet line cards.
Workaround: There is no workaround.
•CSCec16725
Symptoms: Ethernet over Multiprotocol Label Switching (EoMPLS) disposition fails for an egress Packet-over-SONET (POS) Engine 4 plus (E4+) line card. Tag bytes increment as traffic comes in, but nothing is sent out the egress 3-port Gigabit Ethernet (GE) interface.
Conditions: This symptom is observed on a Cisco 12416 router that is running Cisco IOS Release 12.0(22)S5.
Workaround: Use a different card or router for the EoMPLS disposition, but do not use the E4+ line card.
•CSCec20473
Symptoms: A 3-port Gigabit Ethernet (GE) line card may stop transmitting traffic.
Conditions: This symptom is observed on a Cisco 12000 series that is configured as a Multiprotocol Label Switching (MPLS) provider edge (PE) router that is running Cisco IOS Release 12.0(25)S1.
Workaround: Use the hw-module slot x reload privileged EXEC command.
Resolved Caveats—Cisco IOS Release 12.0(22)S5
Cisco IOS Release 12.0(22)S5 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S5 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.
The following information is provided for each caveat:
•Symptoms—A description of what is observed when the caveat occurs.
•Conditions—The conditions under which the caveat has been known to occur.
•Workaround—Solutions, if available, to counteract the caveat.
Basic System Services
•CSCdv75121
Symptoms: A master Route Switch Processor (RSP) may cause a router to pause indefinitely or reload.
Conditions: This symptom is observed on a Cisco 7500 series router that is configured with a line card when the write memory EXEC command is entered and when the line card reloads while the write memory EXEC command is being processed.
Workaround: There is no workaround.
•CSCdz87017
Symptoms: Information about a port adapter (PA) may be missing from the output of a show diag EXEC command.
Conditions: This symptom is observed on a controller with a memory size of 128 MB DRAM and 8192 KB SRAM. The controller displays the following information:
PA Bay 0 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 0 HW rev 0.00, Board revision UNKNOWN Serial number: 00000000 Part number: 00-0000-00
PA Bay 1 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 1 HW rev 1.00, Board revision A0 Serial number: 08534388 Part number: 73-1688-04
This condition is seen after upgrading from Cisco IOS Release 12.2(11)T to Cisco IOS Release 12.2(13)T.
Workaround: There is no workaround.
IP Routing Protocols
•CSCdu53656
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
•CSCdx02283
Symptoms: A Cisco router does not register correctly with a Route Processor (RP) over a generic routing encapsulation (GRE) tunnel. The output of the debug ip pim [group] privileged EXEC command shows that the register is being sent but that the RP does not receive it.
Conditions: This symptom is observed on a Cisco router that has a directly connected source in a GRE tunnel environment.
Workaround: There is no workaround.
•CSCdz10505
Symptoms: When a neighbor under virtual route forwarding (VRF) is configured using the bgp graceful-restart router configuration command, the session does not begin. A notification regarding the wrong OPEN message is generated.
Conditions: This symptom is observed only when the router is configured using the bgp graceful-restart router configuration command.
Workaround: There is no workaround.
•CSCea28131
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
•CSCea64725
Symptoms: If a peer group is slow to establish and comes up while other members of the peer group are converging, the recently established member may not advertise the routes that were sent to the other members.
Conditions: This symptom occurs only if the new peer group member comes up while the other members of a peer group are converging. This symptom does not occur if the new peer group member comes up after the other members of the peer group have finished converging.
Workaround: The routes can be readvertised by entering the clear ip bgp peer-group-name soft out privileged EXEC command for any peer that has missing routes.
•CSCeb00172
Symptoms: When the neighbor {ip-address | peer-group-name} default-originate router configuration command is used with a peer group, peers that belong to that peer group come up at a different time from when the Border Gateway Protocol (BGP) is formatting updates. Because of this behavior, the router may not advertise all routes to members of the peer group.
Conditions: This symptom is observed with IP version 4 (IPv4) unicast and Virtual Private Network (VPN) routing/forwarding (VRF) address family (AF) packets.
Workaround: There is no workaround.
•CSCeb00180
Symptoms: Border Gateway Protocol (BGP) update generation may pause indefinitely when BGP is converging.
Conditions: This symptom may occur under any of the following six conditions when BGP is converging:
1. When non-peer-group peer sessions flap or when the clear ip bgp address privileged EXEC command is entered several times for a non-peer-group peer.
2. When the clear ip bgp * soft out privileged EXEC command is entered repeatedly in rapid succession.
3. When peers are moved in or out of peer groups.
4. When routers that are configured with unicast assured forwarding (AF) and AF only are reloaded.
5. When all members of a peer group are cleared by performing either a hard reset or a soft reset. In this situation, only the peer group is affected.
6. When some routes are advertised to or withdrawn from the router while the router is converging, some peers in a peer group may not receive all the updates.
Workaround: There is no workaround for conditions 1 through 5.
To recover from condition 6, enter the clear ip bgp neighbor-address soft out privileged EXEC command. For the neighbor-address argument, use the IP address of the peer that did not receive all of the updates.
•CSCeb14687
Symptoms: Border Gateway Protocol (BGP) may send incomplete updates to the peer routers, and some routers may not send full routes to their peer routers. This behavior may cause some routes to be missing from the peer.
Conditions: This symptom is observed when a slow BGP peer in a peer group comes up while BGP is in the process of sending updates to the peer routers. This symptom is not platform specific.
Workaround: Enter the clear ip bgp peer- address soft out EXEC command to clear this condition. Avoid using a peer group if possible.
Miscellaneous
•CSCdx59003
Symptoms: A Cisco 12000 series Internet router may report incorrect environmental values, as the following environmental logs display:
%ENV_MON-2-VOLTAGE: MBUS 5V supply(slot 1) volts has reached SHUTDOWN level at 5 m(V) %ENV_MON-2-TEMP: Hotpoint temp sensor(slot 17) temperature has reached SHUTDOWN level at 756(C) %ENV_MON-2-VOLTAGE: Card 3.3v supply(slot 17) volts has reached CRITICAL level at 2560 m(V)
Although the environmental logs indicate that the shutdown level has been reached, the router does not shut down the line cards for which the incorrect environmental values are reported.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S3, Release 12.0(21)S5, Release 12.0(21)ST2, or Release 12.0(22)S.
Workaround: There is no workaround.
•CSCdy89749
Symptoms: A Gigabit Ethernet Interface Processor plus (GEIP+) may report many alignment errors and the CPU utilization may stay at 100 percent.
Conditions: This symptom is observed on a Cisco 7500 series router.
Workaround: There is no workaround.
•CSCdz04297
Symptoms: A router may pause indefinitely instead of restarting.
Conditions: This symptom is observed when the router is handling invalid addresses in the cached address space.
Workaround: There is no workaround.
•CSCdz22526
Symptoms: If distributed Cisco Express Forwarding (dCEF) is configured on a generic routing encapsulation (GRE) provider edge (PE) router, IP packets are ignored and dropped on the Versatile Interface Processor (VIP) interface.
Conditions: This symptom is observed on a Cisco 7500 series that is running Cisco IOS Release 12.2(12.14)T.
Workaround: Use Cisco Express Forwarding (CEF).
•CSCdz59683
Symptoms: After the ALPHA application-specific integrated circuit (ASIC) is reset because of error recovery (that may be caused by parity errors in ALPHA memory), the port or fetch descriptors that select correct threads in ALPHA microcode are not programmed correctly. This behavior may prevent certain configured features, such as IP version 6 (IPv6) or IP Virtual Private Network (VPN) routing/forwarding (VRF), from working correctly.
Conditions: This symptom is observed on the line card of a Cisco 12000 series.
Workaround: Reset the line card.
•CSCdz71127
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
•CSCdz72673
Symptoms: A Cisco router that is functioning as a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) router may reload with an "address error" message.
Conditions: This symptom is observed at bootup time when the PE and customer edge (CE) interfaces are coming up. The symptom occurs when a locally learned VPN routing/forwarding (VRF) route temporarily loses its local label. This condition leads to some data structures being cleaned up but still retaining references to the local label. It may also occur after bootup in the case of interface flaps. The reload is not a common occurrence, however, and may need additional triggers.
A list of the affected releases can be found at http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdv49909. Cisco IOS releases that are not listed in the "First Fixed-in Version" field at this location are not affected.
Workaround: There is no workaround.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
•CSCea14108
Symptoms: Pings from a customer edge (CE) router may fail in an Any Transport over Multiprotocol Label Switching (AToM) network.
Conditions: This symptom is observed when Ethernet over Multiprotocol Label Switching (EoMPLS) AToM is configured.
Workaround: There is no workaround.
•CSCea23999
Symptoms: A router may reload during a class of service (CoS) update in a Weighted Random Early Detection (WRED) drops routine even though CoS and WRED are not configured on the router.
Conditions: This symptom is observed on a Cisco 12000 series.
Workaround: There is no workaround.
•CSCea25707
Symptoms: A Cisco router may reload because of a software condition when running the LDP-MIB MIB. The router reloads because of a process watchdog timeout in the "SNMP ENGINE" process and logs an entry similar to the following one and logs a traceback:
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = SNMP ENGINE. %Software-forced reload
Unexpected exception, CPU signal 23, PC = 0x606F1FC4 ... Cause 00000024 (Code 0x9): Breakpoint exception
Conditions: This symptom is observed after the router ID has been changed and when Label Distribution Protocol (LDP) sessions have been added or removed.
Workaround: Do not change the router ID. If the router ID has been changed, do not run the LDP-MIB MIB.
•CSCea28471
Symptoms: A Versatile Interface Processor (VIP) may reload.
Conditions: This symptom is observed on a VIP if Multiprotocol Label Switching (MPLS), Egress NetFlow, and distributed Cisco Express Forwarding (dCEF) are configured.
Workaround: Disable dCEF or Egress NetFlow.
•CSCea28475
Symptoms: There is a mismatch between hardware and software Cisco Express Forwarding (CEF) entries. The following EXEC commands are used to identify this situation:
show ip cef prefix internal
show ip hardware-cef prefix
Conditions: This symptom is observed on Cisco 12000 series E2 line cards that are running Cisco IOS Release 12.0(22)S3 and that have about 100,000 prefixes in the routing table. The symptom is not observed in Cisco IOS Release 12.0(23)S.
Workaround: Use the clear ip route prefix EXEC command.
•CSCea28914
Symptoms: On the chassis of a Cisco 12410 Internet router with the primary clock and scheduler card (CSC) located in slot 17, use of the hw- module slot 17 shutdown EXEC command may cause a FIA-HALT on the Engine 4 (E4) and Engine 4 Plus (E4+) line cards in the router.
Conditions: This symptom is observed on a Cisco 12410 router that is running Cisco IOS Release 12.0(21)S6.
Workaround: Do not use the hw-module slot 17 shutdown EXEC command.
•CSCea32479
Symptoms: It may take a long time for a Cisco 12000 series to remove 250,000 Virtual Private Network version 4 (VPNv4) entries from an Engine 3 line card. While the router removes the VPNv4 entries, new VPNv4 entries cannot be updated on the line card.
Conditions: This symptom is observed when the router handles a large number (more than 80,000) of VPNv4 entries on its line cards and when a Border Gateway Protocol (BGP) session flaps (that is, the session remains down for a few minutes), causing the router to remove all VPNv4 entries and to repopulate these entries a few minutes later.
Workaround: There is no workaround.
•CSCea35292
Symptoms: When Multiprotocol Label Switching (MPLS) traffic or MPLS Virtual Private Network (VPN) traffic is being forwarded by a Cisco 10720 router, about 50 percent of multicast traffic will be punted to a Route Processor (RP) and forwarded by the RP. The expected behavior is that multicast traffic should be forwarded by Parallel Express Forwarding (PXF) as long as a multicast route (mroute) entry exists. If many packets are punted to the RP, and the RP queue is congested, some of the multicast traffic that is being punted to the RP will be dropped. For example, multicast traffic may be dropped from a multicast application such as video or TV broadcast.
Conditions: This symptom is observed on a Cisco 10720 router that is running Cisco IOS Release 12.0(22)S, Release 12.0(23)S1, or Release 12.0(24)S when the following conditions are met:
–The router forwards MPLS or MPLS VPN traffic and multicast traffic.
–The RP queue is congested.
Workaround: Stop the MPLS or MPLS VPN traffic.
•CSCea37882
Symptoms: It may take about 10 minutes before a Versatile Interface Processor (VIP) synchronizes with a Cisco Express Forwarding (CEF) table.
Conditions: This symptom is observed after you reload the VIP that has the Single Line Card Reload (SLCR) feature and distributed CEF (dCEF) enabled, when there are about 40,000 prefixes in the CEF table, and when Border Gateway Protocol (BGP) is in stable condition.
Workaround: Increase the interprocess communications (IPC) cache significantly; when there are about 40,000 prefixes, increase the IPC cache using the ipc cache 3000 command.
•CSCea38449
Symptoms: Frame Relay (FR) interfaces and subinterfaces may stop forwarding traffic if a packet-queueing application-specific integrated circuit (ASIC) error is detected by Cisco IOS software. Error recovery is invoked, but FR interfaces do not recover properly.
Conditions: This symptom is observed on a Cisco router that is configured with FR.
Workaround: Reload the line card.
•CSCea52787
Symptoms: A memory leak may be observed on a line card with the Multicast Distributed Switching (MDS) line card process when the ip multicast- routing global configuration command is enabled while there are tunnel interfaces configured.
Conditions: This symptom occurs when the affected line card runs out of memory because of a memory leak and the MDFS process on the line card attempts to allocate memory. This symptom occurs only when multicast routing is enabled by entering the ip multicast-routing distributed global configuration command and when a traffic engineering (TE) tunnel is configured.
Workaround: There is no workaround.
•CSCea53471
Symptoms: A Cisco 12000 series that is configured with a Performance Route Processor 1 (PRP-1) may pause indefinitely.
Conditions: This symptom is observed on a Cisco 12000 series that is configured with a PRP-1 when the configuration is being saved after it has previously received a break signal on the console. This symptom does not affect the Gigabit Route Processor (GRP).
The break signal can be received by the router when it is sent intentionally by a terminal or when it is unintentionally received as noise on the console connection. Unintentional noise may occur when a terminal or terminal server that is connected to the router is powered off or when certain terminals or personal computer terminal emulators are first connected. When the router pauses indefinitely, it must be power-cycled to be restored to a normal working condition.
Workaround: There is no good workaround. Avoid use of the send break command during a Telnet session or the use of terminal connections that send a break signal.
•CSCea54482
Symptoms: A switch fabric card (SFC) switchover may occur, cyclic redundancy check (CRC) Fabric Interface ASIC (FIA) errors may occur, and the following error message may be displayed on a Cisco 12400 series:
FABRIC-3-ERR_HANDLE Due to CRC error from slot 8, shutdown the fabric card on slot 22
Note that the slot numbers (that is, 8 and 22) are just examples.
Conditions: These symptoms are observed after a Cisco 12400 series router that is configured with one or more Engine 4 plus line cards is reloaded with a new Cisco IOS release that causes a maintenance bus (MBus) download condition and while traffic is being processed on the router.
Workaround: After the router is reloaded with the new Cisco IOS release, reload the router for a second time.
•CSCea62360
Symptoms: A Cisco 12000 series Engine 3 (E3) line card may log "EE48-2- GULF_TX_SRAM_ERROR" error messages if certain packet types are forwarded incorrectly.
Conditions: This symptom is observed on Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) routers when multicast traffic is destined for the customer edge (CE) router.
Workaround: There is no workaround.
•CSCea62745
Symptoms: The following error message may be generated often for slot 24 or 25 on a Cisco 12000 series:
%MBUS_SYS-3-NOBUFFER: Message from slot 25 in stream 0 dropped
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S5 or Release 12.0(21)S6.
Workaround: There is no workaround.
•CSCea74092
Symptoms: A router may incorrectly encapsulate packets when Multicast Distributed Switching (MDS) is enabled. This situation causes traffic to be blackholed.
Conditions: This symptom is observed on a Cisco router that is configured with MDS and that has a generic routing encapsulation (GRE) tunnel interface.
Workaround: There is no workaround.
•CSCea77271
Symptoms: Packets may be dropped by a 3-port Gigabit Ethernet line card that is installed in a Cisco 12000 series.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)ST or Release 12.0(22)S when the following conditions are met:
–Some subinterfaces are configured for Ethernet over Multiprotocol Label Switching (EoMPLS).
–Some subinterfaces are configured for IP.
–Any interface on the router is configured with an output access control list (ACL).
–A packet is received on an IP subinterface, its 802.1p VLAN priority bits are different than the IP precedence bits, and it is supposed to switch to the interface on which the output ACL is applied.
Workaround: If this is an option, remove the output ACL, or use Cisco IOS Release 12.0(23)S or a later release.
•CSCea80322
Symptoms: All ports of an Engine 0 (E0) digital service 3 (DS3) card may remain in an "up/down" condition indefinitely.
Conditions: This symptom is observed on Engine 0 (E0) DS3 cards when one of the ports receives a "yellow" alarm.
Workaround: Enter the microcode reload global configuration command to microcode reload the DS3 card.
•CSCea91692
Symptoms: On a Cisco 12000 series router that is configured with an Engine-2- based line card that carries both Multiprotocol Label Switching (MPLS) and IP traffic and that is forwarding packets to an output port (that has a committed access rate [CAR] rule configured on an Engine-0, Engine-1 or Engine-2-based output line card), the IP traffic may be dropped because of an incorrect packet switching application-specific integrated circuit (PSA) Cisco Express Forwarding (CEF) entry.
Conditions: This symptom is observed on a Cisco 12000 series that has been upgraded from Cisco IOS Release 12.0(21)S5 to Release 12.0(22)S or Release 12.0(23)S. This configuration requires that the traffic enter the router on an Engine 2 line card and leave the router on an Engine-0, Engine-1, or Engine 2-based line card that has an output CAR applied to its port.
Workaround: Remove the output CAR rule from the egress line card to restore traffic.
•CSCeb00391
Symptoms: The following error message may be displayed on a router:
%ALIGN-3-SPURIOUS: Spurious memory access made at 0x50164CDC reading 0x0
Conditions: This symptom is observed on a Cisco 12000 series.
Workaround: There is no workaround.
•CSCeb05519
Symptoms: The core router Multiprotocol Label Switching (MPLS) forwarding entry has the correct outgoing interface but has an incorrect label to use for sending traffic to the edge router. The incorrect label is identical to the label that is sent by another core router for the same prefix through another interface.
Conditions: This symptom is observed in a service provider network when the route to the prefix that has the incorrect MPLS forwarding entry is configured using a static recursive route and the specific IP address that is specified in the ip route prefix mask ip-address global configuration command is changed by topology changes to go through a different adjacent router. The incorrect outgoing Label Distribution Protocol (LDP) or Tag Distribution Protocol (TDP) label corresponds to the router that was adjacent prior to the routing change.
Workaround: To clear this condition, enter the clear ip route {network [mask] | *} EXEC command to cause MPLS to create a new forwarding entry that has the correct interface and label for the prefix.
To prevent this condition from occurring, advertise the route to the prefix in question using an Interior Gateway Protocol (IGP).
Alternate Workaround: Configure a static nonrecursive route to the prefix and IP address of the next-hop router by entering the ip route prefix mask ip-address interface-type interface-number global configuration command.
•CSCeb07559
Symptoms: A Cisco 8xOC3 Engine 2 (E2) ATM line card may generate ToFab (Toward the Fabric) Buffer Management ASIC (BMA) data errors when an output access control list (ACL) is configured on the Engine 0 card.
Conditions: This symptom is observed on a Cisco 8xOC3 E2 ATM line card that is running Cisco IOS Release 12.0(22)S3. This release of Cisco IOS software does not support ACLs on a line card with this configuration.
Workaround: There is no workaround. Disable ACLs on the 8xOC3 E2 ATM line card to prevent this symptom.
Alternate Workaround: Upgrade to Cisco IOS Release 12.0(22)S5.
Resolved Caveats—Cisco IOS Release 12.0(22)S4
Cisco IOS Release 12.0(22)S4 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S4 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.
The following information is provided for each caveat:
•Symptoms—A description of what is observed when the caveat occurs.
•Conditions—The conditions under which the caveat has been known to occur.
•Workaround—Solutions, if available, to counteract the caveat.
Basic System Services
•CSCdy74705
Symptoms: A NPE-200 network processing engine for Cisco 7200 series routers may experience memory corruption issues.
Conditions: This symptom may occur during periods of high traffic, with packet sizes greater than 1524 bytes, and may seemingly be associated with port adapter (PA) rearrangements.
Workaround: Attempt port adapter rearrangement, or upgrade to a Cisco IOS release that contains the software workaround (Release 12.0(23.03)S and later).
EXEC and Configuration Parser
•CSCdy89041
Symptoms: A memory leak of about 0.5 MB occurs in the "Pre Command NV Buffer" process.
Conditions: This symptom is observed when you connect to a Cisco 12000 series Route Processor (RP) through a vty.
Workaround: There is no workaround.
Interfaces and Bridging
•CSCdx00274
Symptoms: A single-port Fast Ethernet 100BASE-TX port adapter (PA-FE-TX) on a Cisco 7206VXR router may stop receiving burst traffic packets.
Conditions: This symptom is observed on a PA-FE-TX.
Workaround: To clear the symptom, enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the PA-FE-TX interface.
IP Routing Protocols
•CSCdy60008
Symptoms: If the interface bandwidth or delay is changed, a router may reload.
Conditions: This symptom is observed after Enhanced Interior Gateway Routing Protocol (EIGRP) is terminated via the no router eigrp as-number global configuration command or the no ip routing global configuration command, causing the EIGRP process list to be invalid.
Workaround: Reload the router after terminating EIGRP.
•CSCdz33176
Symptoms: A Cisco router that is functioning as a dedicated Border Gateway Protocol (BGP) route reflector in a network that is configured for BGP may display a message very similar to the following one on its console:
%SYS-3-CPUHOG: Task ran for 30020 msec (6/6), process = BGP Router, PC = 6080D21C.
When the message is displayed, the BGP router process causes the CPU utilization of the router to become high for one to several minutes, depending on the number of prefixes, neighbors, and updates.
Conditions: This symptom is observed when the router is running Cisco IOS Release 12.0(22)S or a later release, when it has a large number of neighbors that are configured in peer groups or update groups, when it has a large number of prefixes to send or receive, and when most of the neighbors start at the same time, or when the BGP sessions of the neighbors are reset at the same time using the clear ip bgp * EXEC command.
The symptom is also observed in the above-mentioned network topology when the client of a BGP route reflector is reset using the clear ip bgp* EXEC command.
In another network, the symptom is also observed on a Cisco router running 12.0(22)S1 using the clear ip bgp * soft EXEC command.
Workaround: Do not reset all the BGP neighbor routers at the same time that route reflectors are used in a BGP configuration.
Alternate Workaround: Use Cisco IOS Release 12.0 ST.
•CSCdz39544
Symptoms: A Cisco router may discard a Multicast Source Discovery Protocol (MSDP) type length value (TLV) prematurely.
Conditions: This symptom is observed when an MSDP encapsulated packet receives a TLV with more than one Source-Active (SA) entry count.
Workaround: There is no workaround.
•CSCdz45031
Symptoms: The distance eigrp router configuration command may not be displayed in the configuration although the configured values are applied to the routes. After reloading the router, the distance for Enhanced Interior Gateway Routing Protocol (EIGRP) routes returns to its default value.
Conditions: This symptom is observed on a Cisco router when using EIGRP between a provider edge (PE) and customer edge (CE) router in a Multiprotocol Label Switching (MPLS) environment.
Workaround: There is no workaround.
•CSCdz45760
Symptoms: A useless partial Shortest Path First (SPF) calculation may occur.
Conditions: This symptom is observed when an Open Shortest Path First (OSPF) link-state advertisement (LSA) for a 0.0.0.0 destination is refreshed.
Workaround: Use a static default route.
•CSCdz55717
Symptoms: Configuring OSPF (Open Shortest Path First) sham links in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment may cause a memory leak in the OSPF router process.
Conditions: This symptom is observed in a MPLS-VPN environment. The area [area- id] sham-link [source-address] [destination-address] cost [number] global configuration command is used and OSPF adjacency is formed over the sham-link. Each time an OSPF acknowledgment is sent over the sham-link, some memory is allocated that is never freed.
Workaround: There is no workaround.
•CSCdz58674
Symptoms: When an area border router receives type-4 link-state advertisements (LSAs) via the nonbackbone, the router may incorrectly generate type-4 LSAs into the backbone. This situation may cause a routing loop to occur.
Conditions: This symptom is observed in Cisco IOS Release 12.0(22)S or a later release or in Release 12.2(10) or a later release when the following conditions occur:
–A router (referred to as Router 1) functions as an internal router in one particular area.
–Router 1 has an interarea route to an Autonomous System Boundary Router (ASBR) through the same area.
–Router 1 is connected with another router (referred to as Router 2) in the backbone area, causing Router 1 to become an ABR.
In this situation, Router 1 generates type-4 LSAs into the backbone area for the ASBR. This situation should not occur and may lead to a routing loop.
Workaround: Reset the Open Shortest Path First (OSPF) process by entering the clear ip ospf process privileged EXEC command.
•CSCea03118
Symptoms: A provider edge (PE) router fails to advertise Border Gateway Protocol (BGP) routes to the dual customer edge (CE) routers that converge last.
Conditions: This symptom is observed only on routers that are running Cisco IOS Release 12.0(23) S1(012)) and causes compatibility issues with router convergence and update processing.
Workaround: Use Cisco IOS Release 12.0(23)S2 or a later release.
ISO CLNS
•CSCdz30118
Symptoms: On a Cisco router, Intermediate System-to-Intermediate System (IS-IS) IP version 6 (IPv6) routes may not be inserted into the IPv6 routing table after a reload or after a neighbor's interface state changes.
Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(22)S and affects only configurations with level-2-only links.
Workaround: Use the clear isis * configuration command after the reload or the topology change. Use level-1-2 links instead of level-2-only links.
•CSCdz33882
Symptoms: A Route Processor (RP) may reload.
Conditions: This symptom is observed on a Cisco 12000 series that is configured with dual RPs in Stateful Switchover (SSO) mode and that has about 200 Intermediate System-to-Intermediate System (IS-IS) neighbors when Nonstop Forwarding (NSF) is configured under the IS-IS process.
Workaround: There is no workaround.
•CSCdz61787
Symptoms: An SPF (shortest path first) loop may occur on a Cisco router.
Conditions: This symptom may be observed on a Cisco router that is running a Cisco IOS release image that does not support a fix for CSCdz61787, has "ip fast-convergence" configured and there are specific Intermediate System-to-Intermediate System (IS-IS) metrics.
The show isis spf-log EXEC command shows that the loop is triggered by BACKUPOVFL.
Following is an example of the SPF log output:
Router#
show isis spf-log
Level 2 SPF log
01:25:10 0 18 1 BACKUPOVF
01:25:00 0 18 1 BACKUPOVFL
Workaround: Remove "ip fast-convergence" from every router where it is configured by using the no ip fast-convergence EXEC command.
Alternative workaround: Adjust the IS-IS metrics.
•CSCea00846
Symptoms: After a switchover, the Intermediate System-to-Intermediate System (IS-IS) takes about 10 minutes to fully recover and to install routes in the IP routing table.
Conditions: This symptom is observed on a Cisco 12000 series configured with IS-IS. The amount of time required for the Gigabit Ethernet (GE) interface to load after a switchover is very close to the amount of time of the IS-IS adjacency timeout. The device under test (DUT) is the designated router.
Workaround: There is no workaround.
Miscellaneous
•CSCdw10770
Symptoms: A Cisco 12000 series Internet router Engine 2 line card may experience errors, including CPUHOGs, Cisco Express Forwarding (CEF) shutdown, and unexpected reloads.
Conditions: This symptom is observed on a Cisco Engine 2 line card if a route with multiple paths is received when the forwarding table already includes more than 25,000 subnets.
It is important to note that Border Gateway Protocol (BGP) routes cannot have multiple paths unless BGP multipath is specifically configured. Basic BGP best practices can ensure that there is nothing to trigger this symptom. Workarounds are available to protect the network from Interior Gateway Protocol (IGP) problems.
Workaround: The following workarounds may be tried for routers at risk from their IGP:
–Ensure that there are no more than 4000 load-balanced IGP (Open Shortest Path First [OSPF], Intermediate System-to-Intermediate System [IS-IS], Routing Information Protocol [RIP], Enhanced Interior Gateway Routing Protocol [EIGRP] routes in the routing table.
–Ensure that there are no prefixes with a mask of /11 or shorter (/1 to /11) in the IGP.
Following are a few ways to end up with short-length prefixes in the IGP:
–Summarize routes in the IGP (for example summarize routes from a non backbone area into area 0).
–Configure an interface with a short-length mask and include that interface in the IGP.
–Import such a route from another source (static, BGP).
If such a route is present in the IGP, it is recommended that it be broken up into its component /12 or longer prefix routes.
The best practices for routers with BGP implementations include the following:
–Use filters to block all routes with /1 to /7 masks at BGP peer borders.
–Use filters to prevent the routes from being advertised from outside the network.
–Use filters at the customer border to prevent the customers from advertising anything that they have not explicitly requested.
These filters can be found at the following URL:
http://www.cisco.com/public/cons/isp/security/T-ip-prefix-filter-ingress-loose- check.txt
•CSCdy22744
Symptoms: The fix for CSCdx47695 that was integrated into Cisco IOS Release 12.0(21)S3 introduced a throttling mechanism that may be used when the physical layer interface module (PLIM) is congested. The throttling mechanism prevents interfaces or a bundle, or both, from flapping when bidirectional traffic with small packets is sent through either a 6-port channelized T3 line card or a 2-port channelized OC-3/STM-1 (DS1/E1) line card.
The throttling mechanism produces a severe performance impact, although no link flaps occur.
Conditions: This symptom is observed on a Cisco 12000 series router.
Workaround: There is no workaround. The fix for this caveat consists of a knob for the throttling.
•CSCdy37606
Symptoms: A Cisco 12000 series may generate the following message:
%LINK-3-TOOSMALL: Interface POS3/0, Output runt packet of 0 bytes
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S5, when an error occurs on an Engine 2 line card and when both sampled NetFlow and Multiprotocol Label Switching (MPLS) are enabled.
Workaround: Disable sampled NetFlow. Note that this workaround affects service because disabling sampled NetFlow causes Cisco Express Forwarding (CEF) to reload on the line card.
•CSCdy42383
Symptoms: A Cisco 12416 router, that is running Cisco IOS Release 12.0(21)ST2 does not load-balance traffic properly between two OC-48 packet-over-SONET (POS) interfaces (Engine 2 line cards).
Conditions: It has been observed that when a Cisco 12000 series Internet router has incoming traffic from an Engine 4 card and outgoing traffic toward Engine 2 parallel links, load balancing does not work properly. The symptom does not seem to occur when the incoming card has been changed to an Engine 2 card.
Workaround: There is no workaround.
•CSCdy46676
Symptoms: Performance degradation may occur on an Engine 4 plus line card when traffic engineering (TE) tunnel load balancing is enabled.
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.3)S.
Workaround: There is no workaround.
•CSCdy56799
Symptoms: Spurious access errors may occur on a Cisco 7500 series router.
Conditions: This symptom is observed on Cisco 7500 series that is configured with distributed Cisco Express Forwarding (dCEF) and Web Cache Communication Protocol (WCCP).
Workaround: Disable dCEF on the interfaces that face the web cache engines where the spurious access errors occur so that incoming WCCP generic routing encapsulation (GRE) packets are punted to the route processor and CEF-switched.
For more information about spurious access errors, see the Cisco document at the following location: http://www.cisco.com/warp/public/63/spuraccess.html.
•CSCdy59895
Symptoms: Traffic is not sent through a network when an Asynchronous Transfer Mode (ATM) link is used between a Cisco customer edge (CE) router and a Cisco provider edge (PE) router.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S.
Workaround: There is no workaround.
•CSCdy61223
Symptoms: When an input access control list (ACL) is configured and multiple broadcast Address Resolution Protocol (ARP) requests are received, packet loss and performance degradation may occur because of a "format error" that is reported in the output of the show ip traffic EXEC command.
Conditions: This symptom is observed when NetFlow is enabled on an interface of a 1-port Gigabit Ethernet line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S or Release 12.0(22)S.
Workaround: Although the condition is triggered by multiple broadcast ARP requests, it only occurs if NetFlow, input ACLs, and ACL hardware checking are configured. Disabling any of these features will prevent the condition from occurring. For example, to remove the ACL hardware checking on the 1-port Gigabit Ethernet line card, enter the no access-list hardware salsa command.
•CSCdy67945
Symptoms: When the loopback remote line interface configuration command is executed on a 6-port channelized T3 line card, the command may fail and may cause a T1 connection to flap.
Conditions: This symptom is observed on both American National Standards Institute (ANSI) and Bell Communications Research (Bellcore) loopbacks on networks that are sensitive to T1 framing errors.
When the loopback remote line configuration command is executed, the line card causes a brief change of frame alignment (COFA) error. Normally, this error goes unnoticed. However, some devices react to these errors with an alarm indication signal (AIS). Each time the loopback request is initiated (if the T1 connection is configured for remote loopbacks each time the T1 connection comes up), the AIS brings down the T1 connection.
The actual commands would be as follows:
t1 1 loopback remote line fdl ansi
t1 1 loopback remote line fdl bellcore
Workaround: There is no workaround.
•CSCdy87260
Symptoms: The configuration synchronization on a standby Route Processor (RP) may fail if the break signal is sent twice.
Conditions: This symptom is observed on a Cisco 12000 series that has dual RPs and that has the Route Processor Redundancy Plus (RPR+) feature enabled. This symptom occurs only if the user sends the break signal twice on the standby RP.
Workaround: There is no workaround.
•CSCdz12745
Symptoms: When a Cisco 12000 series Engine 2 Packet-over-SONET (POS) line card collects statistics for locally assigned Multiple Protocol Label Switching (MPLS) label entries, it may lose the outgoing label entries for the associated prefixes. All the prefixes show up as untagged, and it may be difficult or impossible to reach the prefixes.
Conditions: This symptom is observed on a Cisco 12000 series Engine 2 POS line card.
Workaround: To recover from the situation, reset the line card.
•CSCdz16897
Symptoms: The Path Remote Defect Indication (PRDI) may not be handled properly during an Automatic Protection Switching (APS) switchover. This situation does not affect service.
Conditions: This symptom is observed on a Cisco 10000 series OC-12 ATM line card when an APS switchover occurs because of poor line quality.
Workaround: There is no workaround.
•CSCdz18497
Symptoms: A router may loop indefinitely when a Simple Network Management Protocol (SNMP) walk is performed against certain objects. (Examples of these objects are ifDescr, ifMTU, and ifInOctets.) The SNMP walk will not cycle if a specific interface is specified, such as ifDescr.1.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S2. This symptom occurs only in a situation where Multilink Frame Relay (MFR) interfaces are configured.
Workaround: Reload the router.
•CSCdz19320
Symptoms: A Cisco 12000 series Engine 4 plus line card may reload after a forced switchover.
Conditions: This symptom is observed when Stateful Switchover (SSO) is configured and the line card is switching multicast traffic.
Workaround: There is no workaround.
•CSCdz22591
Symptoms: Resource Reservation Protocol (RSVP) hello may incorrectly declare lost communications with a neighbor, and fast reroute may be triggered.
Conditions: This symptom is observed when RSVP is configured on a Packet over SONET (POS) interface with a hello interval of 60 milliseconds or less on a Cisco router that is running Cisco IOS Release 12.0(24)S. This symptom does not exist when hello is configured on an Ethernet interface.
Workaround: Configure hello intervals longer than 60 milliseconds.
•CSCdz25228
Symptoms: An Engine 2 (E2) line card may reload after it reboots.
Conditions: This symptom is observed on the E2 line card of a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S. The E2 line card is configured with 128 line access control list (ACLs), Virtual Private Network (VPN), and has Frame Relay configured on one of the interfaces.
Workaround: There is no workaround.
•CSCdz32724
A line card that is facing the core of a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) may generate packet switch application-specific integrated circuit (ASIC) (PSA) error messages and may stop sending traffic to the core of the network. The following output may be observed when the show interface gigabit ethernet interface EXEC command is entered.
%LC-3-PSAERRS: PSA PSA_CPU_GS_INT error 4
%LC-3-PSAERR: PSA error: if_err 0 adr FC00002C c md 5 data 0 pipe 0,fs 0,prep 0 (pc 1EC),pop 0 (pc 19F),plu 0,tlu 0,plu sdram 0 a dr 0 synd 0 check 4D00,tlu sdram 0 adr 0 synd 0 check 0,ssdram 0 adr 0,gather 0, pl 1822D92,plmuxcnts 61, pludefpsr 22000, plupsr 22000, pludsr 0
Conditions: These symptoms are observed on a Cisco 12000 series 3-port Gigabit Ethernet line card when the line card flaps.
Workaround: There is no workaround.
•CSCdz32988
Symptoms: The CPU on a Cisco 7500 series Versatile Interface Processor (VIP) or on a Cisco 12000 series line card may persistently show very high utilization (99 percent) reported against the "TAG Stats Background" process, as is displayed in the output of the show processes cpu EXEC command:
CPU utilization for five seconds: 100%/1%; one minute: 99%; five minutes: 99% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 53 31226460 603427 51748 98.39% 98.60% 97.08% 0 TAG Stats Backgr
This situation does not directly impact the router operation because the "TAG Stats Background" process is a low priority process. However, the show mpls forwarding-table EXEC command does not provide accurate counters when this situation occurs.
Conditions: This symptom, which is a rare race condition, may occur when parallel paths are configured.
Workaround: Enter the no tag ip aggregate hidden command on the route processor. Note that doing so will prevent the counters of the show mpls forwarding-table EXEC command from being updated.
To restore normal VIP or line card operation, reload microcode onto the affected VIP or line card.
•CSCdz36445
Symptoms: Traffic does not resume after a Cisco 12000 series Internet router has reloaded.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(24)S in an IP version 6 (IPv6) environment and that is configured with Engine 3 line cards.
Workaround: There is no workaround.
•CSCdz37228
Symptoms: Memory fragmentation may occur on Cisco routers with the MAC accounting feature enabled.
Conditions: This symptom may be observed on Cisco 12000 series Internet routers with the MAC accounting feature enabled that are under DOS attack.
Workaround: Disable the MAC accounting feature.
•CSCdz37875
Symptoms: Traceback messages may be displayed in the log file of a router.
Conditions: This symptom is observed on the OC-3 Packet over SONET (POS) line card of a Cisco 10000 series that is running Cisco IOS Release 12.0(22)S.
Workaround: There is no workaround.
•CSCdz42976
Symptoms: Open Shortest Path First (OSPF) or Intermediate System-to-Intermediate System (IS-IS) protocol adjacencies may be incomplete.
Conditions: This symptom is observed on a Cisco router after it is loaded with Cisco IOS Release 12.0(21)ST5. This symptom may affect connectivity across Engine 2 (E2) interfaces.
Workaround: There is no workaround.
•CSCdz46604
Symptoms: Multilink adjacencies may show up as invalid.
Conditions: This symptom is observed on the Engine 3 (E3) Quad OC-12 line card of a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0 (21)S3. It may not be possible to clear this symptom by entering the clear cef linecard EXEC command or by reloading the microcode on the line card.
Workaround: There is no workaround.
•CSCdz47189
Symptoms: An Engine 3 (E3) 4-port OC-12 (4xOC-12) or Engine 3 OC-48 Packet over SONET (POS) line card may reload and generate traceback messages.
Conditions: This symptom is observed when the gsr-p-mz image of Cisco IOS Release 12.0(24)S is loaded on a Cisco 12406 router in an Autonomous System Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) of an IP version 4 (IPv4) Border Gateway Protocol (BGP) label distribution environment. TheE3 4xOC-12 line card may be operating either in the channelized mode or the POS mode.
Workaround: No workaround is necessary as the line cards will recover without user intervention.
•CSCdz48235
Symptoms: A Cisco 12000 series Internet router may reload because of a bus error.
Conditions: This symptom is observed on a Cisco 12000 series that has dual Gigabit Route Processors (GRP) and that is operating in the Route Processor Redundancy (RPR) mode. This symptom is observed after the Cisco 12000 series is upgraded to Cisco IOS Release 12.0(23)S.
Workaround: There is no workaround.
•CSCdz49243
Symptoms: Multiprotocol Label Switching (MPLS) traffic engineering (TE) Fast Reroute (FRR) may lose all tag labels from a line card.
Conditions: This symptom is observed on a Cisco 12000 series Internet router when the primary tunnel router is reloaded.
Workaround: Power cycle the Cisco 12000 series Internet router.
Alternate workaround: Reload the line card.
•CSCdz53850
Symptoms: A standby Route Processor (RP) may reload.
Conditions: This symptom is observed on the standby RP of a dual RP Cisco 12000 series Internet router when a line card on the Cisco 12000 series or a neighboring router is reloaded. This symptom occurs when a line card has a large number of encapsulation entries (3000 entries).
Workaround: There is no workaround.
•CSCdz54539
Symptoms: An Engine 4 plus line card that is installed in a Cisco 12400 series may be reset by the Route Processor (RP) because of interprocess communication (IPC) failures. The following errors may be displayed:
%CPUIF-3-NO_MEM: sendreq_freeq is NULL.
%MDS-2-LC_FAILED_IPC_ACK: RP failed in getting Ack for IPC message of size 148 to LC in slot 3 with sequence 58638, error = timeout
%FIB-3-FIBDISABLE: Fatal error, slot 3: IPC Failure: timeout
%GRP-4-RSTSLOT: Resetting the card in the slot: 3,Event: EV_AUTO_LC_RELOAD_ON_FIBDISABLE ]
Conditions: These symptoms are observed when route flapping occurs; route flapping may generate a high volume of IPC traffic.
Workaround: There is no workaround.
•CSCdz55944
Symptoms: Switch fabric cards (SFCs) may fail on a Cisco 12410 router.
Conditions: This symptom is observed when there is an upgrade to a Cisco IOS release.
Workaround: There is no workaround.
•CSCdz55995
Symptoms: When a parity error occurs on an Engine 4/4P line card, the packet and byte counters may not be accurate.
Conditions: This symptom is observed on a Cisco 12000 series Internet router.
Workaround: There is no workaround.
•CSCdz56792
Symptoms: A Cisco 12000 series 4-port OC-12 ATM line card that is configured for the Carrier Supporting Carrier (CSC) feature may reset or report an error.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(22)S3 and that is functioning as a customer carrier customer edge (CE) router. This symptom occurs after entering the no mpls ip global configuration command followed by the mpls ip global configuration command.
Workaround: There is no workaround.
•CSCdz57007
Symptoms: When NetFlow is enabled after configuring distributed switching, and traffic passes, a Versatile Interface Processor (VIP) may reload.
Conditions: This symptom is observed on a Cisco 7500 series router that functions in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) environment.
Workaround: There is no workaround.
•CSCdz60229
Symptoms: Cisco devices which run IOS software and contain support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet directed at the affected device can cause a reload of the device. No authentication is necessary for the packet to be received by the affected device. The SSH server in Cisco IOS is disabled by default.
Conditions: This symptom is observed on all Cisco devices running IOS and containing support for the Secure Shell (SSH) server.
Workaround: Cisco will be making free software available to correct the problem as soon as possible.
The malformed packets can be generated using the SSHredder test suite from Rapid7, Inc. Workarounds are available. The Cisco PSIRT is not aware of any malicious exploitation of this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/ssh-packet- suite-vuln.shtml.
•CSCdz69362
Symptoms: The tag forwarding counter may no longer function when parity errors occur on an Engine 4 plus (E4+)line card.
Conditions: This symptom is observed on a Cisco 12000 series Internet router.
Workaround: There is no workaround.
•CSCdz71662
Symptoms: A router may fail because of a bus error.
Conditions: This symptom is observed if the show environment all EXEC command or the show environment internals EXEC command is entered while an online insertion and removal (OIR) procedure is in process.
Workaround: Do not enter the show environment all EXEC command or the show environment internals EXEC command while an OIR is in progress.
•CSCdz73799
Symptoms: A traceback condition exists on an Engine 2 (E2) line card of a Cisco 12000 series Internet router with VPN Routing and Forwarding (VRF) configured on a regular Frame Relay (FR) packet-over-SONET (POS) interface.
Conditions: This symptom is observed on the E2 line card of a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)ST5. With VRF configured on the same interface, traceback starts to show. It also becomes impossible to ping on this interface, and injecting traffic to this interface (FR sub VRF) causes a permanent pause.
Workaround: There is no workaround.
•CSCdz74588
Symptoms: Traffic on a load-sharing path may be switched to the wrong destination or dropped altogether.
Conditions: This symptom is observed when a Cisco 12000 series Engine 4 (E4) line card is on the ingress side, there is a load-sharing path or multiple paths on the egress side, and a hidden class of service (CoS) global configuration command is configured on the router.
Workaround: Remove the extra load-sharing paths, and make it one single outgoing path.
•CSCdz74925
Symptoms: A 4-port OC-48 Packet-over-SONET (POS) Engine 4 plus (E4+) line card may stop forwarding traffic after you have reloaded microcode onto the line card.
Conditions: This symptom is observed on a Cisco 12000 series that is running the gsr-p-mz image of Cisco IOS Release 12.0(24)S and that is functioning as a provider edge (PE) router in a carrier supporting carrier configuration when the 4-port OC-48 POS E4+ line card interconnects the Cisco 12000 series and a customer edge (CE) router.
Workaround: Enter the clear ip bgp privileged EXEC command on the Cisco 12000 series.
•CSCdz85922
Symptoms: A Cisco 7500 series router or a Cisco 12000 Internet series router could experience a reload of either the Versatile Interface Processor (VIP) or the line card with the following message:
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = TFIB Stats Background
Conditions: Cisco IOS releases with the fix for the caveat CSCdz32988 may show these symptoms. These symptoms affect only platforms that perform distributed Multiprotocol Label Switching (MPLS) forwarding. Cisco IOS releases that may contain this symptom include 12.0(21)S, 12.0(22)S, 12.0(23)S, 12.1 and its derivatives and 12.2 mainline. Cisco IOS releases 12.2 T and the latest 12.0 S software are not susceptible to this symptom.
Workaround: Disable the stats aggregation using the no tag aggregate hidden command.
•CSCdz88744
Symptoms: A Gigabit Ethernet Engine 2 (E2) or an Engine 4 plus (E4+) line card may reload when an online insertion and removal (OIR) of the Clock and Scheduler Card (CSC) is performed.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0 S.
Workaround: There is no workaround.
•CSCea00096
Symptoms: Packet throttling is activated because of congestion, even when not configured as shown by the following error message:
%LC_CX3-4-THROTTLE: Packet throttling activated due to congestion
Conditions: This symptom is observed on a Cisco 12416 router that is configured with 200 Border Gateway Protocol (BGP) peers containing three 6xCT3 line cards, each configured with an even distribution of ~1500 frame relay subinterfaces.
Workaround: There is no workaround.
•CSCea00954
Symptoms: IP Multicast hardware counter memory is not freed on an Engine 4/4Plus line card after multicast routes are cleared from the routing table.
Conditions: This only occurs when the Engine 4/4Plus line card runs out of mtrie node memory, for example when the routes in the router are more than the line card can handle.
Workaround: There is no workaround.
•CSCea01869
Symptoms: If a 3-port Gigabit Ethernet (GE) Engine 2 (E2) line card is configured for dot1q VLAN operation and an inbound access control list (ACL) is applied to the main interface, the line card will be paused by the Gigabit Route Processor (GRP), reporting Fabric Unicast timeout errors. Note that 3-port GE E2 line cards do not support per subinterface ACL processing.
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(24)S or a later release with both normal and extended ACLs. The line card will continue to pause until the ACL is either removed from the interface configuration or ACL is removed from the configuration using the no access- list access-list-number global configuration command.
Workaround: There is no workaround.
•CSCea04669
Symptoms: When resetting the secondary gigabit route processor (GRP) with the break key on a Cisco 12000 series dual-RP (route processor) router, the primary GRP pauses, then permanently pauses on watchdog timeout:
Jan 30 00:11:15.216 PST:
%SYS-2-WATCHDOG: Process aborted on watchdog timeout
process = Fabric ping
Conditions: This symptom occurs regardless of the redundancy mode (Route Processor Redundancy [RPR], Route Processor Redundancy Plus [RPR+], or Stateful Switchover [SSO]) and may impact the process of replacing a defective slave GRP hardware.
Workaround: There is no workaround.
•CSCea04762
Symptoms: Some export packets sent from an Engine 4+ (E4+) line card are not received by the NetFlow collector.
Conditions: This condition is observed on the E4+ line card when the export packets are exported out of a traffic engineering (TE) or tag interface and the router is running Cisco IOS Release 12.0(22)S2.
Workaround: Export the packets out of the non-TE or non-tag interface. This means that export packets must be sent out as IP packets from the E4+ line card.
•CSCea12157
Symptoms: The following error message may be observed on a line card:
%SLOT n: .... : %LC-3-ERRRECOVER: Corrected a transient error on line card.
This error may be observed even though an actual hardware error has not occurred on the line card. If a hardware error does occur, it will generate additional error messages to identify the source of the hardware error in addition to the error message listed above.
Conditions: This symptom may be observed on a Cisco Engine 0 line card when a feature that requires a micro code change is configured.
Workaround: There is no workaround. Ignore the error message.
•CSCea16176
Symptoms: On a Cisco 12000 series Internet router line card, the fabric error reporting message is not being turned on after system startup.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S6, 12.0(21)ST6, or 12.0(23)S2.
Workaround: Physically remove and insert the backup Clock Scheduler Card (CSC) or any Switch Fabric Card (SFC). This will re enable the line card error reporting mechanism.
Alternate workaround: Enter the hw-module shutdown EXEC command on the backup CSC or on any SFC. This will also re enable the line card error reporting mechanism.
•CSCea22288
Symptoms: An Engine 3 (E3) line card that connects a provider edge (PE) router and a customer edge (CE) router, both of which are running the Carrier Supporting Carrier feature with IPV4 BGP labels, may stop forwarding traffic.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S, that is functioning as a PE router, and that is running the Carrier Supporting Carrier feature when the microcode is reloaded on one of the multiple line cards that connects the PE router to a provider (P) router.
Workaround: Traffic will resume after performing a micro reload on the E3 line card.
•CSCea23437
Symptoms: A standby Route Processor (RP) fails to become active after the "test crash" on an active RP.
Conditions: This symptom is observed on a Cisco 12000 series Internet router that has two RPs with Route Processor Redundancy (RPR), RPR+, or Stateful Switchover (SSO) mode.
Workaround: Reload the router.
TCP/IP Host-Mode Services
•CSCdy57048
Symptoms: TCP transmit packets that are sent from a router in some configurations may be corrupted. This behavior may cause a TCP session to pause indefinitely in one direction.
Conditions: These symptoms are observed with protocols that use TCP transport (Border Gateway Protocol [BGP] and Telnet are known to be affected). Configurations that may exhibit these symptoms include interfaces that are configured with Multiprotocol Label Switching (MPLS) or Multilink PPP (MLP) encapsulation.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(22)S3
Cisco IOS Release 12.0(22)S3 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S3 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.
The following information is provided for each caveat:
Symptoms—A description of what is observed when the caveat occurs.
Conditions—The conditions under which the caveat has been known to occur.
Workaround—Solutions, if available, to counteract the caveat.
•CSCdv51360
Symptoms A data-link switching (DLSw) peer may be stuck in the "AB_PEND" state and a TCP session may be stuck in the "SYNSENT" state after an IP outage occurs between two DLSw routers.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.1(3)T.
Workaround Use the show tcp brief EXEC command to determine the Transmission Control Block (TCB) of the hung TCP session. Enter the clear tcp tcb address privileged EXEC command to clear the TCB of the hung TCP session. The DLSw peers will reconnect as long as there is IP connectivity between the DLSw peers.
•CSCdw01726
Symptoms A Simple Network Management Protocol version 3 (SNMPv3) user configuration is changed when a router is reloaded.
Conditions This symptom is observed when an SNMPv3 user is created using message digest 5 (MD5) authentication by entering the following commands:
Router#
snmp group groupy v3 auth
Router#
snmp user abcdefghij groupy v3 auth md5 abcdefghijThe engine ID is then changed by entering the following command:
snmp-server engineID local 00000009020000024B0008FE
An SNMP walk is performed by entering the following command, the configuration is saved, and the router is reloaded.
Router#
snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l AuthNoPriv device-nameThe SNMP walk is successful and the following debug header output is displayed when the debug snmp EXEC command is entered:
Incoming SNMP packet: v3 packet security model: v3 security level: auth username: abcdefghij
The router is reloaded and a second SNMP walk is performed by entering the following command:
Router#
snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l AuthNoPriv device-nameAfter the second SNMP walk is performed, the command does not generate any output and the following debug header output is displayed when the debug snmp EXEC command is entered:
Incoming SNMP packet: v3 packet security model: v3 security level: noauth : username: abcdefghij
Workaround Do not change the default engine identity (ID).
•CSCdw16580
Symptoms On a router that is configured as a provider edge (PE) router with multiple Virtual Private Network (VPN) routing/forwarding (VRF) instances, the VRF routing table may not be imported to the same PE router when routes are imported between the VRFs even when the PE router is displayed on the Border Gateway Protocol (BGP) VPN4 table.
Conditions This symptom is observed on a PE router in a Multiprotocol Label Switching (MPLS) and VPN environment.
Workaround There is no workaround.
•CSCdx32611
Symptoms After you detach an interface from a Virtual Private Network (VPN) routing/forwarding (VRF) instance using the no ip vrf forwarding vrf-name command, the adjacency information that is associated with the removed interface still shows up in the VRF table.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdx73857
Symptoms A router may fail to warn you that a policy map oversubscribes link bandwidth.
Conditions This symptom is observed when you use nested policies on Frame Relay or Gigabit Ethernet interfaces and the sum of the shape rate of all permanent virtual circuits (PVCs) or VLANs is greater than the interface bandwidth of the Frame Relay or Gigabit Ethernet interfaces.
Workaround Enter the show policy-map interface EXEC command to ensure that the policy map is successfully applied.
•CSCdx87577
Symptoms Memory allocation failures occur on a Cisco router that has authentication, authorization, and accounting (AAA) configured, and "%SYS-2- MALLOCFAIL" messages are displayed. When you enter the show memory summary command, the command output shows that many small blocks are used by the AAA processes.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(15)S3.
Workaround There is no workaround.
•CSCdx87818
Symptoms The following error message may be displayed on a router when a Cisco IOS software upgrade is performed:
%SYS-6-STACKLOW: Stack for process ATM PA Helper running low, 0/3000
Conditions This symptom is observed on a Cisco 7500 series router when you upgrade from Cisco IOS Release 12.0(7)T to Release 12.1(14).
Workaround There is no workaround.
•CSCdx94479
Symptoms The convergence time after four Stateful Switchovers (SSOs) on a Cisco 10000 series edge services router is 11 seconds but should never be longer than 10 seconds.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdy02248
Symptoms A standby Route Processor (RP) may reload.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(22.1)S when a microcode reload occurs after Border Gateway Protocol (BGP) peers come up accompanied by high CPU utilization.
Workaround There is no workaround.
•CSCdy27414
Symptoms An interface of a Cisco 10000 series channelized T3 (CT3) line card may not dequeue packets. When the link on a CT3 card flaps, one or more interfaces may not recover. The output queue of the interface may become full with PPP/High-Level Data Link Control (HDLC) packets and may stay in the "Up/Down" state.
Conditions These symptoms are observed when a chip of a third-party vendor on a Cisco 10000 series CT3 line card is defective.
Workaround There is no workaround; return the CT3 line card for repair.
The fix for this caveat adds a software procedure that periodically checks if the pointers that link the partial packet buffer RAM blocks are becoming corrupted. When a corrupted pointer is detected, the associated interface is removed and then replaced, which may cause the interface to be incapable of transmitting traffic for up to 10 seconds. When this condition is detected and repaired, a message is logged to the Route Processor and the line card log to notify the user.
•CSCdy34113
Symptoms A Cisco 7500 series router may reload at a packet enqueue utility.
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S when all of the following conditions are met:
–A Frame Relay (FR) link is configured on a Versatile Interface Processor (VIP) interface.
–Frame Relay Traffic Shaping (FRTS) is enabled for FR circuits via the map-class frame-relay global configuration command, and distributed traffic shaping is not enabled on the Route Switch Processor (RSP).
–You deencapsulate the interface by using the no encapsulation frame-relay interface configuration command, and you unconfigure the interface by entering the no map-class frame-relay global configuration command.
–While you unconfigure FRTS, FR encapsulation occurs, and the traffic load is still high so that the shaping function is activated and outbound packets on per-virtual circuit (VC) queues are throttled.
Workaround Avoid the situation in which all of the above-mentioned conditions take place concurrently. For example, when an FR link is configured on a VIP interface and you require traffic shaping, use distributed FRTS, or unconfigure FRTS while user traffic is low so as not to activate the shaping function.
•CSCdy38681
Symptoms A 1-port ATM Enhanced OC12/STM4 port adapter (PA-A3-OC12) that is configured with multiple Low Latency Queueing (LLQ) streams that are running near peak cell rate (PCR) may drop packets. The output of the show interfaces command displays that packets are sent out but no packets are coming in. Input or output packet drops are not displayed.
Conditions This symptom is observed during a test on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S.
Temporary Workaround Enter the clear interface type number EXEC command each time the symptom occurs.
•CSCdy43435
Symptoms Virtual Private Network routing/forwarding (VRF) does not function properly on a Frame Relay link between a provider edge (PE) router and a customer edge (CE) router, and the CE router cannot ping the PE router.
Conditions These symptoms are observed on a Frame Relay link between a Cisco 10000 series router that is functioning as a PE router and another Cisco 10000 series router that is functioning as a CE router.
Workaround Reload the PE router to make the link between the PE router and the CE router function.
•CSCdy47631
Symptoms Virtual Private Network version 4 (VPNv4) packet switch ASIC (PSA) traffic may be punted to a line card, which causes a CPU spike and Interior Gateway Protocol (IGP) instability.
Conditions This symptom is observed in a Multiprotocol Label Switching (MPLS) VPN in which a Cisco 12000 series router is configured as a provider edge (PE) router, a Gigabit Ethernet link connects the customer edge (CE) router to the PE router, and the PE to provider (P) link is an Engine 2 line card. The following is also observed on the PE-P line card:
–For traffic that is destined for an IP address for which the Cisco Express Forwarding (CEF) adjacency is an Ethernet MAC address and the Address Resolution Protocol (ARP) cache is either empty or "incomplete" for the destination, IP address traffic is punted to the ingress line card CPU, which tries to resolve the adjacency or drops the traffic.
–Line card CPU utilization has been observed to spike to 99 percent when the MAC address is "incomplete" and traffic is being received for the IP address. This situation may cause IGP neighbors to be lost and cause fabric unicast timeouts, which may cause the line card to fail. This symptom occurs when a traffic stream that is destined to a prefix that is either directly connected or resolved via an IP address has an incomplete MAC address.
This caveat addresses the IGP instability. For more information about this symptom, see CSCdy31765.
Workaround There is no workaround.
•CSCdy51151
Symptoms When a Cisco 12000 series Engine 3 line card receives a tag packet with an IP version 4 (IPv4) packet that has options underneath it or with a non-IPv4 packet such as an IP version 6 (IPv6) packet, the packet may be send to the line card CPU for processing.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)ST2.
Workaround There is no workaround.
•CSCdy51498
Symptoms A 1-port ATM Enhanced OC12/STM4 port adapter (PA-A3-OC12) that is configured with multiple Low Latency Queueing (LLQ) streams that are running near peak cell rate (PCR) may drop packets. The output of the show interfaces command displays that packets are sent out but that no packets are coming in. Input or output packet drops are not displayed.
Conditions This symptom is observed during a test on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22)S.
Temporary Workaround Enter the clear interface type number EXEC command each time the symptom occurs.
•CSCdy55441
Symptoms If a 128-line input access control list (ACL) is configured on an Engine 2 Quad OC-12 line card that has interfaces configured for Virtual Private Network (VPN) and one subinterface for Frame Relay, the line card may reload.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S.
Workaround There is no workaround.
•CSCdy68292
Symptoms The following error messages may be generated on a Cisco 12000 series Engine 4 plus (E4+) OC-192 line card:
SLOT 6: %RX192-3-HINTR: status = 0x4000000, mask = 0x7EFFFF FF - Parity error on rx_pbc_mem.
-Traceback= 4039CEF0 4044ECEC 400C85B0
SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7
-Process= "CEF IPC Background", ipl= 7, pid= 52
-Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108
SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7
-Process= "CEF IPC Background", ipl= 7, pid= 52
-Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108Cisco Express Forwarding (CEF) on the E4+ OC-192 line card may become disabled, and the associated port stays in an "Up/Up" state.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-k4p-mz image of Cisco IOS Release 12.0(21)S3 or the gsr-p-mz image of Cisco IOS Release 12.0(21)ST2.
Workaround Enter the microcode reload slot-number global configuration command on the E4+ OC-192 line card.
•CSCdy75434
Symptoms A line card in a provider edge (PE) router that is running IP version 6 (IPv6) in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) or in any connected router may reload because of a fabric ping failure, and the following error message may be generated:
%FIB-3-FIBDISABLE: Fatal error, slot 1: IPC Failure: timeout
%GRP-3-COREDUMP: Core dump incident on slot 1, error: Fabric ping failure (seq:3279)
%GRP-4-RSTSLOT: Resetting the card in the slot: 1,Event: EV_LC_E4_CORE_DUMP_DECLINE_DUPConditions This symptom is observed on a Cisco 12000 series router that functions as a 6PE router or on any connected router when an IPv6 default route is removed from another 6PE router and traffic is flowing through the IPv6 default route while the route update following the route removal is being processed. When the IPv6 default route is removed, one or more line cards may reload on any router that receives the route update.
Workaround There is no workaround.
•CSCdy78371
Symptoms An Engine 2 Quad OC-12 line card that has interfaces configured for Virtual Private Network (VPN) and that has a Frame Relay subinterface may reload.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22.4)S1 when a microcode bundle is configured and loaded onto the Engine 2 Quad OC-12 line card.
Workaround There is no workaround.
•CSCdy78808
Symptoms An Engine 2 line card may generate "QM-4-STUCK" messages and may stop forwarding traffic.
Conditions This symptom is observed on a Cisco 12000 series router when an adjacent router is booted up.
Workaround Reload microcode onto the Engine 2 line card.
•CSCdy78970
Symptoms A Cisco 12000 series Engine 2 line card may generate the following error messages:
SLOT 14: %LCPOS-3-SOP: TX:BadLenCtr. Source=0x1 (Plim), halt_minor0=0x8001 (1000 0000 0000 00sl, s/l=TooShort/long)
SLOT 14: %GSR-3-INTPROC: Process Traceback= 400CCE60 400C90F0 40010A24
-Traceback= 4033F424 4044ED54 400C88B0Conditions This symptom is observed when you remove and reinsert switch fabric on a Cisco 12000 series router while traffic is flowing.
Workaround There is no workaround.
•CSCdy80690
Symptoms A traceback may occur on a Cisco 10000 series router during a postrouter check.
Conditions This symptom is observed during a test of a 1-port channelized OC-12 line card when data is sent across an Add-Drop Multiplexor (ADM).
Workaround There is no workaround.
•CSCdy81098
Symptoms A Cisco router may reload when a Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel interface changes to the "Up" state.
Conditions This symptom is observed when load-balanced Interior Gateway Protocol (IGP) paths are configured.
Workaround There is no workaround.
•CSCdy81738
Symptoms The routes in a Cisco Express Forwarding (CEF) table may be mismatched between the Gigabit Route Processor (GRP) and the line cards. You can clear the mismatch by entering the clear cef linecard EXEC command, but if the routes are relearned, the situation will reoccur.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S4 or Release 12.0(22)S when an access control list (ACL) is configured to deny Simple Network Management Protocol (SNMP) packets.
Workaround Disable the ACL that denies the SNMP packets.
Alternate Workaround Run Cisco IOS Release 12.0(21)S3.
•CSCdy86210
Symptoms NetFLow stops functioning after an online insertion and removal (OIR) of a switch fabric card (SFC).
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround Disable and reenable the ip route-cache flow sampled interface configuration command.
•CSCdy89001
Symptoms An Engine 4 Packet-over-SONET (POS) line card reloads.
Conditions This symptom is observed on an Engine 4 Packet-over-SONET (POS) line card in a Cisco 12000 series Internet router during several online insertion and removal (OIR) procedures on a Clock Scheduler Card (CSC).
Workaround There is no workaround.
•CSCdy89663
Symptoms A Cisco 12000 series router may reload when an interface flaps.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S during multicast traffic.
Workaround There is no workaround.
•CSCdz00085
Symptoms A Cisco router that is functioning as a provider edge (PE) router may install an outgoing point of presence (POP) label instead of an outgoing aggregate label for a connected Virtual Private Network (VPN) routing/forwarding (VRF) route.
Conditions This symptom is observed in a carrier supporting carriers topology with a Cisco router that is running Cisco IOS Release 12.2(12.10)T1 and that is functioning as a PE router.
Temporary Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration on the VRF interface until the symptom occurs again.
Alternate Temporary Workaround Reload the router. However, after having done so, when you enter the shutdown interface configuration command followed by the no shutdown interface configuration on the VRF interface the symptom will occur again.
•CSCdz06149
Symptoms When an input access control list (ACL) is configured and the ip unreachables interface configuration command is enabled (which is enabled by default) on an interface, a low rate of packet leakage occurs for those packets that are dropped by the ACL. The rate is the same or less than the expected rate of Internet Control Message Protocol (ICMP) unreachable packets that are sent back to the source. The leak occurs only for IP packets (without the IP Header [L3] option) that have a size that is smaller than 56 bytes.
Conditions This symptom is observed in Cisco IOS Release 12.0 S on a Cisco 12000 series 4-port OC-48c/STM-16c Packet-over-SONET Enhanced Services line card and on a Cisco 12000 series 1-port OC-192c/STM-64 Packet-over-SONET Enhanced Services line card.
This symptom does not occur in Cisco IOS Release 12.0 ST.
Workaround Enter the no ip unreachables interface configuration command on the interface to prevent the packet leakage. However, in this situation, ICMP unreachable packets are not sent back to the source when packets are dropped by the ACL.
•CSCdz06300
Symptoms The IP Source Tracker feature unexpectedly stops functioning on a line card, and packets for the source-tracked destination are not forwarded because the IP Source Tracker feature is stuck in the throttling mode.
Conditions This symptom is observed on a Cisco 12000 series Engine 2 line card. To determine if the line card is in the above-mentioned condition, enable the debug lc hw-throttle hidden command; if the following message recurs every two seconds—even when there is low CPU utilization—the IP Source Tracker feature is stuck in the throttling mode:
SLOT 0: GLC_HW: Disabled HW DOS throttling (CPU at 0%, sched skew: -1%)
Workaround Reload the line card.
•CSCdz07032
Symptoms When you add a new Performance Routing Engine (PRE) to a Cisco 10000 series router, the startup configuration may not be copied to the new PRE. Verify that the configuration exists by entering the dir sec-nvram: EXEC command or the dir standby-nvram: EXEC command, depending on the Cisco IOS software image that you are running.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround Cut over to the new PRE, and save the configuration.
•CSCdz07354
Symptoms Enhanced Interior Gateway Routing Protocol (EIGRP) resets the routing table when you enter the write memory EXEC command, write terminal EXEC command, or show running-config privileged EXEC command.
Conditions This symptom is observed on a Cisco 7505, Cisco 7507, and Cisco 7513 router.
Workaround There is no workaround.
•CSCdz07393
Symptoms When you apply a combination of IP version 6 (IPv6), an access control list (ACL), and Sampled NetFlow to an interface on an Engine 4 plus line card, the line card may reload.
Conditions This symptom is observed while IPv6 traffic is flowing.
Workaround There is no workaround.
•CSCdz07976
Symptoms An Engine 2 line card may reload continuously.
Conditions This symptom is observed on a Cisco 12000 series router when a router that is adjacent to the Cisco 12000 series router is rebooted while Border Gateway Protocol (BGP) policy accounting is configured on the Engine 2 line card and traffic is flowing through the line card.
Workaround There is no workaround. When this situation occurs, stop the traffic that is flowing through the Engine 2 line card until Cisco Express Forwarding (CEF) is loaded onto the line card.
•CSCdz08851
Symptoms Resource Reservation Protocol (RSVP) Hello detection may not trigger a Fast Reroute (FRR) switchover.
Conditions This symptom is observed when you use RSVP Hello detection to enable Multiprotocol Label Switching traffic engineering (MPLS TE) FRR protection on shared interfaces.
Workaround There is no workaround.
•CSCdz10165
Symptoms A Tag Forwarding Information Base (TFIB) entry for a Virtual Private Network (VPN) routing and forwarding (VRF) static recursive route that is configured for multihop Border Gateway Protocol (BGP) may be lost.
Conditions This symptom is observed after the egress interface flaps.
Workaround There is no workaround.
•CSCdz14924
Symptoms When the customer edge (CE) peer of a provider edge (PE) router has the neighbor default-originate router configuration command enabled, which enables the PE router to send the default route to the CE, the default route may be sent with the wrong mask (255). When this situation occurs, the CE router sends a notification that states that an illegal network entry has occurred and flaps the session.
Conditions This symptom is observed on a Cisco 7200 series router that functions as a PE router but may also occur on another platform that functions as a PE router.
Workaround There is no workaround.
•CSCdz19881
Symptoms An input access control list (ACL) may not take effect.
Conditions This symptom is observed on a Cisco 12000 series Engine 4 plus interface on which the VRF Selection feature is enabled.
Workaround There is no workaround.
•CSCdz20079
Symptoms Configuring the hw-module slot shutdown global configuration command in the startup configuration may cause a router to reload.
Conditions This symptom is observed on a Cisco 10000 series router when you attempt to boot from an eboot image.
Workaround Do not configure the hw-module slot shutdown global configuration command in the startup configuration.
Alternate Workaround Change the configuration register to "0x40" to ignore the configuration during the bootup process.
•CSCdz21375
Symptoms A memory leak may occur on a line card.
Conditions This symptom is observed on the line card of a Cisco 12000 series after NetFlow is disabled on the last interface of a line card that has NetFlow enabled. This symptom is observed while there are more than 1900 flow records in the NetFlow cache of the line card.
Workaround Keep NetFlow enabled on at least one interface on the line card.
•CSCdz23286
Symptoms A Cisco 12000 series router may reload during the bootup process.
Conditions This symptom is observed when you attempt to boot up the Cisco 12000 series router with an image of Cisco IOS Release 12.0(23)S and occurs before the image is loaded onto the router.
Workaround There is no workaround.
•CSCdz25339
Symptoms An unusually formatted Multicast Source Discovery Protocol (MSDP) packet may cause memory corruption and a router to reload.
Conditions This symptom is observed on a Cisco router when it has a peer relationship with a specific third-party vendor router that is running a recent software release.
Workaround Shut down the peer relationship by entering the ip msdp shutdown peer-address global configuration command.
•CSCdz29044
Symptoms An Engine 3 line card that connects a provider edge (PE) router and a customer edge router, both of which are running the Carrier Supporting Carrier feature, may reload.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(23)S, that is functioning as a PE router, and that is running the Carrier Supporting Carrier feature when you reload microcode on one of multiple line cards that connects the PE router to a provider (P) router.
Note that the symptom occurs on an Engine 3 line card that connects the PE router and the CE router, but the microcode is reloaded onto another line card that connects the PE router and the P router.
Workaround There is no workaround.
•CSCdz31682
Symptoms Packet drops may occur in the Cisco Express Forwarding (CEF) and distributed Cisco Express Forwarding (dCEF) paths after a router has been reloaded and a ping is sent (through the router) to the IP address of a directly-connected customer edge (CE) router.
Conditions This symptom is observed on a Cisco 7500 series router. The CE router in this configuration is connected to a Fast Ethernet Virtual Private Network (VPN) routing/forwarding (VRF) dot1q subinterface on a PE router that has the mpls netflow egress interface configuration command enabled.
Workaround On the PE router, manually ping the IP address of the directly-connected CE router and enable the relevant Address Resolution Protocol (ARP) entries to be populated.
First Alternate Workaround Disable the mpls netflow egress interface configuration command on the subinterface.
Second Alternate Workaround Add a static ARP entry for the VRF subinterface by entering the arp vrf ip mask mac arpa global configuration command.
Third Alternate Workaround Enter the clear arp privileged EXEC command on the destination CE router.
•CSCdz31778
Symptoms Slow path forwarding on an Engine 3 line card of a provider edge (PE) router that is running IP version 6 (IPv6) in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) may not function.
Conditions This symptom is observed on a Cisco 12000 series router that is functioning as a 6PE router and occurs because the 6PE disposition does not function for aggregate 6PE labels on the Engine 3 line card.
Workaround There is no workaround.
•CSCdz35426
Symptoms A primary Route Processor (RP) and a standby RP may not load the correct image when a Cisco 12000 series router is reloaded.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S2 or an earlier release when all of the following conditions are present:
–An Advanced Technology Attachment (ATA) disk or a Flash card such as a Personal Computer Memory Card International Association (PCMCIA) card is installed in both the primary RP and the standby RP.
–The Route Processor Redundancy (RPR) mode is enabled.
–The boot system tftp ip-address global configuration command is enabled in the configuration.
The symptom does not occur when the Route Processor Redundancy plus (RPR+) mode or the Stateful Switchover (SSO) feature is enabled.
Workaround Use the RPR+ mode or the SSO feature.
Alternate Workaround for Cisco IOS Release 12.0(22)S2 only After the RPs have booted up, remove the boot system tftp ip-address global configuration command from the configuration and execute the upgrade rom-monitor EXEC command to enable the ROM monitor to be upgraded.
•CSCdz35853
Symptoms When a SONET link is not stable, the following error messages may be generated on a 1-port OC-48 Port Packet-over-SONET (POS)/Synchronous Digital Hierarchy (SDH) IP Services Engine (ISE) line card:
SLOT 1: %EE48-3-GULF_RX_MOFIFO: Overflow detected. Corrective action taken.
SLOT 1: %EE48-3-GULF_RX_BYTE_TO_WORD: Out of synchronization, bitmap= 0xE. Corrective action taken.Conditions This symptom is observed under rare circumstances on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S2.
Workaround Reload the line card.
•CSCdz37224
Symptoms "Alpha" error messages may be observed on the ingress or egress interface of a Cisco 12000 series 4-port OC-12c/STM-4c Packet over SONET (POS) synchronous digital hierarchy IP services engine line card. The following messages may be displayed on the egress interface of the Cisco 12000 series 4-port OC-12c/STM-4c POS synchronous digital hierarchy IP services engine line card:
%EE48-3-ALPHAERRS: TX ALPHA: ALPHA_CPU_PIPELINE_CTRL_INT error 1 SLOT 2: %EE48-3-ALPHAPAIR: TX ALPHA: POP PAIR
Conditions This symptom is observed if the shape, bandwidth, random detect, or priority value is configured and if both the set ip-dscp-value quality of service (QoS) policy map configuration command and the set mpls experimental policy map configuration command are disabled. This symptom is observed on a Cisco 12016 router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S or Release 12.0(21)ST2a.
Workaround Remove the transmit (TX) service policy and use Per Interface Rate Control (PIRC) instead.
Additional Notes The same symptom may occur when an error recovery is performed for hardware failures such as data path parity errors. The symptom under those circumstances would be a failed recovery. There is no workaround for the occurrence of this symptom when an error recovery is performed.
•CSCdz39560
Symptoms Multiprotocol Label Switching (MPLS) Fast Reroute (FRR) may not function properly on an Engine 2 ingress line card.
Conditions This symptom is observed on a Cisco 12000 series router when a tunnel that is protected by FRR is a one-hop tunnel to a second router. A third router that is connected to the first and second router provides the backup path. When the primary path between the first and second router goes down, traffic is not redirected over the backup path.
Workaround There is no workaround.
•CSCdz50959
Symptoms The mechanism that checks the packet length may fail and cause the number of "ignore" errors to increase on an interface that is associated with an E1 controller on a 24-port channelized E1/T1 line card.
Conditions This symptom is observed on a Cisco 10000 series router when the interface is connected to a remote device that is configured to send packets that are larger than 8000 bytes or that erroneously sends packets that are larger than 8000 bytes.
Workaround There is no workaround.
•CSCuk36939
Symptoms Cisco IOS software fails to set up the Gigabit Ethernet Interface Processor (GEIP) MIBs correctly on a Cisco 7500 series router.
Conditions This symptom is observed when the hierarchy on the GEIP is incorrect; the port adapter and interface are shown at the same level as the GEIP. The GEIP should be at the top of the hierarchy, followed by the port adapter, followed by the interface.
Workaround There is no workaround.
•CSCuk39337
Symptoms Virtual Private Network routing/forwarding (VRF) does not function properly on a Frame Relay link between a provider edge (PE) router and a customer edge (CE) router, and the CE router cannot ping the PE router.
Conditions These symptoms are observed on a Frame Relay link between a Cisco 10000 series router that is functioning as a PE router and another Cisco 10000 series router that is functioning as a CE router.
Workaround Reload the PE router to make the link between the PE router and the CE router function.
Resolved Caveats—Cisco IOS Release 12.0(22)S2
Cisco IOS Release 12.0(22)S2 is a rebuild of Cisco IOS Release 12.0(22)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S2 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.
The following information is provided for each caveat:
Symptoms—A description of what is observed when the caveat occurs.
Conditions—The conditions under which the caveat has been known to occur.
Workaround—Solutions, if available, to counteract the caveat.
•CSCdu00328
Symptoms A Cisco 7500 series router may stop receiving packets on certain interfaces when a Cisco 6500 series switch that is connected through a port channel is reloaded.
Conditions This symptom is observed on a Cisco 7500 router that is connected to a Cisco 6500 series switch through the port channel. This symptom does not occur if the port channel is removed.
Workaround Run normal IP between the Cisco 7500 series router and the Cisco 6500 series switch without the port channel configuration.
•CSCdu43164
Symptoms A memory leak may occur on a Cisco 7200 series router. The memory leak is caused by the Border Gateway Protocol (BGP) I/O process and occurs at the rate of 100 KB to 130 KB per hour (about 2.5 MB to 3 MB per day) after the show memory summary | incl BGP privileged EXEC command is entered. This situation occurs regardless of whether a BGP neighbor is flapping.
The output of the show processes memory | incl bgp privileged EXEC command shows the following:
Router#
show processes memory | incl bgp
PID TTY Allocated Freed Holding Getbufs Retbufs Process ... 104 0 3522569548 2139398320 21965976 297916 5184 BGP I/O ...
The show memory summary | incl bgp privileged EXEC command indicates that the "BGP (1) update" function allocates memory without deallocating it again after the process is completed:
Router#
show memory summary| incl bgp
Alloc PC Size Blocks Bytes What ... 0x607C42E0 65496 333 21810168 BGP (1) update ....
Conditions This symptom is observed on a Cisco 7206VXR router that is functioning as a Provider Edge (PE) router and that is running Cisco IOS Release 12.1(5a) in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) network.
Workaround Reload the router.
•CSCdv49909
Symptoms Parallel links may not be used efficiently on a Cisco router when Multiprotocol Label Switching (MPLS) traffic is load balanced over parallel links to a customer premises equipment (CPE) device.
Conditions This symptom is observed when a Virtual Private Network (VPN) routing/forwarding (VRF) static route to a remote loopback interface is configured and both parallel links to the same CPE device are configured to the same loopback interface without an IP address using the ip unnumbered interface configuration command.
Possible Workaround Define the following configurations on the provider edge (PE) and customer edge (CE) routers to achieve load balancing with static VRF routes.
PE Configuration
interface multilink250
ip vrf forwarding YELLOWVPN
ip address 10.0.0.1 255.255.255.0
interface multilink251
ip vrf forwarding YELLOWVPN
ip address 10.1.0.1 255.255.255.0
The links in the CE configuration must be configured with 10.0.0.2 and 10.1.0.2.
10.10.0.1/32 is the CE loopback and must be advertised to the PE via Routing Information Protocol (RIP) or with another router protocol. A static route may be used.CE Configuration
ip route vrf YELLOWVPN 10.10.0.1 255.255.255.255 10.0.0.2
ip route vrf YELLOWVPN 10.10.0.1 255.255.255.255 10.1.0.2
The following output defines static routes for the CE prefix:
ip route vrf YELLOWVPN 192.168.200.0 255.255.255 0 10.10.0.1
•CSCdx46207
Symptoms A ciscoEnvMonRedundantSupplyNotification trap is not generated when a power supply is shut down, and a notification message is not displayed on a Cisco 12000 series router.
Conditions This symptom is observed in Cisco IOS Release 12.0(21)S2 on a Cisco 12008 router and a Cisco 12012 router.
Workaround There is no workaround.
•CSCdx87998
Symptoms Fast Reroute (FRR) does not fully deconfigure.
Conditions This symptom is observed when the mpls traffic-eng signaling forwarding sync command is enabled.
Workaround Do not use FRR when the mpls traffic-eng signaling forwarding sync command is enabled.
•CSCdx92027
Symptoms A Route Switch Processor 8 (RSP8) pauses indefinitely.
Conditions This symptom is observed when you enter the ip cef global configuration on a Cisco 7500 series router that is running Cisco IOS 12.1(12c)E.
Workaround There is no workaround.
•CSCdx94730
Symptoms An IronBus error occurs on a Cisco 10000 series 1-port channelized OC-12 line card. The console log shows the following information:
%C10KEVENTMGR-1-IRONBUS_FAULT: Ironbus Event 2/1, Restarting Ironbus %IPCGRP-3-SYSCALL: System call for command 203 (slot2/0): ipc_send_rpc_blocked failed (Cause: timeout)
-Traceback= 603C4208 603C4698 603C53E8 6013BFC0 60089C64 600248D4 60024C4C 6035270C 603526F8 %IPCOIR-3-TIMEOUT: Timeout waiting for a response from slot 2/0. %IPCOIR-2-CARD_UP_DOWN: Card in slot 2/0 is down. Notifying 1choc12-1 driver. %C10K_ALARM-6-INFO: ASSERT CRITICAL slot 2 Card Stopped Responding OIR Alarm %IPCOIR-5-CARD_DETECTED: Card type 1choc12-1 (0x1BB) in slot 2/0 %IPCOIR-5-CARD_LOADING: Loading card in slot 2/0
%C10K-5-LC_NOTICE: Slot[2/0] 1choc12-1 Image Downloaded...Booting...
%PXF_DMA-3-IRONBUS_NOTRUNNING: Data path to slot 2/1 failed to synchronize (TIB Not Running)Conditions This symptom is observed on a Cisco 10000 series edge services router when you copy a configuration for creating 768 DS0 interfaces under a Virtual Tributary (VT) on the 1-port channelized OC-12 line card onto the running configuration.
Workaround Limit the number of DS0 interfaces to 575 or fewer.
•CSCdy04735
Symptoms The standby Performance Routing Engine (PRE)-1 or Gigabit Route Processor (GRP) continuously reloads after the hw-module reset command is entered.
Conditions This symptom is observed on a Cisco 12000 series Internet router or Cisco 10000 series edge services router during an upgrade to Cisco IOS Release 12.0(22.4)S from Cisco IOS Release 12.0(22)S using the Fast Software Upgrade (FSU) procedure.
Workaround Install the new software image and reload the router without using the dual processor FSU capability.
•CSCdy10293
Symptoms A Versatile Interface Processor (VIP) on a Cisco 7500 series router may run out of memory and generate the following memory allocation (MALLOC) failure messages:
%SYS-2-MALLOCFAIL: Memory allocation of 65556 bytes failed from 0x6010EB8C, alignment 32 Pool: Processor Free: 173756 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "CEF IPC Background", ipl= 0, pid= 31The show process memory section in the output of the show tech EXEC command indicates that the Multiprotocol Label Switching (MPLS) Cisco Express Forwarding (CEF) interprocess communication (IPC) background process is holding up a large portion of the memory.
Conditions This symptom is observed on the VIP of a Cisco 7500 series router.
Workaround There is no workaround.
•CSCdy17735
Symptoms A single headend rewrite that is used by all prefixes that are routed over a tunnel is not updated properly when the label switched path tunnel state changes and there are no prefixes being routed over the tunnel.
In addition, the output of the show mpls traffic-eng fast-reroute database command inaccurately represents the entries that are contained within the Fast Reroute (FRR) database. Prefix information is not applicable to the headend tunnel rewrite and should be displayed separately. The output of the show mpls traffic-eng fast-reroute database command does not show any tunnel data, but, as long as the headend tunnel is up, there should always be one entry for the headend tunnel.
Conditions These symptoms are observed when FRR protection is enabled on a tunnel, there are no prefixes being routed over this tunnel, and Label Distribution Protocol (LDP) is not enabled.
Workaround There is no workaround.
•CSCdy22453
Symptoms Traffic may be dropped for up to 1 minute on a Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel when the tunnel reoptimizes for a PPP link.
Conditions This symptom is observed only when the MPLS TE tunnel is reoptimizing for a PPP link that was brought up with Label Distribution Protocol (LDP) enabled.
Workaround Disable LDP or configure High-Level Data Link Control (HDLC).
•CSCdy27220
Symptoms A ciscoEnvMonRedundantSupplyNotification trap is not generated when a power supply is shut down, and a notification message is not displayed on a Cisco 12000 series Internet router.
Conditions This symptom is observed on the following Cisco 12000 series routers that run Cisco IOS Release 12.0(21)S3:
–Cisco 12016 router
–Cisco 12404 router
–Cisco 12406 router
–Cisco 12410 router
–Cisco 12416 router
Workaround There is no workaround.
•CSCdy27294
Symptoms Virtual Routing and Forwarding (VRF) route aggregation under Border Gateway Protocol (BGP) fails causing a loss of end-to-end connectivity between Provider Edge routers if more specific routes are not installed in the BGP VRF table.
Conditions This symptom is observed on a Cisco 12000 series Internet router under the following conditions:
–The router is deployed as a Provider Edge (PE) router and has Engine 2 line cards that are running Multiprotocol Label Switching (MPLS) Virtual Private networks (VPNs).
–Route aggregation is used in BGP IPv4 VRF address family and more specific routes are suppressed.
–Multiple Customer Edge (CE) routers are connected to a 3-port Gigabit Ethernet line card.
Workaround Ensure that the more specific routes are imported into the BGP VRF table by configuring redistribution or network statements.
•CSCdy29545
Symptoms Packets that are traversing an Engine 4 plus (E4+) OC-192 line card in a Cisco 12000 series router that has tag switching enabled may be dropped.
Conditions This symptom is observed in a traffic engineering (TE) configuration and occurs when traffic is load balancing across multiple TE tunnels at the headend or when label imposition is performed over multiple paths.
Workaround Enter the clear ip route network mask command on the ingress side of the OC-192 link. Use caution because entering the clear ip route * command may invoke the symptoms.
•CSCdy29983
Symptoms Border Gateway Protocol (BGP) policy accounting counters on a 3-port Gigabit Ethernet line card increment incorrectly.
The output of the show cef interface type number statistics EXEC command displays that the average rate of index 1 through 3 is about 200 to 300 Mbps while the actual traffic is about 400 kbps.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy30484
Symptoms An Engine 2 3-port Gigabit Ethernet line card that receives a tag packet with a Time to Live (TTL) value of 1 may reload.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy31765
Symptoms The following symptoms may be observed on a Cisco 12000 series Engine 2 (E2) ingress line card that is installed in a provider edge (PE) router.
When traffic is destined for an IP address for which the Cisco Express Forwarding (CEF) adjacency is an Ethernet MAC address and the Address Resolution Protocol (ARP) cache is either empty or incomplete, traffic is punted to the CPU of the line card. The CPU attempts to resolve the adjacency and drops the traffic.
While the ARP cache for the Ethernet MAC address is incomplete but traffic is being received for the IP address, the CPU utilization of the line card may increase to 99 percent. This situation may lead to a loss of Interior Gateway Protocol (IGP) neighbors and fabric-unicast ping timeouts, which in turn may cause the line card to reload.
When the CEF adjacency moves from an incomplete state to a MAC address, buffer management application-specific integrated circuit (ASIC) (BMA) errors are triggered and packet switch ASIC (PSA) pipeline stall messages may be displayed:
%LC-3-BMAERRS: ToFab BMA BMA error status error 10
%QM-3-ERROR: ToFab Register 0x40007.
-Traceback= 403F0074 4036DBF4 40498814 400CCF98
%LC-3-BMAERRS: ToFab BMA QM error 1Conditions These symptoms are observed in a Multiprotocol Label Switching Virtual Private Network (MPLS VPN) in which a Cisco 12000 series router that is functioning as a PE router is connected to a provider (P) router through an E2 line card and the connection between the PE router and the customer edge (CE) router is a Gigabit Ethernet link.
Workaround The following sequence of commands will prevent the loss of IGP neighbors and fabric-unicast ping timeouts:
a. Enter the attach slot-number privileged EXEC command for the E2 line card.
b. Enter the enable EXEC command.
c. Enter the configure terminal privileged EXEC command.
d. Enter the controller hw-throttle privileged EXEC (hidden) command.
This sequence of commands will not prevent BMA errors and PSA pipeline stall messages, but will prevent the IGP neighbors from being lost and the line card from reloading. Note that these commands will no longer be enabled if the line card or router reloads.
•CSCdy34017
Symptoms An access control list (ACL) with an Internet Control Message Protocol (ICMP) entry may be incorrectly processed by (the packet switch ASIC [PSA] of) an Engine 2 line card.
Conditions This symptom is observed on a Cisco 12000 series Engine line card when an ACL entry matches an ICMP packet that is specifying its type but not its code.
Workaround Specify the code in all ICMP entries.
•CSCdy35263
Symptoms A Cisco 12000 series 4-port ATM line card repeatedly reloads after you have performed a microcode reload.
Conditions This symptom is observed on a Cisco 12000 series router that is running the gsr-p-mz image of Cisco IOS Release 12.0(22)S, and with the carrier supporting carrier feature configured on the 4-port ATM line card.
Workaround There is no workaround.
•CSCdy38827
Symptoms A Cisco router may install a suboptimal Intermediate System-to-Intermediate System (IS-IS) route into its routing table. Depending on the topology, this situation may create a routing loop.
Conditions This symptom is observed on an IS-IS Level 1 - Level 2 (L1L2) router that is running Cisco IOS Release 12.0 S or Release 12.0 ST and that has prefixes configured that are allowed to be leaked into Level 1, that is, prefixes that match the access list that is specified within the redistribute isis ip level-2 into level-1 distribute-list command. When route leaking is not configured, this condition is not observed.
Workaround There is no workaround. The condition resolves itself when the affected route is cleared by entering the clear ip route network EXEC command.
•CSCdy43671
Symptoms An Engine 0 ATM line card may reload.
Conditions This symptom is observed under rare circumstances when a Cisco 12000 series router is booted up with Cisco IOS Release 12.0(21)ST3.
Workaround There is no workaround.
•CSCdy44251
Symptoms The Forwarding Information Base (FIB) table on a Cisco 12000 series Gigabit Route Processor (GRP) may be missing entries for directly connected subnets.
Conditions This symptom is observed on a Cisco 12000 series router after you have removed a large number of routes.
Workaround Enter the clear ip route network for the affected prefixes. The following is an example:
Router#
show ip cef 10.2.0.4 255.255.255.224
%Prefix not found
Router#
clear ip route 10.2.0.4 255.255.255.224
Router#
show ip cef 10.2.0.4 255.255.255.224
10.2.0.4/30, version 285154, epoch 0, attached, connected, cached adjacency to POS1/0 0 packets, 0 bytes via POS1/0, 0 dependencies valid cached adjacency•CSCdy44790
Symptoms When using Multiprotocol Label Switching traffic engineering (MPLS TE) Fast ReRoute (FRR), an FRR label switched path (LSP) tunnel may go down after being rerouted over the backup tunnel.
Conditions This symptom is observed when the point of local repair is running an interim build of Cisco IOS Release 12.0(24)S and the merge point (MP) is running an interim build of Cisco IOS Release 12.0(23)S. The symptom occurs because the MP does not properly reflect the Logical Interface Handle (LIH) that it receives in the "Path" message. When the LIH changes after initial establishment of the LSP tunnel, it returns a corresponding "Resv" message (that is, corresponding to the "Path" message). This "Resv" message does not properly reflect the LIH. The only condition under which the LIH changes after establishment of the LSP tunnel is when fast rerouting is enabled on the LSP tunnel.
Workaround There is no workaround.
•CSCdy47173
Symptoms A Route Processor (RP) may reload when you install a Flash card in slot 1 of the RP.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy48075
Symptoms If an active Performance Routing Engine (PRE) fails before a standby PRP is fully configured, the standby PRP may not perform a switchover correctly.
Conditions This symptom is observed on a Cisco 10000 series router in a redundant configuration.
Workaround Do not force a switchover until the standby PRP is fully initialized. If the active PRP fails and the standby PRP does not switchover correctly, reload the standby PRP.
•CSCdy51197
Symptoms Fast Reroute (FRR) may fail to trigger if the cause of the failure is registered in the Route Processor (RP) when the link state is already down.
Conditions This symptom may be observed when triggers are delayed, for example when the pos delay triggers interface configuration command is enabled.
Workaround Disable the pos delay triggers interface configuration command.
•CSCdy51434
Symptoms A router may reload unexpectedly if MD5 authentication is used with Open Shortest Path First (OSPF). The following message may be displayed when you enter the show version EXEC command:
System returned to ROM by error - a Software forced crash, PC 0x12345678
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(22)S. The symptom occurs only when corrupted OSPF packets are present.
Workaround Remove MD5 authentication for OSPF.
•CSCdy63771
Symptoms Virtual Private Network (VPN) routing/forwarding (VRF) may not function on a High-Speed Serial Interface (HSSI) port adapter.
Conditions This symptom is observed on a Cisco 7500 series router
Workaround Remove and reconfigure the affected subinterface on the HSSI port adapter.
•CSCdy66571
Symptoms The shadow state on a standby router processor (RP) remains down after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the router interfaces.
Conditions This symptom is observed on a Cisco 12000 series router that is configured with two RPs when the Stateful Switchover (SSO) feature is enabled.
Workaround There is no workaround.
•CSCdy68938
Symptoms A Resource Reservation Protocol (RSVP) message containing a MESSAGE_ID object (as described in RFC 2961) is received multiple times.
Conditions This symptom is observed when a router that is running a version of Cisco IOS software that does not support RSVP Refresh Overhead Reduction Extensions (RFC 2961) receives the RSVP message that contains a MESSAGE_ID object. The router fails to send a PathErr or ResvErr reply in response, causing the neighboring router to retransmit the RSVP (PathErr or ResvErr) message multiple times. The retransmissions can have a negative affect on Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel scalability, convergence, or both convergence and scalability.
Workaround There is no workaround.
•CSCdy71240
Symptoms A Parallel Express Forwarding (PXF) network processor reloads when traffic is destined for a Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel.
Conditions This symptom is observed in a configuration in which two Cisco 10000 series routers are connected back-to-back via an MPLS TE tunnel, when you ping the MPLS TE tunnel from a remote end.
Workaround There is no workaround.
•CSCdy73102
Symptoms When a primary Multiprotocol Label Switching traffic engineering (MPLS TE) tunnel reoptimizes over another link, a traffic drop may occur.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S1 following a Fast Reroute (FRR) operation.
Workaround Configure the primary label switched path tunnel (LSP tunnel) as an explicit tunnel.
•CSCdy74457
Symptoms The forwarding of IP version 6 (IPv6) packets from a Cisco 12000 series Engine 3 line card to a Cisco 12000 series Engine 0 line card does not function for certain directly connected hops.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S or Release 12.0(22)S1.
Workaround There is no workaround.
•CSCdy75485
Symptoms All Layer 2 management packets are dropped, which causes all interfaces that depend upon keepalives to transition to the down state.
Conditions This symptom is observed on a Cisco 10000 series router in a configuration with a large numbers of interfaces.
Workaround There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(22)S1
Cisco IOS Release 12.0(22)S1 is a rebuild release for Cisco IOS Release 12.0(22)S. The caveats in this section are resolved in Cisco IOS Release 12.0(22)S1 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
Symptoms—A description of what is observed when the caveat occurs.
Conditions—The conditions under which the caveat has been known to occur.
Workaround—Solutions, if available, to counteract the caveat.
•CSCdu72708
Symptoms The ip address negotiated interface configuration command must be applied to the configuration of an interface before any other PPP commands.
Conditions This symptom is observed when the on-demand address pool (ODAP) on-board Dynamic Host Configuration Protocol (DHCP) server is used.
Workaround There is no workaround.
•CSCdv39804
Symptoms A bus error may occur on a router, and the following message may be displayed:
%ALIGN-1-FATAL: Illegal access to a low address, addr=0x1A8, pc=xxxxxxxx, ra=xxxxxxxx, sp=xxxxxxxx
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0 S.
Workaround There is no workaround.
•CSCdw41164
Symptoms A Versatile Interface Processor (VIP) may reload because of an error at the ct3sw_check_tx process.
Conditions This symptom is observed on a Cisco 7000 series VIP that is running Cisco IOS Release 12.0(16)S4.
Workaround There is no workaround.
•CSCdx09745
Symptoms A Cisco 7200 series router that is using Cisco Express Forwarding (CEF) switching may reload after you enter the show queue interface-name interface-number privileged EXEC command for a serial interface.
The output of the show ip interface EXEC command is very similar to the following message and indicates that the normal CEF switching vector is used:
IP CEF switching is enabled
IP Fast switching turbo vector
IP Normal CEF switching turbo vectorConditions This symptom is observed on a Cisco 7200 series router when CEF switching is used and there are packets in the queue when you enter the show queue interface-name interface-number privileged EXEC command.
Workaround On any of the serial interfaces that has weighted fair queueing (WFQ) enabled, enter the following sequence of commands (note that in this example, interface "serial 4/1" is used):
Router(config)#
interface s4/1
Router(config-if)#
no fair-queue
Router(config-if)#
fair-queueThis sequence of commands will set the correct switching vector as follows:
IP CEF switching is enabled
IP Fast switching turbo vector
IP Feature CEF switching turbo vectorThis workaround must be applied each time the router reloads.
•CSCdx45151
Symptoms The Cisco Express Forwarding (CEF) table of a Cisco 12000 series Engine 0 Packet-over-SONNET (POS) line card gets almost completely cleared and then builds up again.
Conditions This symptom is observed after a Stateful Switchover (SSO) on an Engine 0 POS line card that is configured with 110,000 routes and about 600 interfaces. After the protocol has converged, all the entries of the old epoch are purged and the entries of the new epoch take over.
Workaround There is no workaround.
•CSCdx63504
Symptoms After a Cisco IOS software upgrade, redistribution may stop functioning on a router.
Conditions This symptom is observed on a router that is configured with Border Gateway Protocol (BGP).
Workaround Remove and reconfigure the BGP configuration, or reboot the router.
•CSCdx68619
Symptoms NetFlow aggregation does not function.
Conditions This symptom is observed in Cisco IOS Release 12.0 S and Release 12.0 ST when either only the mpls netflow egress interface configuration command is configured on an interface or both the ip route-cache flow and mpls netflow egress interface configuration commands are configured on the same interface or on different interfaces, but the NetFlow cache is allocated through the mpls netflow egress interface configuration command.
Workaround There is no workaround.
•CSCdx69785
Symptoms A Cisco 12000 series Engine 2 OC-48 Packet-over-SONET line card that is configured as a generic routing encapsulation (GRE) tunnel-server card enters an error state and reports the following error message:
QM-4-STUCK: Port 0 Queue mask 0x1
The line card should recover from this error state but fails to do so.
Conditions These symptoms are observed when the line card is overloaded with tunnel traffic.
Workaround There is no workaround. To recover from the error state, perform a microcode reload of the line card.
•CSCdx71829
Symptoms When you delete a subinterface from a router, the reserved bandwidth may not be returned, decreasing the total bandwidth of the interface under which the subinterface is configured.
Conditions This symptom is observed when the subinterface has bandwidth reserved because of a service policy shape command.
Workaround Remove the service policy before you delete the subinterface.
•CSCdx80124
Symptoms Gigabit Route Processor (GRP) and GRP-B temperatures are incorrectly reported as NA.
Conditions This symptom is observed when the show environment [temperatures] privileged EXEC command is running on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx82485
Symptoms Under rare circumstances, a router that is configured with Protocol-Independent Multicast (PIM) may pause indefinitely.
Conditions This symptom is observed when an interface that has PIM enabled is shut down. This symptom may also occur when other configuration operations are performed on a PIM-enabled interface. This symptom affects only port adapters such as the 8-port 10BASE-T Ethernet port adapter (PA-8E) and the 8-port 10BASE-T Ethernet port adapter (PA-4E) that are using a particular third-party vendor chip.
Workaround Use a different Ethernet card, or avoid using PIM.
•CSCdx85342
Symptoms A Route Processor (RP) may boot up with the boot helper image instead of the regular image, or a Cisco 12000 series line card that is configured under the primary RP may reset because of interprocess communications (IPC) failures and generate the following error message:
* UTC: %FIB-3-FIBDISABLE: Fatal error, slot 0: IPC Failure: timeout
The two above mentioned symptoms are mutually exclusive.
Conditions These symptoms are observed on a Cisco 12000 series router when the router is configured with a primary RP and a standby RP and you load the gsr-boot-mz image from Bootflash using the boot system tftp global configuration command.
The symptoms affect only the gsr-boot-mz image (the gsr-p-mz image is not affected) and may occur in the following Cisco IOS releases:
–12.0(20.3)S
–12.0(20.3)S1
–12.0(20.3)ST
–12.0(20.3)ST1
–12.0(20.3)ST2
–12.0(20.3)ST3
–12.0(20.4)S
–12.0(20.4)S1
–12.0(20.4)S2
–12.0(20.4)ST
–12.0(20.4)ST1
–12.0(20)ST
–12.0(20)ST1
–12.0(20)ST2
–12.0(20)ST3
–12.0(20)ST4
–12.0(20)ST5
–12.0(21.1)S
–12.0(21.1)S1
–12.0(21.1)S2
–12.0(21.1)S3
–12.0(21.2)S
–12.0(21.3)S
–12.0(21.3)S1
–12.0(21.3)S2
–12.0(21.3)S3
–12.0(21.4)S
–12.0(21.4)S2
–12.0(21.4)S3
–12.0(21)S
–12.0(21)S1
–12.0(21)S2
–12.0(21)S3
–12.0(21)S4
–12.0(21)ST
–12.0(21)ST1
–12.0(21)ST2
–12.0(21)ST3
–12.0(21)ST4
–12.0(22)S
–12.0(22.1)S
Workaround Use a gsr-boot-mz boot image that was released earlier than Release 12.0(20.3)S or later than Release 12.0(22.1)S.
•CSCdx86830
Symptoms An end-to-end ping fails between a local customer edge (CE) router and a remote CE router if the local CE router is connected to a provider edge (PE) router. This PE router is connected to another CE router that runs the Carrier Supporting Carrier feature. The network path includes several other routers and eventually leads to the remote CE router.
Conditions This symptom is observed in an internal Border Gateway Protocol (iBGP) IPv4 label distribution environment at the local CE router when there are three labels in the label stack of the PE router.
Workaround Enter the neighbor next-hop-self router configuration command on the CE router that runs the Carrier Supporting Carrier feature to configure this CE router as the next hop for the PE router.
•CSCdx87434
Symptoms Large packet losses occur when a Stateful Switchover (SSO) Nonstop Forwarding (NSF) switchover occurs.
Conditions This symptom is observed on a Cisco 7500 series router that is configured with Versatile Interface Processors (VIPs) and is caused by an improper configuration of distributed Cisco Express Forwarding (dCEF) and weighted fair queueing (WFQ).
Workaround Follow these steps:
a. Verify what type of queueing is configured on a VIP interface by entering the show interfaces privileged EXEC command and verifying the "Queueing Strategy" field.
b. If the "Queueing Strategy" field indicates WFQ, change the field value to VIP-based WFQ by entering the fair-queue interface configuration command on the VIP interface.
•CSCdx89425
Symptoms When a line card reloads while multicast traffic is being sent to its ingress interface, the line card may reload again.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx89548
Symptoms An interface on a Cisco 7500 series channelized T3 port adapter cannot ping a directly connected interface because of adjacency difficulties.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface on the channelized T3 port adapter.
•CSCdx93291
Symptoms The Cisco 10000 series edge services router does not support the OperStatus and presence indicator for the fan and power modules: the ciscoEnvMonFanStatusTable and the ciscoEnvMonSupplyStatusTable in the CISCO-ENVMON-MIB are not supported.
Conditions This symptom is observed in Cisco IOS Release 12.0(21)S and later releases.
Workaround There is no workaround.
•CSCdy00245
Symptoms A Cisco 7500 series Packet-over-SONET (POS) port adapter that is installed in a Versatile Interface Processor (VIP) reloads at vip_ip_fib_fs_tag.
Conditions This symptom is observed when a Cisco 7500 series router that serves as a Multiprotocol Label Switching Traffic Engineering (MPLS-TE) tunnel head with Fast Reroute (FRR) enabled performs a Stateful Switchover (SSO) while traffic is entering through the POS port adapter.
Workaround There is no workaround.
•CSCdy01211
Symptoms A Multilink Frame Relay interface is rejected by the parser during bootup.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdy01271
Symptoms A Cisco 12000 series 6-port channelized T3 (6CT3-SMB) line card reloads when the encapsulation on a serial interface on the line card is changed from High-Level Data Link control (HDLC) to Frame Relay.
Conditions This symptom is observed on a Cisco 12000 series Internet router after a Stateful Switchover (SSO).
Workaround There is no workaround.
•CSCdy02298
Symptoms A line card may reload.
Conditions This symptom is observed on a Cisco 12000 series Internet router when a policy map is configured with "priority" in one class, the policy map is attached to an interface of an Engine 4 plus line card, and "bandwidth percent" is added to another class on the same policy map.
Workaround Do not configure "bandwith percent" on a policy map if the policy map already has "priority" configured in a class.
•CSCdy03361
Symptoms Packet drops may occur in the Cisco Express Forwarding (CEF) and distributed Cisco Express Forwarding (dCEF) paths after a router is reloaded when a ping is sent (through the router) to the IP address of a directly connected customer edge (CE) router.
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.2(6). The CE router in this setup is connected to a Fast Ethernet Virtual Private Network (VPN) routing/forwarding (VRF) dot1q subinterface that has the mpls netflow egress interface configuration command configured.
Workaround The Cisco 7500 series router can ping the IP address of the directly connected CE router and cause the relevant Address Resolution Protocol (ARP) entries to be populated.
Alternate Workaround A Remove the mpls netflow egress interface configuration command from the subinterface.
Alternate Workaround B Add a static ARP entry for the VRF subinterface by entering the arp vrf ip mask mac arpa global configuration command.
Alternate Workaround C Enter the clear arp privileged EXEC command on the destination CE router.
•CSCdy04472
Symptoms Polling for numbered ATM subinterfaces and unnumbered Frame Relay interfaces does not return any data. When the ifInNUcastPkts, ifOutNUcastPkts, and ifOutQLen variables are among the first of multiple objects that are bundled together in an snmpget command, some or all of these variables return the message "no such variable."
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(19)S2.
Workaround Retrieve the variables individually or via an snmpwalk command.
•CSCdy05017
Symptoms An Engine 2 line card may reload.
Conditions This symptom is observed when tag switching is enabled on a Cisco 12000 series Internet router that has Engine 2 line cards while load balancing is occurring in the Cisco Express Forwarding (CEF) path.
Workaround There is no workaround.
•CSCdy05963
Symptoms A Cisco 12000 series standby Route Processor (RP) remains disabled in Route Processor Redundancy Plus (RPR+) or Stateful Switchover (SSO) mode. The standby RP boots up from the ROM monitor (ROMmon) mode but does not initialize completely.
Conditions This symptom is observed when you use the send break EXEC command to return the standby RP to the ROMmon prompt, but not when you use the standby reload command for the same purpose.
Workaround There is no workaround.
•CSCdy06278
Symptoms Multilink PPP (MLPPP) interfaces are in a "Down/Down" state after a Stateful Switchover (SSO) occurs.
Conditions This symptom is observed on a Cisco 7500 series router.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the MLPPP interfaces.
•CSCdy06328
Symptoms The memory usage of a Cisco 12000 series Route Processor (RP) is very high.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S1 and that is configured with an IP Services Engine (ISE) line card with v8 NetFlow enabled.
Workaround There is no workaround.
•CSCdy09407
Symptoms During a Stateful Switchover with Nonstop Forwarding (SSO/NSF), transit traffic may be interrupted for a brief period of time. This condition is temporary, is related to timing, and may be platform-dependent.
This condition occurs when the following sequence of events occurs:
a. The Open Shortest Path First (OSPF) loopback interface comes up first during the switchover.
b. A router link-state advertisement (LSA) is scheduled for the area associated with the loopback interface.
c. One or more other OSPF interfaces come up, and neighbors of those interfaces enter a "Full" state while the router LSA is scheduled.
d. The router LSA is finally generated and flooded to the neighbors that are in a "Full" state.
The end result is that the neighbors that are in a "Full" state cause some OSPF routes to be temporarily deleted. This condition is most easily observed when there are OSPF neighbors on a broadcast network segment with designated routers (DRs) and backup designated routers (BDRs).
Conditions This symptom is observed on a Cisco 12000 series router, but could also occur on a Cisco 7500 series or Cisco 10000 series router.
Workaround Ensure that the loopback interface address is not included in one of the OSPF network statements under the router ospf global configuration command. If the loopback address needs to be advertised into the OSPF, it can often be advertised by redistributing connected subnets with a route map that specifically permits the loopback interface.
•CSCdy10448
Symptoms Open Shortest Path First (OSPF) does not propagate the routes into a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN).
Conditions This symptom is observed when VPN routing/forwarding (VRF) instances are configured on the neighboring router.
Workaround There is no workaround.
•CSCdy10739
Symptoms Disassociating slots without removing ATM virtual circuits (VCs) causes the ATM VCs to go into an inactive state.
Conditions This symptom is observed when the Automatic Protection System (APS) feature is enabled and you delete the ATM VCs after the slots are disassociated.
Workaround Delete the ATM VCs before you disassociate the slots.
•CSCdy11698
Symptoms A Cisco 12000 series imposition line card does not handle the hop limit correctly.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S and that is functioning as a provider edge (PE) router that is running IPv6 in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router).
Workaround There is no workaround.
•CSCdy13708
Symptoms Sampled NetFlow (SNF) may fail to sample the packets that have been denied by an access control list (ACL).
Conditions This symptom is observed when an ACL and SNF are applied to the same interface on a Cisco 12000 series Engine 2 line card.
Workaround There is no workaround.
•CSCdy15862
Symptoms A Gigabit Route Processor (GRP) may reload after a cache parity error occurs on a 1-port Gigabit Ethernet (GE) or 8-port Fast Ethernet (FE) line card.
Conditions This symptom is observed a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S3 or Release 12.0(22)S and that is configured with an Engine 1 1-port GE or Engine 1 8-port FE line card.
The GRP will reload only in the rare event that the cache parity error occurs in a CPU cache line that contains a control packet.
Workaround Deconfigure the Error-Correction Code (ECC) software feature by entering the no service cerf global configuration command.
For more information, see the document at the following location:
http://www.cisco.com/warp/public/770/fn16911.shtml
•CSCdy15975
Symptoms A Cisco 10000 series line card sends a "link up state" message before the interprocess communication (IPC) is established. This situation causes the Cisco IOS software to report the line card to be down.
Conditions This symptom is observed when you enter the hw-module slot number reset EXEC command on a Cisco 10000 series router, and a large number (that is, 4000) point-to-point virtual circuits (VCs) are configured.
Workaround There is no workaround.
•CSCdy17360
Symptoms With Route Processor Redundancy Plus (RPR+) enabled, when you send a break twice on an active Route Processor (RP), the second synchronization fails. The active RP does not attempt to reload the standby RP.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.1)S1 in a configuration with 2000 ATM subinterfaces and 200 Border Gateway Protocol (BGP) peers that are advertising 180,000 BGP routes.
Workaround There is no workaround.
•CSCdy18324
Symptoms Per-packet load balancing does not function on an interface that is configured with basic Multiprotocol Label Switching (MPLS).
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S or a later release.
Workaround There is no workaround.
•CSCdy19736
Symptoms A T3 (DS3) interface on a Cisco 10000 series 8-port E3/T3 line card fails to ping.
Conditions This symptom is observed after a Cisco 10000 series router has reloaded.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the line card.
•CSCdy19877
Symptoms A Cisco 12000 series Route Processor (RP) may reload because of a Resource Reservation Protocol (RSVP) database code error.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.2(22)S when you attempt to configure a large number of Multiprotocol Label Switching Traffic Engineering (MPLS-TE) tunnels and memory allocation (MALLOC) errors occur.
Workaround There is no workaround.
•CSCdy21552
Symptoms A Cisco 10000 series router may display an incorrect number of channelized OC-12 line cards in the output of the show version EXEC command. The number of channelized OC-12 line cards that is reported is usually double the number of the actual number of channelized OC-12 line cards.
Conditions This symptom is observed on a Cisco 10000 series router that is configured with channelized OC-12 line cards. The condition is cosmetic and does not affect system operation.
Workaround You can identify the correct number of channelized OC-12 line cards by entering the show diag summary EXEC command and determining the slots that contain these line cards. For example, for a line card in slot 5/0, the output of the show diag summary EXEC command will be as follows:
Slot/Subslot 5/0: 1choc12-1 card, 1 port
•CSCdy22120
Symptoms The sysUpTime MIB object, which reports the system uptime, periodically returns a value smaller than the previous value.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdy22596
Symptoms Interprocessor communication (IPC) timeout flaps may occur on a Cisco 10000 series line card.
Conditions This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(21)ST2.
Workaround There is no workaround.
•CSCdy22725
Symptoms The sustainable cell rate (SCR) value is lost and becomes zero when you reset an interface under which a permanent virtual connection (PVC) is defined with the old style syntax and that has variable bit rate (VBR) traffic parameters. The same PVC disappears completely from the configuration after the router is rebooted.
Conditions These symptoms are observed on a Cisco 7500 series router.
Workaround Use the new style syntax to define the PVC.
•CSCdy25884
Symptoms You cannot enable Sampled NetFlow and aggregated NetFlow simultaneously. If you allow a Sampled NetFlow configuration to overwrite an aggregated NetFlow configuration and then disable Sampled NetFlow, the aggregated NetFlow configuration is still present.
Conditions This symptom is observed on an interface of a Cisco 7500 series router.
Workaround Delete the aggregated NetFlow configuration before you configure Sampled NetFlow.
•CSCdy27052
Symptoms A Cisco 7500 series router may reload unexpectedly.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdy27126
Symptoms When all eight ports of an 8-port unchannelized E3/T3 line card are in use, memory corruption may occur, which may cause random router reloads.
Conditions These symptoms are observed on a Cisco 10000 series router.
Workaround Use only seven ports of the line card.
•CSCdy27385
Symptoms A Cisco 7500 series router may reload because of an arithmetic exception when the traffic-shape rate bit-rate burst-size excess-burst-size interface configuration command is applied to a serial interface.
The output of the show version EXEC command includes the following line, in which "0xXXXXXXXX" is the address at which the router reloads:
System returned to ROM by error - an arithmetic exception, PC 0xXXXXXXXX
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(13)S2 when the bit rate is smaller than 1000. The router may or may not have generic traffic shaping configured on its interfaces.
Workaround Do not specify a bit rate that is smaller than or equal to 1000, even though the command-line interface (CLI) accepts it.
•CSCdy27442
Symptoms If a nonaggregated variable bit rate-non-real time (VBR-NRT) permanent virtual circuit (PVC) is created while the associated link is in a "Down" state and then deleted before the associated link ever transitions to the "Up" state (that is, the PVC spends its entire life with the associated link in a "Down" state), the per-link subscribed rate is not properly maintained (that is, the bandwidth is not returned to the pool). In rare situations, this situation may lead to an inability to create nonaggregated PVCs.
Conditions This symptom is observed on a Cisco 10000 series router.
Workaround Ensure that the associated link transitions to the "Up" state.
•CSCdy30557
Symptoms A Cisco 12000 series Engine 2 8-port OC-3 ATM line card reloads when an inappropriate value for the Modified Deficit Round Robin (MDRR) bandwidth is attached.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy34152
Symptoms The ifDescr MIB object continues to return information for a 24-port channelized E1/T1 line card after the line card is removed and the no card command is entered.
Conditions This symptom is observed on a Cisco 10000 series router.
Workaround Reload the router.
•CSCdy34581
Symptoms A Cisco 12000 series router may reload because of a memory corruption.
Conditions This symptom is observed during the configuration of traffic shaping.
Workaround There is no workaround.
•CSCdy34771
Symptoms All subinterfaces of a Cisco 10000 series OC-3 Packet-over-SONET (POS) line card are shown to be in a "Down/Down" state while the main POS interface is shown to be in an "Up/Down" state.
Conditions This symptom is observed when you configure the OC-3 POS interface with 100 data-link connection identifiers (DLCIs).
Workaround Saving the configuration and reloading the router will usually force all DLCIs to come up.
Alternate Workaround Flapping the main POS interface may bring the line protocol up on the main interface.
•CSCdy39282
Symptoms A Cisco 12000 series 2-port channelized OC-3/STM-1 to DS1/E1 line card may fail.
Conditions This symptom is observed in a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.3)S.
Workaround There is no workaround.
•CSCdy39839
Symptoms A router may reload while calculating shortest path routes.
Conditions This symptom is observed when you configure the metric-style wide global configuration command to enable Intermediate System-to-Intermediate System (IS-IS) in a Multiprotocol Label Switching (MPLS) traffic engineering (TE) environment.
Workaround There is no workaround.
•CSCdy41516
Symptoms When you configure more than 256 Multilink PPP (MLP) interfaces on a Cisco 10000 series channelized T3 line card, the serial interfaces that belong to a bundle may no longer be accessible.
Conditions This symptom is observed on a Cisco 10000 series router.
Workaround There is no workaround.
•CSCdy42349
This caveat consists of two symptoms, two conditions, and two workarounds.
Symptoms A A Versatile Interface Processor (VIP) may reload when you enable the mpls netflow egress interface configuration command on a dot1q interface.
Conditions A This symptom is observed on a VIP that is installed in a Cisco 7500 series router that has 802.1q trunking and Virtual Private Network (VPN) configured.
Workaround A There is no workaround.
Symptoms B Alignment errors may occur on Multiprotocol Label Switching (MPLS) packets that are traversing the feature path, such as the packets that encounter a service policy.
Conditions B This symptom is observed on a Cisco 7200 series router that has 802.1q trunking and Virtual Private Network (VPN) configured.
Workaround A There is no workaround.
•CSCdy48247
Symptoms When NetFlow is enabled on a Cisco 10000 series router, the Parallel Express Forwarding (PXF) network processor may reload, and the router may generate one of the following messages:
PXF DMA FTC Bad Address Error
TOASTER-2-FAULT: T1 XCM0 Address Error: R1
%TOASTER-2-FAULT: T1 SW Exception: CPU[t1r3c1] 0x00000680 at 0x0DFE LR 0x0934Conditions This symptom is observed on a Cisco 10000 series router that is running Cisco IOS Release 12.0(20)ST5, Release 12.0(21)ST4, or Release 12.0(22)S, and is more likely to occur when there have been buffer allocation failures on the PXF network processor.
Workaround Disable NetFlow.
•CSCdy50225
Symptoms A Cisco 12000 series router may reload when a line card has failed and you perform a Simple Network Management Protocol (SNMP) query to cpmCPUTotalTable from a network management station (NMS).
Conditions This symptom is observed under very rare situations.
Workaround When a line card has failed, do not perform an SNMP query to cpmCPUTotalTable from an NMS.
•CSCdy51751
Symptoms A Cisco 10720 router may exchange labels incorrectly and rewrite a MAC header incorrectly. For example, the router is supposed to rewrite the MAC header with an Ethernet header but may rewrite the MAC header with a Packet-over-SONET header. The router may also exchange a label with one that is not consistent with the Multiprotocol Label Switching (MPLS) Tag Forwarding Information Base (TFIB).
Conditions This symptom is observed on a Cisco 10720 router that functions as an MPLS provider (P) router, when all of the following conditions are met:
–The router exchanges MPLS labels.
–There are a huge number of labels in the router, for example, thousands of MPLS traffic engineering (TE) tunnel midpoints.
–A link on which these tunnel midpoints transit flaps several times, which may cause more than 64,000 MAC rewrite indices.
Workaround There is no workaround.
•CSCdy54707
Symptoms A line card that has the clock source line configuration command enabled by default nevertheless provides an internal clock signal, but the Cisco IOS software reports that an (external) line clock signal is provided.
This condition was discovered when pings to a local IP address were occasionally dropped at regular intervals. If you reset the line card by entering the hw-module slot shelf-id|slot-number reload EXEC command, the clock signal is set to internal by default.
Conditions This symptom is observed when a Cisco 10000 series 24-port channelized E1/T1 line card is initialized through a Cisco IOS reload with the clock source line configuration command enabled by default.
Workaround First explicitly configure the clock source internal configuration command on the line card and then configure the clock source line configuration command on the line card.
•CSCuk35531
Symptoms After an application-specific integrated circuit (ASIC) resets or a line card failure occurs, interfaces may come up, but the Forwarding Information Base (FIB) is disabled, and the following error message can be generated:
%FIB-3-FIBDISABLE: Fatal error, slot 2: IPC Failure: timeout
Conditions These symptoms are observed on a 2-port channelized OC-3/STM-1 (DS1/E1) line card or a 6-port channelized T3 line card that is installed in a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)ST1.
Workaround There is no workaround.
•CSCuk36805
Symptoms Deleting a traffic engineering (TE) tunnel by entering the no interface tunnel tunnel-number command may result in memory corruption and eventually may cause a router to reload.
Conditions This symptom is observed on a Cisco 7200 series or Cisco 12000 series router that is running Cisco IOS Release 12.0(22)S or Release 12.0(22.1)S and that has TE tunnel interfaces configured.
Workaround There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(22)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(22)S. This section describes only severity 1, severity 2, and select severity 3 caveats.
These caveats are documented in the following format:
•Symptoms: A description of what is observed when the caveat occurs.
•Conditions: The conditions under which the caveat has been known to occur.
•Workaround: Solutions, if available, to counteract the caveat.
Basic System Services
•CSCdt67183
Symptoms Wrong NetFlow statistics may occur on all fast interfaces. Byte counter fields may overflow in 57 seconds at the OC12 line rate and in 15 seconds at the OC48 line rate. These counters have to be changed to 64 bit for the export of correct NetFlow statistics.
Conditions This symptom is observed on all fast interfaces.
Workaround There is no workaround.
•CSCdv27333
Symptoms Intermediate System-to-Intermediate System (IS-IS) hellos and PPP keepalives are treated like nonpriority packets and dropped by Selective Packet Dropping (SPD) in situations of congestion. In consequence, the router may loose its IS-IS adjacency or the Layer 2 connectivity, and the effect of SPD may fail.
Conditions This symptom is observed on a Cisco 7500 series router. In theory, such a situation may occur only if the router is heavily loaded at the process level or if Cisco Express Forwarding (CEF) is disabled.
Workaround Avoid using SPD if the input queue fills.
•CSCdw02017
Symptoms An EVENT-MIB set action may not work correctly.
Conditions The Simple Network Management Protocol (SNMP) read-write community string may not be set correctly. For EVENT-MIB set actions to occur correctly the SNMP read-write community string must be set in mteEventSetContextName.
Workaround Use mteEventSetContextName for specifying the community name.
•CSCdw09442
Symptoms The Route Processor Module (RPM) bootflash is corrupted and generates an invalid file header magic number. The dir command does not work. The Flash memory can be read only after a squeeze bootflash operation is performed but nothing can be copied onto the Flash memory.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround Format and copy files from the disk to recover the Flash memory.
•CSCdw39619
Symptoms An aggregate NetFlow cache may report a source mask even when the source address is not routable. The source prefix may show an incorrect mask in the aggregation cache and display a corresponding incorrect prefix.
Conditions These symptoms are observed on a Cisco 12000 series Internet router. These symptoms occur because of an inconsistency in the Cisco Express Forwarding (CEF) write default routes for the line cards and Route Processor (RP).
Workaround There is no workaround.
•CSCdw50718
Symptoms A router may reload because of a memory corruption.
Conditions This symptom is observed when a Simple Network Management Protocol (SNMP) is set to the snmp-set smonVlanIdStatsTable elem 64-bit counter. The reload happens only when this counter is set to certain values.
Workaround There is no workaround except to disable SNMP.
•CSCdx15180
Symptoms The snmp-server host global configuration command may not be accepted on a router. The snmp-server host global configuration command may also disappear from the configuration after the router is reloaded.
Conditions This symptom is observed on a Cisco 2600 router that is running Cisco IOS Release 12.2(6) or Release 12.2(7).
Workaround There is no workaround.
•CSCdx25972
Symptoms A router may reload.
Conditions This symptom is observed on a Cisco 1000 series edge services router while a configuration is being loaded from a TFTP server.
Workaround There is no workaround.
•CSCdx27891
Symptoms A router may indicate a watchdog timeout instead of a parity error.
Conditions This symptom is observed on routers that have a different memory map compared to the Cisco 7200 router. In the case reported for a Cisco 12000 series Internet router, KuSeg addresses start at 0x50000000 instead of 0x60000000, which is where they start for a Cisco 7200 router.
Workaround There is no workaround.
•CSCdx35920
Symptoms Service Assurance Agent (SAA) latency measurements may show unrealistic spikes.
Conditions This symptom is observed when Border Gateway Protocol (BGP) is running on a router.
Workaround Use the Jitter Probe, which requires the Response Time Reporter (RTR) responder to be running on the remote Cisco router.
•CSCdx47520
Symptoms Simple Network Management Protocol (SNMP) ifIndexes may be different after a switchover. This may be caused by bulk-sync of SNMP ifIndexes being broken.
Conditions This symptom is observed on a Cisco 7500, series routers, Cisco 10000 series edge services routers, and on Cisco 12000 series Internet routers.
Workaround There is no workaround.
•CSCdx54922
Symptoms A Performance Route Processor (PRP) having Border Gateway Protocol (BGP)/Interior Gateway Protocol (IGP) with Multiprotocol Label Switching Traffic Engineering (MPLS-TE) can cause exception when trying to reload the router. This leads to another reload.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S1.
Workaround There is no workaround.
•CSCdx58579
Symptoms A Performance Route Processor (PRP) may reload when a previously unformatted bootflash is being formatted.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S1.
Workaround There is no workaround.
•CSCdx71842
Symptoms Adding an extended Border Gateway Protocol (BGP) community-list statement with any illegal Regular Expression pattern into the global configuration on a router may cause the router to reload.
The following is an example of a community-list statement that may cause the router to reload:
config t
ip community-list expanded test permit (6327:[1_)Conditions This symptom is observed when running Cisco IOS Release 12.0(19.1)S3 or a later release.
Workaround Do not enter an extended BGP community-list statement that has an illegal Regular Expression pattern.
Note This symptom occurs on Cisco IOS Release 12.0(19.1)S3 and on later releases. It does not happen on Cisco IOS Release 12.0(19.1)S or on earlier releases. It is not specific to any platform.
•CSCdx94801
Symptoms When you configure a Cisco 12000 series Internet router with ATM interfaces, the secondary Route Processor (RP) reloads.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
EXEC and Configuration Parser
•CSCdw53946
Symptoms A router may reload unexpectedly.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.1.(12) and that has Network Time Protocol (NTP) configured when a configuration change is made by a user whose username has a percent (%) sign in it.
Workaround There is no workaround.
•CSCdx18190
Symptoms The configuration under the "controller" for channelized linecards reappears after removing it.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.2)S in a dual Route Processor (RP) system. If the configuration under the "controller" for channelized linecards is removed, it is not synchronized to the standby. Hence, on a switchover, the configuration reappears.
Workaround Remove the configuration followed by a switchover, and then remove the configuration again.
•CSCdx32133
Symptoms A router may reload with a bus error at address 0x500.
Conditions This symptom is observed on a Cisco 7500 router that has a Route Switch Processor (RSP4) and that is running Cisco IOS Release 12.2(9.4a).
Workaround There is no workaround.
Interfaces and Bridging
•CSCdt30389
Symptoms On a router, the PA-2CT1/PRI and PA-2CE1/PRI port adapters may cause occasional (every 5 seconds or more) packets to get delayed by 100 to 200milli-seconds (ms).
Conditions This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.1(5)T1. The symptom is not noticeable unless interpacket delay is monitored at the output ports or channels of these port adapters for a continuous stream of packets. Furthermore, this delay is observed for the PRI mode of operation.
Workaround There is no workaround.
•CSCdu78921
Symptoms A Multilayer Switch Feature Card (MSFC) may reload.
Conditions This symptom is observed after an upgrade from Cisco IOS Release 12.0(7)XE to Release 12.1(8)AE.
Workaround There is no workaround.
•CSCdu83983
Symptoms The output rate of an unspecified bit rate (UBR) virtual circuit (VC) can exceed the configured peak cell rate (PCR) of the VC.
Conditions This symptom is observed on a Cisco 7500 series router with a PA-A3-OC12 port adapter.
Workaround Configure the VC as variable bit rate nonreal-time (VBR-nrt) on the router, set peak cell rate (PCR) equal to sustainable cell rate (SCR) and leave any network provisioning of the VC as UBR.
Note The ATM service category of a VC must not match on an ATM router endpoint and on ATM network switches as long as equivalent traffic parameters are used.
•CSCdv81601
Symptoms A very high negative value may be displayed on the out counters.
Conditions This symptom is observed on a Cisco 7100 router that is running Cisco IOS Release 12.1(9E). This symptom occurs if the packets from the hold queue are dropped.
Workaround There is no workaround.
•CSCdw28119
Symptoms On a port adapter, some of the permanent virtual connections (PVCs) may not work properly. Consequently, some of the switched virtual circuits (SVCs) may not come up properly.
Conditions This symptom is observed on a PA-A1 port-adaptor on a Cisco 7500 series router that is running Cisco IOS Release 12.2(6.8)T.
Workaround Issue the shutdown interface global command to shut down the ATM interface. Wait for approximately 40 seconds, and then issue the no shutdown interface global command to enable the ATM interface.
•CSCdw32980
Symptoms The following message may appear:
%ATMPA-3-SETUPVCFAILURE: ATM10/0/0: Platform Setup_vc failed for 0/100, vcd 7
Conditions This symptom is observed on a Cisco 7500 series router with a PA-A3-OC12 port adapter.
Workaround There is no workaround.
•CSCdw60490
Symptoms A router may use Cisco Express Forwarding (CEF) to switch IP packets that enter an Inter-Switch Link (ISL) subinterface, regardless of the (interior) destination MAC address.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdw65799
Symptoms An ATM permanent virtual connection (PVC) may remain in the "INAC" state after it is configured.
Conditions This symptom is observed on a Cisco router that is running the c7200-p-mz.122-7.4.S image of Cisco IOS Release 12.2(7.4)S.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the ATM interface to restore the PVC.
•CSCdw75291
Symptoms An autoinstall feature may not function properly.
Conditions This symptom is observed when a Cisco 7204VXR router is autoinstalled with a T3 connection.
Workaround There is no workaround.
•CSCdw93032
Symptoms The s1s0 flag that is configured on Packet-over-SONET(POS) interfaces automatically may reset to 0 after a reload.
Conditions This symptom is observed on a Cisco 7200 or a Cisco 7500 series router that is running Cisco IOS Release 12.1(9)E.
Workaround There is no workaround.
•CSCdx45485
Symptoms A router may pause indefinitely when the Inter-Switch Link (ISL) encapsulation is unconfigured from a subinterface.
Conditions This symptom is observed on a Cisco 7200 series router that is running Cisco IOS Release 12.0(21.3)S.
Workaround Use the dot1Q encapsulation instead.
•CSCdx49370
Symptoms On configuring weighted fair queueing (WFQ) on a serial interface, the link starts flapping.
Conditions This symptom is observed on a Cisco 7500 series router.
Workaround Perform a microcode reload.
•CSCdx49398
Symptoms A router may reload.
Conditions This symptom is observed on a Cisco 7500 series router when Cisco IOS Release 12.0(21.3)S is being loaded.
Workaround There is no workaround.
•CSCdx65955
Symptoms When the last VLAN is removed on an interface, the interface maximum transmission unit (MTU) may be set to less than the default value of 1524.
Conditions This symptom is observed only on Fast Ethernet and Gigabit Ethernet interfaces.
Workaround There is no workaround.
•CSCdx87965
Symptoms A router that is configured with a multichannel port adapter reloads because of a bus error exception.
Conditions This symptom is observed when link flaps occur or interfaces are reset on a router that is configured with PA-MC-T1, PA-MC-E1, PA-MC-E3, or PA-MCX port adapters.
Workaround There is no workaround.
•CSCin06773
Symptoms A router reloads immediately after configuring the card type for PA-MC-8TE1+ port adapter.
Conditions This symptom is observed on a Cisco 75xx router. This symptom occurs if the online insertion and removal (OIR) of the Versatile Interface Processor (VIP) that has the PA-MC-8TE1+ port adapter is performed before configuring the card type.
Workaround There is no workaround.
IP Routing Protocols
•CSCds57882
Symptoms In a full mesh of route reflectors, one or two of the route reflectors may have a Border Gateway Protocol (BGP) table with multiple entries for the same route (there should be only one) with multiple tags. Clients of the route reflector still receive the correct BGP information. Virtual Private Network (VPN) routing/forwarding instance (VRF) interfaces on the route reflector may get an incorrect tag.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround Clear the BGP session. Clearing the route fixes the tag situation, but not the BGP table.
•CSCdu08686
Symptoms A router may generate router link states but may fail to generate network link states for a connected network. The Open Shortest Path First (OSPF) neighbors may come up correctly on all the routers in the network.
Conditions This symptom is observed on a Cisco 7206VXR router that is running the OSPF Protocol and acting as a designated router (DR).
Workaround Set the priority on the interface to 0 so that the router is not the DR for that link.
•CSCdu43164
Symptoms A router may experience a memory leak.
Conditions This symptom is observed on a Cisco 7206VXR Provider Edge (PE) router that is running Cisco IOS Release 12.1(5a) in a Multiprotocol Label Switching (MPLS)/Virtual Private Network (VPN) network. The memory leak is caused by the Border Gateway Protocol (BGP) I/O process and occurs at the rate of 100 KB to 130 KB per hour (about 2.5 MB to 3 MB per day) after the show mem sum | incl BGP privileged EXEC command is entered. This situation occurs regardless of whether the BGP neighbor is flapping.
The following is command output from the show proc mem | incl BGP privileged EXEC command:
PID TTY Allocated Freed Holding Getbufs Retbufs Process ... 104 0 3522569548 2139398320 21965976 297916 5184 BGP I/O
...
The show mem sum | incl BGP privileged EXEC command shows that function "BGP (1) update" allocates memory without deallocating it again after the job is completed.
Router# show mem sum | incl BGP
Alloc PC Size Blocks Bytes What ... 0x607C42E0 65496 333 21810168 BGP (1) update ....
Workaround Reload the provider edge (PE) router.
•CSCdv89098
Symptoms A Border Gateway Protocol (BGP) session may time out, and the router may display the following message:
%BGP-3-NOTIFICATION: received from neighbor x.x.x.x x/x (hold time expired) 0 bytes
Conditions This symptom is observed on a Cisco router that is running Multiprotocol Label Switching (MPLS) on an outbound interface that is connected to the MPLS network core and occurs when a Border Gateway Protocol (BGP) session with a maximum segment size (MSS) which is computed from the maximum transmission unit (MTU) of the router's next-hop interface has been established and the IP Transmission Control Protocol (TCP) path-mtu-discovery command has been issued.
Workaround Adjust the IP MTU on one of the BGP routers using the ip mtu value command.
For example, to enforce a BGP session with a TCP MSS of 4426 bytes, issue the following command:
Router(config-if)# ip mtu 4466
The MTU and the shim header add up in the following way: an MSS of 4426 bytes plus a 40-byte TCP/IP header plus a 4-byte shim header equals 4470 (Packet-over-SONET [POS] link).
•CSCdw15323
Symptoms The output of the show ip rsvp reservation EXEC command displays interface names that are truncated to five digits. This behavior may also occur with the following show commands:
show ip rsvp request
show ip rsvp sender
show ip rsvp host receivers
show ip rsvp host senders
show ip rsvp temp-psb
show ip rsvp temp-rsb
Conditions This symptom is observed on a Cisco 7500 series router. This condition prevents port numbers, such as those on Versatile Interface Processor (VIP) cards, from being displayed fully. This condition occurs when the router is configured with the Resource Reservation Protocol (RSVP) using the ip rsvp bandwidth interface configuration command while there is at least one ongoing RSVP session.
Workaround There is no workaround.
•CSCdw35031
Symptoms A buffer leak may occur in the small pool.
Conditions This symptom is observed when the Internet Group Management Protocol (IGMP) is configured on a multilayer switch feature card.
Workaround There is no workaround.
•CSCdw35985
Symptoms The Enhanced Interior Gateway Routing Protocol (EIGRP) may cause an unexpected system reload at the igrp2_bandwidth_changed process.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdw36746
Symptoms A router may reload because of a bus error at an invalid address.
Conditions This symptom is observed on a Cisco 12000 series Internet router when Open Shortest Path First (OSPF) is enabled and if the same interarea prefix is advertised from multiple areas and is more than the path argument of the maximum-path path router configuration command that exists in the interarea prefix.
Workaround There is no workaround.
•CSCdw47116
Symptoms A router may reboot because of a memory allocation (MALLOC) error in the Border Gateway Protocol (BGP) router process.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdw62875
Symptoms Routes may not exist in the tag forwarding table.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20.3)ST on routes that exist in the Cisco Express Forwarding (CEF) table and in the route table.
Workaround Reload the router.
•CSCdw64457
Symptoms A router may issue a spurious access in rsvp_update_explicit_route.
Conditions This symptom is observed on a Cisco IOS router that is running Cisco IOS Release 12.0 ST and Release 12.0 S with Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnels and the Resource Reservation Protocol (RSVP) but only when memory allocation failures are occurring on the router.
Workaround There is no workaround.
•CSCdw83512
Symptoms A system may reload.
Conditions This symptom is observed when a write terminal EXEC command is issued.
Workaround There is no workaround.
•CSCdw83531
Symptoms Border Gateway Protocol (BGP) updates may be corrupted. The following message may be displayed when this symptom occurs:
BGP-6-NEXTHOP: Invalid next hop (0.0.0.0) received from x.x.x.x: martian next hop BGP(0): x.x.x.x rcv UPDATE w/ attr: nexthop 0.0.0.0, origin ?, metric 0, originator 0.0.0.0, path YYYY, community, extended community 20.1.1.0/24 -- DENIED due to: martian NEXTHOP;
Conditions This symptom is observed on a customer edge (CE) router when BGP updates are sent from a provider edge (PE) router to the CE router if peer groups are specified using the address-family ipv4 vrf vrf-name router configuration command. BGP routes may be lost on the CE router even though the BGP neighbors remain up.
Workaround Remove the peer group configuration from the address-family ipv4 vrf vrf-name router configuration command.
•CSCdx03185
Symptoms A router may reload when it is searching the Resource Reservation Protocol (RSVP) database.
Conditions This symptom is observed on a Cisco router that is running in the Route Processor Redundancy Plus (RPR+) or the Stateful Switchover (SSO) mode. The router reloads when a tunnel is up and when Multiprotocol Label Switching-traffic engineering (MPLS-TE), Cisco Express Forwarding (CEF), and IP routing are unconfigured using the following sequence of commands:
no tag advertise-tags
no mpls ip
no mpls label protocol ldp
no ip routing
no ip cef
no mpls traffic-eng tunnels
Workaround Issue the no mpls traffic-eng tunnels router configuration command to shut down all tunnels before issuing the no ip routing global configuration command.
•CSCdx06621
Symptoms A router may reload with a bus error while the Shortest Path First (SPF) algorithm is computed.
Conditions This symptom is observed if multiple routers are advertising the same prefix in Type-5 or Type-7 link-state advertisements (LSAs).
Workaround There is no workaround.
•CSCdx07305
Symptoms Enhanced Interior Gateway Routing Protocol (EIGRP) can log a spurious access.
Conditions This symptom is observed under unusual circumstances when removing or changing network statements.
Workaround There is no workaround.
•CSCdx07527
Symptoms Border Gateway Protocol (BGP) peergroup statements are ignored.
Conditions This symptom is observed on BGP peergroup statements with multicast network layer reachability information (NLRI) only after a reload.
Workaround Reconfigure the router while it is running.
•CSCdx17459
Symptoms A software-forced reload may occur on a router.
Conditions This symptom is observed on a Cisco 12008 router that has a Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel that is configured with an absolute metric when the tunnel is used with the Open Shortest Path First (OSPF) protocol. A watchdog timer event may be triggered, and the router may reload after the shutdown interface configuration command followed by the no shutdown interface configuration command is issued on the tunnel interface.
Workaround There is no workaround.
•CSCdx17597
Symptoms A Multilayer Switch Feature Card (MSFC) and Supervisor Engine may reload during an attempt to format a withdrawn routes message ("MP_UNREACH") for that address family.
Conditions These symptoms are observed on an MSFC and Supervisor Engine that function in a multiprotocol Border Gateway Protocol (MP-BGP) environment with an address family other than the IPv4 unicast address family (such as the IPv4 multicast address family) and with a large number of prefixes in the corresponding BGP table.
Workaround Remove the address family other than the IPv4 unicast address family.
•CSCdx19804
Symptoms The neighbor x.x.x.x translate-update router configuration command may break. Also, this command may not appear under the address-family ipv4 multicast family address submode command.
Conditions This symptom is observed after the merge of the Cisco IOS Release 12.0 S and Release 12.0 ST.
Workaround There is no workaround.
•CSCdx25551
Symptoms A software-forced reload may occur on a router.
Conditions This symptom is observed on a Cisco router if an interface is shut down from another terminal while output from the show ip pim neighbor EXEC command is displayed.
Workaround There is no workaround.
•CSCdx25807
Symptoms The redistribute static route-map router configuration command may not work correctly if it is issued under a multicast address family.
Conditions This symptom occurs only if a static route is redistributed into IP version 4 (IPv4) unicast through the network statement and if the static routes are redistributed into multicast using a redistribute statement.
Workaround Issue the redistribute static route-map router configuration command to redistribute the static routes for IPv4 unicast.
•CSCdx32947
Symptoms When the ip pim rp-address ip-address [group-access-list] [override] [bidir] global configuration command is configured, a conflict that is learned from an Auto Rendezvous Point (Auto-RP) announcement is still used even if the override keyword is specified.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.2 S. The router still accepts information from the Auto-RP when this symptom occurs. This symptom does not occur if routers do not have conflicting information.
Workaround There is no workaround.
•CSCdx38760
Symptoms A router may reload at the chunk_lock() point.
Conditions This symptom is observed on a Cisco 7500 router that is running Cisco IOS Release 12.2(10.1)S.
Workaround There is no workaround.
•CSCdx42726
Symptoms A router may reload, and pings may not pass through.
Conditions This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(22)S during Address Resolution Protocol (ARP) processing routines.
Workaround There is no workaround.
•CSCdx46554
Symptoms A route map that has the match nlri unicast multicast command is broken into two route maps, one with the original route-map tag and the other with "_mcast" extended.
Conditions This symptom is observed on a Cisco router when an old route map format is changed to the new route map format and if a named community list or an extended community list is configured.
This translation can be automatically done or user-initiated if the bgp upgrade-cli router configuration command is available.
If a startup configuration has a route map that contains the match community community name route-map configuration command or the match extcommunity extended community-list number route-map configuration command, the router may reload if the write terminal privileged EXEC command, the show running-config privileged EXEC command, or the show route-map privileged EXEC command is issued after the original route map is deleted.
Workaround Delete the match nlri unicast multicast route-map configuration command from the startup-config file or avoid deleting the original route map after the system is loaded.
Alternate Workaround Do not issue the bgp upgrade-cli router configuration command.
•CSCdx49181
Symptoms When an additional new area is added to the provider edge (PE), all the type 3 link-state advertisements (LSAs) learned from other PEs via Border Gateway Protocol (BGP) do not get redistributed into this new area.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround Issue the clear ip ospf redistribution command.
•CSCdx49744
Symptoms A link-state advertisement (LSA) may not get flushed from the database.
Conditions This symptom is observed when an LSA is changed from type 3 to type 5.
Workaround Issue the clear ip ospf x process command.
•CSCdx53795
Symptoms If a peer advertises a replacement path (with the same MED as in the original path), the new path will be inserted in the original path's position. In other words, the replacement path may not be grouped with paths from the same autonomous system number (ASN) (as deterministic-med should). The ordering may result in incorrect routing, including routing loops.
Conditions This symptom is observed on a Border Gateway Protocol (BGP) router using deterministic-med.
Workaround There is no workaround. However, once the router is in the incorrect state, the situation can be corrected by disabling deterministic-med and then reenabling it.
•CSCdx69165
Symptoms When a provider edge (PE) router must advertise a large number of Virtual Private Network version 4 (VPNv4) prefixes to another PE router, the initial convergence time may be very long (more than 20 minutes), or convergence may never occur. One result of this defect is that the number of Border Gateway Protocol (BGP) messages used to propagate the VPNv4 prefixes may be greater than the number of prefixes.
Conditions This symptom is observed on Cisco IOS Release 12.0(21.3)S.
Workaround There is no workaround.
•CSCdx69995
Symptoms If Border Gateway Protocol (BGP) has more than a few hundred Virtual Private Network version 4 (VPNv4) prefixes to advertise, you may see the following message:
%BGP-3-INSUFCHUNKS: Insufficient chunk pools for message, requested size 4204
BGP may not be able to advertise the VPNv4 routes.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdx70216
Symptoms When a link-state advertisement (LSA) with an incontiguous mask is sent to a router, the router may reload. Also, a Multilayer Switch Feature Card 2 (MSFC 2) may reload with a bus error in the not so stubby area (NSSA) part of the Open Shortest Path First (OSPF) code.
Conditions This symptom is observed on any Cisco router that is running a Cisco IOS software release.
Workaround Do not send address LSAs with illegal masks, that is masks that are not contiguous, to a router
•CSCdx73662
Symptoms A router may reload because of a bus error after the show ip sdr EXEC command is entered.
Conditions This symptom is observed on a Cisco 7513 router that is running either Cisco IOS Release 12.0(21.1)S2 or Release 12.0(21.3)S1. This symptom occurs because an invalid Source-Active (SA) message is received without the name.
Workaround There is no workaround.
•CSCdx74764
Symptoms A Performance Route Processor (PRP) can cause exception when trying to reload the router.
Conditions This symptom is observed on a PRP that is running Cisco IOS Release 12.0(21)3S and that has BGP/Interior Gateway Protocol (IGP) with Multiprotocol Label Switching-traffic engineering (MPLS-TE).
Workaround There is no workaround.
•CSCdx75987
Symptoms Tracebacks may be seen.
Conditions This symptom is observed when using the offset list router configuration command in Enhanced Interior Gateway Protocol (EIGRP) and when removing a summary address from an interface with a Virtual Private Network (VPN) routing/forwarding (VRF) defined.
Workaround There is no workaround.
•CSCdx83393
Symptoms A Cisco router may reload.
Conditions This symptom is observed when sham-link is configured.
Workaround There is no workaround.
•CSCdx84465
Symptoms A Fast Reroute (FRR) Merge Point router may reload.
Conditions This symptom is observed if the input I/F for the label switched path (LSP) goes down and there is no chance that the LSP could have been fast- rerouted at the previous hop (PHOP) or at the previous- previous hop (P-PHOP).
Workaround There is no workaround.
•CSCdx87316
Symptoms A downstream multicast router may have a group in the mroute table, yet the upstream multicast router may not show the downstream multicast router in the outgoing interface list.
Conditions This symptom is observed only in rare circumstances.
Workaround Issue the clear ip mroute group EXEC command.
•CSCdx89413
Symptoms Subnets in the /31 range may not be accepted.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.
Workaround There is no workaround.
ISO CLNS
•CSCdw29177
Symptoms Both the parallel routes may be deleted by Intermediate System-to-Intermediate System (IS-IS) when just one of them is shut down.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(20.3)ST when two routers are connected using ATM (tc-atm) parallel links, for example, a1/0.1 and a1/0.2, and the routing protocol is IS-IS. If you shut down a1/0.2, IS-IS deletes both the routes from the routing table even though a1/0.1 is still active.
Workaround Issue the shutdown interface configuration command followed by the no shutdown interface configuration command on the ATM link (a1/0.1).
•CSCdx02446
Symptoms An incorrect load-balancing algorithm may occur after the bandwidth of one of the tunnels is changed.
Conditions This symptom is observed when multiple Multiprotocol Label Switching (MPLS) traffic engineering tunnels are peered to the same destination.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the tunnel in which the bandwidth change occurred.
Miscellaneous
•CSCdm25278
Symptoms Multichannel T1/E1 port adapters may show the Layer 1 status in the ACTIVE state in the show isdn status [output] EXEC command even after the D channel is shut down.
Conditions This symptom is observed in Cisco IOS Release 12.0 and Release 12.1.
Workaround Shut down the T1 or the E1 controller.
•CSCdr39591
Symptoms Opening the port configuration shows all fields as "N/A" or as having incorrect values. Also, port Monitor Interface charts do not get updated and do show errors in the status bar.
Conditions These symptoms are observed in CiscoView on a MultiChannel DS3 port adapter in the WS-X6182-PA module.
Workaround There is no workaround.
•CSCds49256
Symptoms The Advanced Technology Attachment (ATA)-disk file system may become corrupted.
Conditions This symptom is observed if a write operation is interrupted. There are various reasons for the interruption including loss of power, a software reload, and removal of the ATA-disk card during a write.
Workaround There is no workaround.
•CSCdt41343
Symptoms A Cisco router may reload.
Conditions This symptom is observed when the configuration of the router is directly written from TFTP to NVRAM or from Cisco IOS Release 12.0 and, in both cases, when a syslog server and syslog source interface have been defined before the source interface has been parsed.
Workaround Place the syslog server and syslog source interface configurations after the source interface itself. To do this, you have to edit the configuration offline, copy it to NVRAM, and then reboot.
•CSCdt70041
Symptom 1 A Cisco Ethernet over Multiprotocol Label Switching (EoMPLS) implementation will free and advertise new virtual circuit (VC) labels in response to a Label Distribution Protocol (LDP) label mapping request.
Condition 1 This symptom is observed when the Cisco EoMPLS is implemented. The impact of this symptom has caused undesirable interoperability with other vendors' EoMPLS implementations.
Symptom 2 MPLS label space may become exhausted because of the slow leaking of EoMPLS VC labels.
Condition 2 During a label readvertisement in response to an LDP label mapping request, in some rare instances, a previously allocated label may not be properly freed. This symptom is observed in the Cisco EoMPLS implementation in Cisco IOS Release 12.1E and Release 12.0(22)S.
EoMPLS was modified to readvertise the same label in response to a label mapping request and properly free unused VC labels.
Workaround There is no workaround except to reboot the router.
•CSCdu33067
Symptoms A Gigabit Ethernet interface may reset.
Conditions This symptom is observed on a Cisco 7200 series router when a large number of subinterfaces are added to the Gigabit Ethernet using a vendor-specific Virtual Private Network (VPN) configuration product or a script.
Workaround Add fewer subinterfaces at each attempt.
•CSCdu37284
Symptoms Previous or initial ping requests may disappear from a router.
Conditions This symptom is observed on a Cisco 2600 router when ping requests are sent consecutively; that is, when a second ping request is created immediately after an initial ping (using the same serial number as the initial ping request).
Workaround There is no workaround.
•CSCdv48025
Symptoms A fast cache entry may get built when inbound NetFlow is configured on top of Cisco Express Forwarding (CEF) on an Ethernet interface.
Conditions This symptom is observed on a Cisco Route Switch Processor (RSP) that is running Cisco IOS Release 12.2 or Release 12.2 T with an Ethernet to Fast Ethernet channel combination topology.
Workaround There is no workaround.
•CSCdv49325
Symptoms A Versatile Interface Processor (VIP) may reload with a stack trace to location vip_feature_tagswitch().
Conditions This symptom is observed on a Cisco 7500 router if you toggle Multiprotocol Label Switching (MPLS).
Workaround Do not toggle MPLS.
•CSCdv54509
Symptoms The following message may be displayed:
SYS-3-INVMEMINT: Invalid memory action (malloc) at interrupt level
Conditions This symptom is observed when an X.75 call is made on either an E1 or a PRI interface. This symptom has no user impact.
Workaround There is no workaround.
•CSCdv58146
Symptoms A packet may become corrupted.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19.6)ST6 with a two-tagged packet that has an Explicit Null Tag on top and a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) tag at the bottom.
Workaround There is no workaround.
•CSCdv67822
Symptoms Packets that are traveling through a tunnel that is protected using Fast Reroute (FRR) may be lost while the tunnel recovers from a link failure.
Conditions This symptom is observed in Cisco IOS software that is running Multiprotocol Label Switching (MPLS) Traffic Engineering (TE).
Workaround There is no workaround.
•CSCdv78596
Symptoms Outgoing packets may drop from a cable interface.
Conditions This symptom is observed on a Cisco uBR7200 series router that is running Cisco IOS Release 12.1(9)EC and that has Cisco Express Forwarding (CEF) enabled.
Workaround Disable and then reenable CEF.
•CSCdv80428
Symptoms A Cisco router may pause indefinitely.
Conditions This symptom is observed when a virtual circuit (VC) class is attached to an interface that has a large number of VCs configured. When the router pauses indefinitely and if the adjacent interface and the local interface are shut down, the show interface atm EXEC command will indicate a negative number. After this error occurs, no more VCs can be created. To recover from this error, a user has to reboot the router.
Workaround To prevent this condition from occurring, do not shut down the adjacent interface in the middle of a VC class configuration.
•CSCdv84259
Symptoms A non-Versatile Interface Processor (VIP) card interface may come up with the ip route-cache distributed command enabled by default, causing some features to fail.
Conditions This symptom is observed on a Cisco 7500 series router when the ip cef distributed command is globally enabled.
Workaround Configure the no ip route-cache distributed interface configuration command on non-VIP card interfaces.
•CSCdv85794
Symptoms The SONET framer on the line card may not switch to the "internal" clock, causing the SONET framer to be unable to transmit valid SONET frames.
Conditions This symptom is observed if the clock in the SONET controller on a CHOC-12 line card that is installed in a Cisco 10000 series edge services router is configured as "line" and Loss of Signal (LOS) is detected.
Workaround Enter the clock source internal command manually to configure the clock in the SONET controller as "internal".
•CSCdv86798
Symptoms The state of a secondary controller may not get updated after resetting both the primary and the secondary line cards. The traffic flow is not affected.
Conditions This symptom is observed on a Cisco 10000 series edge services router that is configured with a Performance Routing Engine (PRE)—as opposed to a PRE-1, to which this caveat does not apply—and that has Automatic Protection System (APS) enabled on 4-port STM-1 line cards.
Workaround On each port of each STM-1 line card, enter the aps force SONET slot#/subslot#/port# from working interface configuration command, which will force the APS signal state of the controller to be updated.
•CSCdv86945
Symptoms An E1 controller may display inaccurate statistics after the show controllers [e1 | t1] EXEC command is issued. The following command output shows that the elapsed seconds and the unavailable counters do not advance:
Timestamp - 00:00 E1 3/4 is up. Applique type is Channelized E1 - balanced Framing is UNFRAMED, Line Code is HDB3, Clock Source is Line. 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 270 Unavail Secs 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 86400 Unavail Secs
Timestamp - 01:50 E1 3/4 is up. Applique type is Channelized E1 - balanced Framing is UNFRAMED, Line Code is HDB3, Clock Source is Line. 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 270 Unavail Secs 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 86400 Unavail Secs
Conditions This symptom is observed when an E1 controller is configured for unframed operations using the controller {t1 | e1} slot/port channel-group 0 unframed global configuration command. The counters are correct when the controller is configured for a Frame Relay operation (CRC-4 or No-CRC4).
Workaround There is no workaround.
•CSCdw00005
Symptoms Certain interfaces that are configured on a T1 line may stop passing traffic.
Conditions This symptom is observed when a channelized port adapter (CT3) is used and if framing is reconfigured with the t1 1 framing esf privileged EXEC command. This condition occurs only if the t1 1 framing esf privileged EXEC command is issued after channel groups are already configured on the T1 line and while the channel groups are passing traffic. The framing needs to be set only for the T1 line when the first channel group is configured and does not need to be reentered when a new channel group is added.
Workaround Issue the t1 1 framing esf privileged EXEC command only when the first interface on a T1 line is configured.
•CSCdw00011
Symptoms All interfaces may stop passing traffic if T1 frames are received on one of the groups that has voice signaling enabled.
Conditions This symptom is observed when a channelized T3 port adapter (CT3) that is configured with multiple channel groups is used.
Workaround Shut down the interface that corresponds to the channel group that is receiving the invalid frame. If any of the other interfaces continues to flap after the interface that is receiving the invalid frame is shut down, the interface has to be reconfigured.
•CSCdw09409
Symptoms A router may become totally inoperable and no longer forward traffic or respond to console commands. Restoring the affected router to normal operation requires either a manual power cycling or a break-in and soft reset using the console break sequence.
Also, the router may reload because of a software-forced reload. This occurs because the router goes into an infinite look, and the watchdog timer starts and reloads the router.
Conditions These symptoms are observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(17)S, Release 12.0(18)S, Release 12.0(19)S, or a rebuilt release that is based on one of these three releases and that is configured with one or more 3-port Gigabit Ethernet line cards.
This situation is caused by a very rare event in the Address Resolution Protocol (ARP) code that may cause data structure corruption, which results in system instability. Because of the rare nature of this event, the affected router may experience intermittent indefinite pauses at intervals of hours up to several months.
Workaround There is no workaround.
Note This caveat does not apply to a router that is configured with one or more single-port Gigabit Ethernet line cards.
•CSCdw09633
Symptoms A disposition line card (POS-OC-48) may generate ToFab Buffer Management application-specific integrated circuit (ASIC) (BMA) errors and physical layer interface module (PLIM) errors, and eventually reload.
Conditions This symptom is observed when an output access control list (OACL) on an imposition line card (3x Gigabit Ethernet) that is running the Ethernet over Multiprotocol Label Switching (EoMPLS) bundle is configured.
Workaround Do not configure an OACL while the EoMPLS bundle is running on the imposition line card. Note that OACL is not supported with the EoMPLS bundle and that the OACL bundle has a lower priority than the EoMPLS bundle. Unload the EoMPLS bundle before configuring OACLs for the OACL bundle.
•CSCdw10010
Symptoms A router may not forward multicast traffic over a PA-2FE port channel in a distributed path.
Conditions This symptom is observed on a Cisco 7504 router that is running Cisco IOS Release 12.2(6.3)T. The multicast traffic is switched in the fast-switching path only. DDTS CSCds38187 has fixed the problem for 1-port FE-PA.
Workaround There is no workaround.
•CSCdw11263
Symptoms When reloaded with bidirectional traffic ON, a router configured as Layer 2 Tunneling Protocol (L2TP) Network Server (LNS) may reload at dec21140_rx_interrupt. The symptom does not surface after a successful bootup of the router or during normal operation of the router.
Conditions This symptom is observed on a Cisco 7200 router.
Workaround Reload the router with LOW/NO traffic.
•CSCdw18116
Symptoms An output stuck condition may occur on a multichannel port adapter such as a PA-MC-T1 or a PA-MC-E1.
Conditions This symptom is observed under stress conditions when the port adapter is configured to operate in the PRI mode.
Workaround There is no workaround.
•CSCdw22985
Symptoms Forwarding performance (in packets per second) of Engine 0 and Engine 1 Cisco 12000 series Internet router line cards is lower in Cisco IOS Release 12.0(20.3)ST and in Release 12.0(20.3)S than in Release 12.0(18)ST or in Release 12.0(18)S.
Conditions This symptom is observed when any input feature is enabled on these line cards or any output feature is enabled on any line card in the router. One can also observe that the sampled NetFlow performance of the Engine 2 Cisco 12000 series Internet router line cards becomes degraded in terms of 1:N.
Workaround There is no work around.
•CSCdw24515
Symptoms A line card may reload.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20.3)ST when the same access control list (ACL) is applied to two or more main interfaces followed by any ACL being applied to a sub-interface on one or more of the same main interfaces.
Workaround There is no workaround.
•CSCdw24762
Symptoms An Engine 4 Plus 4-port OC-48 line card may reload.
Conditions This symptom is observed if the hw-module slot slot-number shutdown privileged EXEC command is used to perform an online insertion and removal (OIR) of the primary Clock and Scheduler Card (CSC) of a Cisco 12000 series Internet router during active traffic.
Workaround There is no workaround.
•CSCdw24905
Symptoms The following error message and traceback may occur:
%DMLPGRP-4-NOTCX3LINK: cannot remove the link because it is not CX3 -Traceback= 50312618 505E4400 505E7258 501BB5CC 501BB5B
Conditions This symptom is observed on a Cisco 12000 series Internet router if Multilink PPP (MLPPP) is configured on a 6-port channelized T3 line card and an online insertion and removal (OIR) of the line card is performed.
Workaround There is no workaround.
•CSCdw25047
Symptoms A memory leak may occur on a router.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.1(8). The symptom occurs at the "logger" process. Also, when the show process cpu EXEC command is issued, there is increased utilization in the "tty background" process.
Workaround Disable "logging synchronous" under the vty, aux, and console ports as in the following example:
line con 0 no logging synchronous
•CSCdw26306
Symptoms If the write memory EXEC command is issued simultaneously with the show config privileged EXEC command or the show running-config EXEC command via two individual Telnet sessions by two different users, output similar to the following may be displayed:
bGc nx ^@^@^@^A^A^A^@^@^A^@^@^E^@^@^@^@^@^@^@^@^@^@^^@^@^@^@^@^@^@^A^@^@^@^@^@^@^@^@^ @^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^
Conditions This symptom is observed on a Cisco 7500 router that is running Cisco IOS Release 12.1(10)E.
Workaround There is no workaround.
•CSCdw27936
Symptoms A ping may not go through across ATM adaptation layer 5 (AAL5) Subnetwork Access Protocol (SNAP) encapsulated interfaces.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.2(6.8)T.
Workaround There is no workaround
•CSCdw29751
Symptoms The Format slot0 EXEC command gives an error message while formatting 32 MB/48 MB/64 MB Personal Computer Memory Card International Association (PCMCIA) Linear flash cards.
Conditions This symptom is observed on a all platforms.
Workaround Use a PCMCIA flash card that has a capacity of less than 32 MB.
•CSCdw29949
Symptoms A router may stop forwarding traffic.
Conditions This symptom is observed when tag-to-tag load balancing is enabled on a Cisco 12000 series Internet router with an Engine 4 line card that is serving as an ingress line card.
Workaround Enter the clear ip route * EXEC command.
•CSCdw30320
Symptoms A forwarding table may not be populated with the complete Layer 2 outgoing information, and packet loss may occur.
Conditions This symptom is observed on a Cisco 12000 series Internet router or a Cisco 10000 series edge services router in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) and Gigabit Ethernet environment.
Workaround Enter the clear ip route EXEC command for the affected prefix.
•CSCdw30397
Symptoms An OC48/SRP line card may fail because of an egress access control list (ACL) on an Engine 2 line card that is installed in a router.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0 (21)S.
Workaround There is no workaround.
•CSCdw31238
Symptoms A Secure Shell (SSH) client may fail to connect to a router if the router is reloaded with hardware encryption disabled.
Conditions This symptom is observed on a Cisco 1710 router that has a Virtual Private Network (VPN) hardware encryption module and that has hardware encryption enabled. The SSH client cannot connect to the router after hardware encryption is disabled by issuing the no crypto engine accelerator global configuration command after the changes are saved into NVRAM and the Cisco 1710 router is reloaded. This symptom occurs only if the no crypto engine accelerator global configuration command is issued on the router while a hardware encryption module is enabled.
Workaround To prevent this symptom from occurring, do not disable hardware encryption on the router using the no crypto engine accelerator global configuration command while the hardware encryption module is installed on the router.
•CSCdw32302
Symptoms A router bitswaps the source MAC address from the client before putting the source MAC address into ring number, and the connection may fail.
Conditions This symptom is observed in a setup in which Internetwork Packet Exchange (IPX) traffic is passed between a client and a server on different token rings and if the token rings are put in a bridge group on a Cisco router that is performing integrated routing and bridging (IRB). The connection comes up normally if both the client and the server are on the same ring and when none of the configurations on the devices is changed. This situation occurs only with MAC-level multicast or broadcast traffic (such as Routing Information Protocol [RIP] traffic).
Workaround There is no workaround.
•CSCdw36599
Symptoms Packet switch ASIC (PSA) tracebacks may get stuck in the pipeline on a provider edge (PE) router, and traffic may be interrupted.
Conditions This symptom is observed a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20.3)ST1 and that is configured with an Engine 2 Packet-over-SONET line card in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) routing/forwarding (VRF) environment. The symptom occurs if you change the configuration from a Frame Relay subinterface-based VRF to a High-Level Data Link Control (HDLC)-based VRF.
Workaround Enter the hw-module slot shelf-id/slot-number privileged EXEC command on the Engine 2 line card. Traffic will resume after the line card has reloaded.
•CSCdw37661
Symptoms The following error message may be displayed:
SLOT 6:00:01:52: %EE48-5-TM_PROC: TCAM Mgr Add Table not free(40), Alpha:RX Lbl:6148 Appl:3 fail: 40
Conditions This symptom is observed when the Modular quality of service (QoS) Command Line Interface ([CLI] MQC) is used to apply the same committed access rate (CAR) rule to two different interfaces, and then the CAR rule is unconfigured and reconfigured on both interfaces.
Workaround Copy the new configuration from the TFTP server instead of entering the configuration manually.
•CSCdw37768
Symptoms A router may still display messages that are associated with a removed line card even after the line card has been removed from the slot.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(18)S.
Workaround There is no workaround.
•CSCdw39055
Symptoms During development testing it was found that the virtual circuit (VC) was brought up even though the Ethernet line protocol was down.
Conditions This symptom was observed on a Cisco 10700 series edge services router that was running Cisco IOS Release 12.0(21.2)S. It may also occur on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdw39391
Symptoms A router may drop all data packets that are exported through the interface Ethernet 0.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S.
Workaround Configure the route-cache cef interface configuration command on the interface Ethernet 0.
•CSCdw42422
Symptoms All of the incoming packets may be punted to the line card CPU. This situation may cause most of the traffic to be dropped because of the limited processing capability of the line card CPU.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20.3)ST2. The symptom occurs in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment, if the ingress line card of a provider router is an Engine 4 Plus (E4+) line card.
Workaround There is no workaround.
•CSCdw42569
Symptoms A Cisco 12000 series Internet router reloads with the following message in its boot Flash memory:
UTC: %SYS-3-BADBLOCK: Bad block pointer 63E980C0
UTC: %SYS-6-MTRACE: mallocfree: addr, pc
UTC: %SYS-6-MTRACE: mallocfree: addr, pc
UTC: %SYS-6-BLKINFO: Corrupted next pointer blk 63E980C0, words 18, alloc 60403DF4, Free, deal loc D0D0D0D, rfcnt 0Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdw43099
Symptoms Sample NetFlow does not function.
Conditions This symptom is observed when Frame Relay policing and Sample NetFlow are configured together on a router.
Workaround There is no workaround.
•CSCdw44770
Symptoms A router reloads when you disable the ip mobile arp command.
Conditions This symptom is observed on a router that has the ip mobile arp command enabled and that has Open Shortest Path First (OSPF) and various static routes configured.
Workaround There is no workaround.
•CSCdw46156
Symptoms An interface of an Engine 4 Plus (E4+) line card stops receiving Intermediate System-to-Intermediate System (IS-IS) updates.
Conditions This symptom is observed in Cisco IOS Release 12.0(20.3)ST when you configure a maximum transmission unit (MTU) size that is smaller than 4558 on both sides of the link and after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface of the E4+ line card.
Workaround Reload microcode onto the line card.
Alternate Workaround Change the size of the MTU in the interface to any other value than 4558.
•CSCdw46736
Symptoms Multiprotocol Label Switching (MPLS) imposes incorrect tags and therefore routes traffic incorrectly or other problems may occur.
Conditions This symptom is observed on a Cisco 10000 series edge services router if you attempt to enable the ip cef accounting per-prefix non-recursive global configuration command. Note that the ip cef accounting global configuration command is not supported on a Cisco 10000 series edge services router and should therefore not be configured on that router.
Workaround Do not configure Cisco Express Forwarding (CEF) commands.
•CSCdw47291
Symptoms All traffic, including Open Shortest Path First (OSPF) adjacencies, is dropped from an egress interface of an Engine 3 Packet-over-SONET (POS) line card.
Conditions This symptom is observed when you change the maximum transmission unit (MTU) size on the ingress interface and a buffer carving error occurs on the egress interface of the same Engine 3 POS line card. Changing the MTU size to the default value does not resolve the situation.
Workaround On each egress interface of the Engine 3 POS line card, enter the shutdown interface configuration command followed by the no shutdown interface configuration command.
•CSCdw47388
Symptoms An output access control list (ACL) does not filter traffic.
Conditions This symptom is observed when you configure an output ACL with 448 lines on a Cisco 12000 series Internet router and the ingress line card for the traffic that needs to be filtered is an 8-port or 16-port OC-3 Packet-over-SONET (POS) line card.
Workaround Do not configure an ACL with more than 128 lines on any interface of a Cisco 12000 series Internet router that is configured with an 8-port or 16-port OC-3 POS line card.
•CSCdw47411
Symptoms A Stateful Switchover (SSO) is prevented.
Conditions This symptom is observed when you enable a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN).
Workaround There is no workaround.
•CSCdw48035
Symptoms The line protocol of an interface that is receiving traffic may flap and any Border Gateway Protocol (BGP) sessions on this interface will be lost.
Conditions This symptom is observed when you configure access control lists (ACLs) on a Cisco 12000 series Engine 2 line card and many packets are denied (for example, in a denial of service attack).
Workaround There is no workaround.
•CSCdw48038
Symptoms Inbound packets that enter through an Engine 2 line card are not switched correctly and may be dropped.
Conditions This symptom is observed when you configure an access control list (ACL) on a Cisco 12000 series Engine 2 line card that has Sampled NetFlow enabled and the packets are switched out of the Engine 2 line card with the output ACL applied.
Workaround Do not configure output ACLs on a Cisco 12000 series Internet router that is configured with an Engine 2 line card that has Sampled NetFlow enabled.
•CSCdw50348
Symptoms Traffic between two customer edge (CE) routers drops from Frame Relay subinterfaces.
Conditions This symptom is observed in a Virtual Private Network (VPN) environment that has one customer edge (CE) router connected to a provider edge (PE) router. This PE router is connected to another PE router that is, in turn, connected to another CE router. For this caveat to occur, the following configuration conditions need to be present:
•Both PE routers are connected through a one-hop traffic engineering (TE) tunnel.
•Basic Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) explicit null is turned on in one PE router.
•Both PE routers are load balanced.
•One PE router and one CE router have external Border Gateway Protocol (eBGP) running between them.
In the above-mentioned configuration, if you enter the no tag ip command followed by the tag ip command on one of the PE routers and you repeat this sequence of commands a few times, traffic between the two CE routers will drop from Frame Relay subinterfaces that are configured on Engine 3 links between the PE router and the CE router that have eBGP running between them. This condition occurs because of an incorrect entry in the Engine 3 ingress line card.
Workaround Reload the PE router with the incorrect entry in the Engine 3 ingress line card.
•CSCdw50615
Symptoms A slow memory leak is generated in both the memory of a Cisco 12000 series Engine 2 line card and the Packet Switching ASIC (PSA) SRAM or SDRAM memory.
Conditions This symptom is observed when you use the ip multicast hw-accelerate command to configure fast switching with multicast hardware switching on a Cisco 12000 series Engine 2 line card.
Workaround There is no workaround.
•CSCdw50839
Symptoms Packets on a Versatile Interface Processor (VIP) are dropped.
Conditions This symptom is observed on a Cisco 7500 series router that is configured as a provider edge router in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) switching environment when there are no distributed Cisco Express Forwarding (dCEF) entries for the remote VPN routing/forwarding (VRF) route.
This symptom occurs if a VRF is deleted after dCEF and the Border Gateway Protocol (BGP) are disabled from any previous MPLS VPN configuration.
Workaround Disable and reenable distributed dCEF by issuing the no ip cef distributed global configuration command followed by the ip cef distributed global configuration command on the Cisco 7500 series router. End-to-end connectivity is restored after this workaround is performed.
•CSCdw52267
Symptoms Packets that are supposed to be routed to another router are dropped from an interface on a Cisco 12000 series Engine 1 line card.
Conditions This symptom is observed when you configure explicit null labels on an interface.
Workaround There is no workaround.
•CSCdw53200
Symptoms Incoming tag packets that pass through a Packet-over-SONET (POS) or Gigabit Ethernet interface are counted double after fragmentation.
Conditions This symptom is observed when packet sizes of incoming packets are larger than the maximum transmission unit (MTU) size. There is no impact on packet forwarding.
Workaround There is no workaround.
•CSCdw54940
Symptoms Outgoing labels become untagged in the Tag Forwarding Information Base (TFIB) when a traffic engineering (TE) tunnel goes down.
Conditions This symptom is observed on router that is running Cisco IOS Release 12.0(20.3)ST3, Release 12.0(20.4)ST, Release 12.2(7.6), or Release 12.2(7.4)T.
This situation may occur between two label switching routers that have the Label Distribution Protocol (LDP)/Tag Distribution Protocol (TDP) configured on a one-hop tunnel and also on a physical link. When the tunnel goes down, the outgoing label for a prefix that is reachable via a physical link may become untagged.
Workaround Enter the clear ip route network command, where the network argument is the IP address of the TFIB entry that became untagged.
•CSCdw55605
Symptoms A Cisco 10000 series edge services router misses an entry in its label forwarding table for a prefix that belongs to a Virtual Private Network (VPN) routing/forwarding (VRF) instance.
Conditions This symptom is observed on a a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(20.3)ST2 or a later release and that is configured as a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE).
If you enter the show tag-switching forwarding-table command for the missing entry, no label is shown. However, if you enter the show ip cef detail command for the prefix, the correct label is shown.
Workaround There is no workaround. However, if you enter the clear ip route command for the affected prefix, the prefix is reinstalled in the label forwarding table.
•CSCdw55955
This caveats consists of two issues:
Symptoms Issue 1 A packet that is traveling through a PA-MC-STM1 interface is counted twice in the NetFlow statistics.
Conditions Issue 1 This symptom is observed when you enable the Egress NetFlow feature on a core PA-MC-STM1 interface of an Multiprotocol Label Switching (MPLS) network using the mpls netflow egress command-line interface (CLI) command.
Workaround Issue 1 The Egress NetFlow feature is not a feature that should be used on core MPLS interfaces. This feature should be enabled only on interfaces that support MPLS Virtual Private Network routing/forwarding (VRF) instances. Enabling it on any other interface should be considered a misconfiguration. Remove the CLI configuration by entering the no mpls netflow egress command on the offending core MPLS interface.
Symptoms Issue 2 The Egress NetFlow feature does not run properly if you use it on Cisco Express Forwarding (CEF) (that is, if you have CEF enabled by entering the ip cef CLI command).
Conditions Issue 2 This symptom is observed when the Egress NetFlow feature is enabled on an interface that supports an MPLS VRF instance and that is connected to an MPLS core via a PA-MC-STM1 interface on a Cisco 7500 router that is running Cisco IOS Release 12.0(20.3)ST2.
Workaround Issue 2 Enable distributed CEF (dCEF) using the ip cef distributed CLI command.
•CSCdw58450
Symptoms A Border Gateway Protocol (BGP) session gets dropped from an IP Services Engine (ISE) interface because of a TCP sequence error.
Conditions This symptom is observed when you use the bgp-policy destination ip-prec-map command and the bgp-policy destination ip-qos-map command to enable Quality of Service (QoS) Policy Propagation via Border Gateway Protocol (QPPB) on an ISE interface.
Workaround There is no workaround.
•CSCdw59802
Symptoms 100 Kpps IPv6 traffic with packet sizes larger than 500 bytes cannot pass through a 4-port OC-48 Packet-over-SONET (POS) or enhanced 4-port OC-48 POS line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdw59938
Symptoms A label switch controller (LSC) reloads if an interface on a downstream router is shut down.
Conditions This symptom is observed when LSCs are configured to use the Tag Distribution Protocol (TDP). The output label switched controlled virtual circuit (LVC) is torn down after the downstream interface is shut down. If the routing protocol has not converged, a new output LVC request is sent to the downstream router using the same interface. When the routing update occurs, the requested output LVC is deleted and the input LVC is released. After the input LVC is released, the LSC will reload if it attempts to delete the output LVC.
Workaround There is no workaround.
•CSCdw60124
Symptoms If an ATM tag switching subinterface is created and the multi-virtual circuit (Multi-VC) mode is enabled on the subinterface, the local prefixes of a Label Distribution Protocol (LDP) neighbor do not appear in the label forwarding table if the subinterface is deleted and subsequently recreated.
Conditions This symptom is observed on a Cisco router that is configured with a Route Switch Processor 4 (RSP4).
Workaround Reload the router.
•CSCdw60620
Symptoms If you enter the no ip vrf vrf-name command on a provider edge (PE) router, the deleted Virtual Private Network (VPN) routing/forwarding (VRF) table is not removed from the router. If you enter the show ip vrf command, the VRF table shows up as "being deleted." This situation prevents you from configuring a VRF table with same route distinguisher.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdw61086
Symptoms The following Simple Network Management Protocol (SNMP) MIB components do not accurately reflect the interface state on an Engine 3 1-port channelized OC-48 Packet-over-SONET line card:
–sonetSectionCurrentStatus
–sonetLineCurrentStatus
–sonetPathCurrentStatus
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdw63013
Symptoms If the ipv6 router rip global configuration command is issued after the ip access-list global configuration command has been issued, the entry of subsequent IPv6 redistribute router configuration commands fails.
Conditions This symptom is observed after the router reloads. The redistribute router configuration command is present in the startup configuration but not the running configuration.
Workaround Reissue the missing redistribute router configuration command.
•CSCdw64288
Symptoms A router gets into a perpetual loop while autobooting is attempted.
Conditions This symptom is observed when the first file on the bootflash is not a working bootloader, the config-register command is set to 1 (that is, autoboot), and you reload the router.
Workaround Replace the NVRAM.
Alternate Workaround Replace the boot ROM with version 182 or a higher version.
•CSCdw64740
Symptoms Tag switching advertise tags do not work when Tag Distribution Protocol (TDP) is toggled between the tag-switching advertise-tags global configuration command and the no tag-switching advertise-tags global configuration command.
Conditions This symptom is observed when Cisco IOS Release 12.2(7.6)T or Release 12.0(20.3)ST3 is used and does not occur when the Label Distribution Protocol (LDP) is used.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface that has the TDP session configured.
•CSCdw66742
Symptoms After a card is removed and a router is reloaded, the ifindex values are changed.
Conditions This symptom is observed on a Cisco 12000 series Internet router after you have configured the snmp ifindex persist command for each interface and you have also configured the snmp-server ifindex persist command, and then you use the copy EXEC command to paste the ifindex values in NVRAM.
Workaround There is no workaround.
•CSCdw67208
Symptoms Label Distribution Protocol (LDP) that is configured on a provider edge (PE) router does not advertise a changed label to customer edge (CE) routers. The CE routers continue to work an old label for the prefix. If you enter the show mpls forwarding-table command on the CE and PE routers, the old label will be returned:
–Use the show mpls forwarding-table ldp binding command on the CE routers.
–Use the show mpls forwarding-table ldp binding vrf vrf-name command on the PE router.
Conditions This symptom is observed when the LDP-based Carrier Supporting Carrier feature is configured on a Virtual Private Network (VPN) routing/forwarding (VRF) interface of a provider edge (PE) router and the Border Gateway Protocol (BGP) reallocates a new label for a VPN prefix.
Workaround Clear the LDP session between the PE router and the CE routers by entering the shutdown command followed by no shutdown command on the VRF interface of the PE router.
•CSCdw67480
Symptoms NetFlow stops functioning on a line card.
Conditions This symptom is observed when you first configure sampled NetFlow and multicast hardware switching on the same line card and then disable multicast hardware switching.
Workaround Reload microcode onto the line card.
•CSCdw67561
Symptoms Border Gateway Patrol (BGP) silently ignores a password that has fewer than four characters but does not authenticate the BGP session. If you enter the show configuration command, the ignored password is displayed.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround Use a password that has more than four characters.
•CSCdw67882
Symptoms The explicit-null label is not advertised by Tag Distribution Protocol (TDP).
Conditions This symptom is observed when TDP is configured between a router that is running Cisco IOS Release 12.2(7.6)T, Release 12.0(20.3)ST3, or Release 12.0(20.4)ST and another router and the mpls ldp explicit-null command is also configured.
Workaround Use Label Distribution Protocol (LDP) instead of TDP.
Alternate Workaround Reset the TDP session after you have configured the mpls ldp explicit-null command. Whenever you change the explicit-null label configuration, you will need to reset the TDP session. To reset the TDP session, enter the shutdown command followed by no shutdown command on the link that is running TDP.
•CSCdw67901
Symptoms The framing and clock source default parameters of a Cisco 10000 series 24-port channelized E1/T1 line card do not match the framing and clock source settings that are displayed by the Cisco IOS software. This situation may cause the controller state of the line card to remain down.
Conditions This symptom is observed when Cisco IOS software expects the default configuration of the 24-port channelized E1/T1 line card to be set to cyclic redundancy check 4 (CRC4) framing and the clock source to be set to line, but the chips of the line card are actually set to different values.
Workaround First use the clock source command to set the clock source to line and the framing command to select the desired framing, and then enter the shutdown command followed by no shutdown command on the controller of the line card.
Alternate Workaround Use the no framing command to turn off framing and the channel-group command to define the time slot.
•CSCdw67925
Symptoms When you remove an interface on a 2-port STM-1/OC-3 channelized DS1/E1 line card from a multilink group, the following error message is displayed:
%GRP-3-ENCAP: Failure to Update (mac length non-0), slot 4294967295 (info 0x4)
-Traceback= 5029E8DC 5029F1DC 50101C7C 501022D4 500F8E24 500F9B80 500F9C04 501A6F9C 5019C6D0 5019C780 5019D400 501BE90C 501BE8F8Conditions This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz.image of Cisco IOS Release 12.0(20.4)ST.
Workaround There is no workaround.
•CSCdw67963
Symptoms A Multiprotocol Label Switching (MPLS) committed access rate (CAR) rule limits the rate of multicast packets.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdw67991
Symptoms A Cisco 12000 series line card reloads when traffic comes through and you have both the police bps command and the priority command configured in the same class.
Conditions This symptom is observed on Cisco 12000 series IP Services Engine (ISE) OC-48 line cards and ISE Channelized OC-48 line cards that are running the gsr-p-mz image of Cisco IOS Release 12.0(20.4)ST.
Workaround There is no workaround.
•CSCdw68089
Symptoms Incoming and outgoing Committed Access Rate (CAR) does not function for Differentiated Services Code Point (DSCP)-based rules.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdw68437
Symptoms A Virtual Private Network (VPN) routing/forwarding (VRF) ping does not work with an Engine 0 line card.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdw69768
Symptoms A headend edge label switch router (ELSR) may generate unsynchronized tag bindings and display the following error message:
%SCHED-3-THRASHING: Process thrashing on watched managed timer (0x414A4920). -Process= "TC-ATM Proc", ipl= 4, pid= 88 -Traceback= 40398AC0 40398EC0 4099DF14
Conditions These symptoms are observed in a cell-based Multiprotocol Label Switching (MPLS) setup. These symptoms are observed on the headend ELSR after the tailend of an ELSR Tag Distribution Protocol (TDP) or Label Distribution Protocol (LDP) session is toggled. These symptoms occur because the headend ELSR does not clean up all tag bindings completely after the TDP or LDP session goes down. The headend ELSR keeps the state of some of the stale tag bindings as active.
Workaround When this symptom occurs, the user can toggle the headend TDP or LDP session by issuing the shutdown interface configuration command followed by the no shutdown interface configuration command either on the extended tag ATM (XTagATM) interface either on the label switch controller (LSC) or on the MPLS subinterface on the headend ELSR.
•CSCdw70206
Symptoms If you use a 3-port Gigabit Ethernet line card as the Universal Transport Interface (UTI) customer facing interface configured for UTI-raw, the length of the packet that is received at the remote end is always 4 bytes longer than the length of the packet that is sent.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20.4)ST.
Workaround There is no workaround.
•CSCdw70627
Symptoms After a Cisco 12000 series Internet router has booted up, a line card reloads, many messages that are related to the reloaded line card are displayed, and the router pauses twice.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdw70886
Symptoms A Line Remote Defect Indicator (LRDI) condition may not manifest itself as an alarm.
Conditions This symptom is observed on an OC-3 or OC-12 Packet-over-SONET (POS) line card.
Workaround There is no workaround.
•CSCdw71419
Symptoms The ciscoFlashFileTable loops during a Simple Network Management Protocol (SNMP) walk.
Conditions This symptom is observed on a Cisco 6400 Node Switch Processor (NSP) when you create a file in a Personal Computer Memory Card International Association (PCMCIA) device without rebooting the NSP.
Workaround There is no workaround.
•CSCdw71679
Symptoms Running IPv6 Border Gateway Protocol (BGP) across an automatic tunnel that uses an IPv4-compatible IPv6 address does not work correctly.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdw74098
Symptoms The performance of Sampled NetFlow is negatively affected.
Conditions This symptom is observed on Cisco 12000 series Engine 2 and Engine 3 line cards that use suboptimal software vectors to forward or process packets that are punted from the hardware switching path to the software.
Workaround There is no workaround.
•CSCdw74143
Symptoms A Cisco 7500 series Route Switch Processor (RSP) reloads when a policy map is associated to a Frame Relay map class.
Conditions This symptom is observed on a router that has 380 interfaces configured and each interface has distributed Frame Relay fragmentation (dFRF.12) configured.
Workaround There is no workaround.
•CSCdw74632
Symptoms An alarm indication signal (AIS) count is detected on the far end of a PPP encapsulated link if you remove the Rx fiber on the near end.
Conditions This symptom is observed on an OC-12 Packet-over-SONET (POS) or OC-3 POS line card that has PPP encapsulation enabled.
Workaround There is no workaround.
•CSCdw76355
Symptoms Using the clear isis * EXEC command prevents some tunnels that have autoroute enabled to be used by the Intermediate System-to-Intermediate System (IS-IS) in its Shortest Path First (SPF) or next hop calculations.
Conditions This symptom is observed when Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) is configured along with IS-IS and occurs only for tunnels for which Fast-Reroute has been enabled using the tunnel mpls traffic-eng fast-reroute command.
Workaround Administratively disable and then reenable the tunnel by entering the shutdown command followed by the no shutdown command on the tunnel interface.
•CSCdw76822
Symptoms IP connectivity may be disrupted after distributed Cisco Express Forwarding (dCEF) is configured on a router.
Conditions This symptom is observed on a Cisco 7500 series router that is functioning as a provider edge (PE) router and that is running tag switching or Multiprotocol Label Switching (MPLS). This symptom occurs if the router is running both cell-based and frame-based tag switching simultaneously.
Workaround There is no workaround.
•CSCdw77323
Symptoms Cisco 10000 series Performance Routing Engine (PRE) software reloads when you apply a service policy command to a multilink interface.
Conditions This symptom is observed when the multilink interface has no active links (which is the case when the system restarts) and the policy map contains a bandwidth, priority, or shape command.
Workaround Apply the service policy command after you have ensured that the multilink interface has at least one active link.
•CSCdw79275
Symptoms Multicast hardware switching does not function on Frame Relay subinterfaces.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdw80326
Symptoms Entering the no access-list 101 command in configuration mode causes a router to reload because of a bus error.
Conditions This symptom is observed when comments along with dynamic access control entries (ACEs) are used in the access control list (ACL) that is being removed.
Workaround Do not use comments for dynamic ACEs in an ACL. Comments for nondynamic ACEs do not cause the symptoms to occur.
•CSCdw80397
Symptoms When you configure cyclic redundancy check 4 (CRC4) framing on a Cisco 10000 series 24-port channelized E1 line card after the line card had been configured for non-CRC4 framing, the E1 controller state of the line card goes down and the E1 controller reports a Loss of Frame failure. This situation causes the interface and the line protocol to go down.
Conditions This symptom is observed when you connect the controllers of two 24-port channelized E11 line cards back-to-back and in a configuration in which the controller of a 24-port channelized E1 line card is connected to a test device.
Workaround Enter the loopback local controller configuration command followed by the no loopback controller configuration command on the E1 controller to recover from the situation.
•CSCdw80564
Symptoms The Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) feature does not function.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(20.4)ST.
Workaround There is no workaround.
•CSCdw80828
Symptoms Tag Distribution Protocol (TDP) does not advertise a tag.
Conditions This symptom is observed in Cisco IOS Release 12.2(7.6)T, Release 12.0(20.3)ST3, or Release 12.0(20.4) ST when TDP is running between two routers and the state of a Tag Information Base (TIB) entry changes quickly from "withdrawn" to "assigned." This situation may occur under stress when a large routing change takes place.
Workaround Reset the TDP session by entering the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface on which the TDP session is configured.
Alternate Workaround Use Label Distribution Protocol (LDP) instead of TDP.
•CSCdw81063
Symptoms A Cisco 10000 series edge services router cannot act as the head or tail of a generic routing encapsulation (GRE) tunnel that carries Multiprotocol Label Switching (MPLS) encapsulated traffic.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdw81118
Symptoms Subinterfaces on a serial interface have incorrect subinterface names.
Conditions This symptom is observed when a Packet-over-SONET (POS) interface that has subinterfaces configured is rechannelized to a serial interface; the subinterfaces on the new serial interface will have incorrect subinterface names. The same situation occurs when a serial interface that has subinterfaces configured is rechannelized to a POS interface.
Workaround There is no workaround.
•CSCdw81227
Symptoms A router reloads when you set ifAdminStatus using Simple Network Management Protocol (SNMP).
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround Use the shutdown command-line interface (CLI) command followed by the no shutdown CLI command to control the administrative status.
•CSCdw82106
Symptoms An implicit-null label over a Border Gateway Protocol (BGP) RFC 3107 session is distributed as a "1" rather than as a "0."
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdw82241
Symptoms After a multiprotocol external Border Gateway Protocol (MP-eBGP) update, if you enter the show mpls forwarding-table command, the VPN labels that are shown do not match the VPN labels that are shown if you enter the show ip bgp vpnv4 all command.
Conditions This symptom is observed in a network configuration with the following characteristics:
–Several Cisco 12000 series Internet routers function as provider (P) and provider edge (PE) routers.
–At least one Cisco 12000 series Internet router functions as a PE autonomous system border router (ASBR).
–All Cisco 12000 series Internet routers are configured with 8-port Packet-over-SONET (POS) and 3-port Gigabit Ethernet line cards.
–The routers function in an interautonomous system Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment.
Workaround Enter the clear ip bgp * command on the router that functions as the PE-ASBR.
•CSCdw83686
Symptoms A Cisco 10000 series edge services router (ESR) reloads the Cisco IOS software.
Conditions This symptom is observed when the microcode on a Cisco 10000 series ESR is reloaded repeatedly (hundreds or thousands of times). The microcode should be reloaded only in the case of a PFX reload, which is rare.
Workaround There is no workaround.
•CSCdw85160
Symptoms The E1 controller of a Cisco 10000 series 24-port channelized E1 is down.
Conditions This symptom is observed when you connect the controllers of two 24-port channelized E11 line cards back-to-back in a non-cyclic-redundancy-check-4 (CRC4) framing configuration. The controller at one end of the link is in an "Up" state, and its interface and line protocol are also up. The neighboring controller at the other end of the link is in a "Down" state, and entering the loopback local controller configuration command followed by the no loopback controller configuration command on the E1 controller that is in the "Down" state has no effect.
Workaround Enter the loopback local controller configuration command followed by the no loopback controller configuration command on the E1 controller that is in the "Up" state.
•CSCdw85311
Symptoms A Cisco 10000 series edge services router (ESR) performs an emergency shutdown.
Conditions This symptom occurs on a Cisco 10000 series ESR that is running Cisco IOS Release 12.0(21)SX two minutes after a fan failure or fan removal.
Workaround Ensure that there is at least one working fan present in the fan tray.
•CSCdw85655
Symptoms Packets get dropped intermittently when Virtual Private Network (VPN) routing/forwarding (VRF) instances are configured.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is configured with a Performance Route Processor (PRP).
Workaround There is no workaround.
•CSCdw85724
Symptoms CPU utilization on a Cisco 12000 series IP Services Engine (ISE) line card is 99 percent and a fabric ping failure causes a line card to reload.
Conditions These symptoms are observed on a 16-port channelized OC-3/STM-1 to DS-3/E3 ISE line card that is configured for 48 DS3's and that is connected to an Engine 2 16-port Packet-over-SONET (POS) line card. This configuration is incorrect because an Engine 2 line card does not support channelization to DS3.
The New SONET Pointer (NEWPTR) counter of the 16-port channelized OC-3/STM-1 to DS-3/E3 ISE line card cannot be tracked precisely because there is no NEWPTR hardware counter and the NEWPTR interrupt cannot be enabled for system reliability consideration.
Workaround There is no workaround.
•CSCdw86488
Symptoms A Multi Frame (MFR) bundle does not recover.
Conditions This symptom is observed after a 6-port channelized T3 (6CT3-SMB) line card that is configured for MFR and that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S1 has reloaded.
Workaround Reload microcode onto the line card.
•CSCdw86740
Symptoms The service policy overruns the interprocess communications (IPC) mechanism on a Cisco 7500 series router.
Conditions This symptom is observed when a service policy is applied to a large number of interfaces simultaneously.
Workaround Break up the service policy and apply the service policy individually to a smaller group of interfaces.
•CSCdw88175
Symptoms The eboot image cannot read the configuration that was saved to NVRAM when a Cisco 10000 series edge services router (ESR) is booting up.
Conditions This symptom is observed on a Cisco 10000 series ESR that is running Cisco IOS Release 12.0(21)SX when the eboot image is an earlier image than Release 12.0(21)SX and the Auto-Shutdown feature causes the router to shut down because of a fan failure, fan removal, or overheating condition that lasts longer than two minutes.
Workaround Upgrade the eboot image to Cisco IOS Release 12.0(21)SX and ensure that both the router and the eboot image run Cisco IOS Release 12.0(21)SX.
•CSCdw88747
Symptoms An Engine 4 (E4) or Engine 4 Plus (E4+) line card stops responding and may be reset by the Route Processor.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(22)S or an earlier release if distributed multicast routing is enabled in the router.
Workaround There is no workaround.
•CSCdw89864
Symptoms Quality of service (QoS) traffic classes that should receive fair or priority treatment fail to receive such services.
Conditions This symptom is observed if you use a QoS service policy with class-based fair queueing or priority queueing features on a Multilink PPP (MLP) interface and you enter the service-policy command before all PPP links come up in an MLP bundle.
Workaround Manually apply the service-policy command after you have ensured that the multilink bundle is fully connected.
•CSCdw90505
Symptoms When you change an outgoing Virtual Private Network (VPN) routing/forwarding (VRF) subinterface in one VPN to High-Level Data Link Control (HDLC) encapsulation, another outgoing VRF subinterface in a different VPN does not forward traffic.
Conditions This symptom is observed in a configuration in which a provider edge (PE) router and a customer edge (CE) router are connected through a Cisco 12000 series Engine 2 Packet-over-SONET interface.
Workaround There is no workaround.
•CSCdw90589
Symptoms A Cisco 10720 Internet router reloads with the following error message:
%Camr-3-MISTRAL_ERROR:MISTRAL_TM_NPP_PAR_ERR_REG_MASK_HI: 41
-Traceback= 5022DA50 501DE2A8
%Camr-3-INTPROC: Process Traceback= 5022CC18 501DDF8C
-Traceback= 5022D6C8 5022DB74 501DE2A8Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdw91017
Symptoms A Cisco 12000 series Engine 2 line card stops forwarding all traffic.
Conditions This symptom is observed when an interface of the Engine 2 line card is performing IP to tag imposition and you apply unicast Reverse Path Forwarding (uRPF) strict check under this interface.
Workaround There is no workaround.
•CSCdw92892
Symptoms The Frame Relay (FR) functionality on an OC-3 Packet-over-SONET (POS) and OC-12 POS interface do not work; the loopback (LP) may not come up, and Local Management Interface (LMI) "enq" and "stat" messages may not be exchanged between the FR data terminal equipment (DTE) and data circuit-terminating equipment (DCE).
Conditions This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(20)ST1 or Release 12.0(20)ST2.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the main POS interface on the FR DTE side. This sequence of commands causes the router on the DTE side to start sending LMI "enq" messages and, subsequently, causes the router on the DCE side to start sending LMI "stat" messages.
•CSCdw94531
Symptoms A T1 interface and its channel or channels fail to come back up.
Conditions This symptom is observed on a 6-port channelized T3 line card in channelized mode with a connected channel group, if you enter the shutdown command on the controller, perform an online insertion and removal (OIR) of the line card, and then enter the no shutdown command on the controller.
Workaround Perform an additional OIR of the line card.
•CSCdw94613
Symptoms An Engine 2 line card reloads unexpectedly or experiences alignment errors.
Conditions These symptoms are observed on an Engine 2 line card in a Cisco 12000 series Internet router that is running an interautonomous system Virtual Private Network (VPN) with traffic across Multiprotocol Label Switching (MPLS) links that are load-balanced, when external Border Gateway Protocol (eBGP) routes start to enter across the interautonomous system VPN.
Workaround There is no workaround.
•CSCdw94648
Symptoms Pings through Multilink PPP (MLP) interfaces fail.
Conditions This symptom is observed on interfaces of a Cisco 10000 series 24-port channelized E1/T1 line card.
Workaround There is no workaround.
•CSCdx00697
Symptoms Border Gateway Protocol (BGP) peering between two or more links on a Cisco 10000 series edge services router via a serial T1 connection does not load-balance correctly. If you use the BGP configuration with external BGP (eBGP) multihop and a configured number of host static routes, load-balancing fails.
Conditions These symptoms are observed when the Per-Packet Load Balancing (PPLB) is configured.
Workaround Configure static routes for the networks that a customer is advertising via BGP to the next-hop links of the router.
•CSCdx00934
Symptoms A ping fails within a Virtual Private Network (VPN).
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(20.4)ST1 when a customer edge (CE)-provider edge (PE) link is configured as a Frame Relay link.
Workaround There is no workaround.
•CSCdx01917
Symptoms Serial interfaces on a Cisco 10000 series 1-port channelized OC-12 line cards remain in a Down/Down state after the router has reloaded and the interfaces are defined in the startup configuration.
Conditions This symptom is observed when the startup configuration contains a large number of serial interfaces that are defined on multiple 1-port channelized OC-12 line cards.
Workaround Delete and recreate the affected interfaces.
•CSCdx02036
Symptoms If the prefix of a provider edge (PE) router is learned over a Packet-over-SONET (POS) interface, the prefix is untagged.
Conditions This symptom is observed in a Carrier Supporting Carrier (CsC) topology in which two Cisco PE routers are connected to a POS interface. The prefix of the PE router is untagged after the topology is configured if the prefix is learned over a POS interface. When this symptom occurs, traffic forwarding through the CsC core is stopped.
Workaround Manually clear the prefix from the routing table and establish a tag for the prefix.
•CSCdx02559
Symptoms An Engine 3 line card reloads with a bus error exception.
Conditions This symptom is observed when you configure a large number of subinterfaces and Virtual Private Networks (VPNs) on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx02945
Symptoms A Cisco 12000 series Internet router reloads if a Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel is configured with the following sequence of commands:
sam4(config)#
no int tunnel200
sam4(config)# interface Tunnel200
sam4(config-if)# ip unnumbered Loopback0
sam4(config-if)# tunnel destination 1.1.1.1
sam4(config-if)# tunnel mode mpls traffic-eng
sam4(config-if)# no tunnel mpls traffic-eng autoroute announce
sam4(config-if)# tunnel mpls traffic-eng priority 0 0
sam4(config-if)# tunnel mpls traffic-eng bandwidbth 300
sam4(config-if)# tunnel mpls traffic-eng fast-reroute
sam4(config-if)# tunnel mpls traffic-eng path-option 1 explicit name sam1
sam4(config-if)# no shutConditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdx04150
Symptoms Packets are not forwarded from an Engine 4 (E4) line card to an Engine 3 (E3) or Engine 4 Plus (E4+) line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router when you configure an output access control list (ACL) on an E3 or E4+ line card.
Workaround There is no workaround.
•CSCdx04487
Symptoms An enhanced 4-port OC-12 Packet-over-SONET (POS) line card may repeatedly report the following error message:
SLOT 6:Mar 14 09:49:23 MET: %LCPOS-3-SOP: RX:UnexpectedSop. Source=0x4 (Framer), halt_minor0=0x8000
SLOT 6:Mar 14 09:49:23 MET: %GSR-3-INTPROC: Process Traceback= 400C8E08 400C4730 40010A24
-Traceback= 402EF7E4 40620744 400C3F0CA SONET synchronization difficulty may precede the error message. The line protocol goes down on the affected interface and if the affected interface is not shut down, the line card will eventually be reloaded by the router because of internal ping timeouts and the following error message will appear:
%GRP-3-COREDUMP: Core dump incident on slot 6, error: Fabric ping failure (seq:502605)
Conditions These symptoms are observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0 (19)S1.
Workaround There is no workaround.
•CSCdx05010
Symptoms A Route Processor Module (RPM) interface may not work after it is reloaded.
Conditions This symptom is observed on a Cisco MGX8250 RPM if two or more subinterfaces are configured with the same ATM permanent virtual connection (PVC) name that uses identical characters for the first 15 characters.
Workaround Configure ATM PVC names that are unique and that have 15 characters or fewer.
When the Cisco MGX8250 is first configured, multiple subinterfaces can be configured with a PVC that is 15 characters if the characters are unique. However, if the first 15 characters are identical after a reload, other subinterfaces fail because only one subinterface retains the PVC statement.
•CSCdx05980
Symptoms Two customer edge (CE) routers that are connected to the same provider edge (PE) router cannot ping each other.
Conditions This symptom is observed when two Cisco 12000 series Internet routes that are functioning as CE routers are connected to a Cisco 12000 series Internet router that is functioning as a PE router via Engine 3 line cards.
Workaround There is no workaround.
•CSCdx07572
Symptoms When you enter the no shutdown interface configuration command to bring up a spatial reuse protocol (SRP) interface, a router reloads.
Conditions This symptom is observed on Cisco 7200 series and Cisco 7500 series routers that are running Cisco IOS Release 12.0(21.1)S3.
Workaround There is no workaround.
•CSCdx07801
Symptoms You cannot configure an external Border Gateway Protocol (eBGP) neighbor with an IPv4 send-label option under the address-family ipv4 vrf vrf-name command as part of the router bgp as-number configuration.
Conditions This symptom is observed in a carrier supporting carrier environment between a provider edge (PE) and a customer edge (CE) router.
Workaround Use Label Distribution Protocol (LDP) as the protocol between the PE router and the CE router.
•CSCdx08669
Symptoms A Cisco 7500 series router experiences spurious memory accesses and reloads with a bus error.
Conditions This symptom is observed on a Cisco 7500 series router that is running the rsp-pv-mz image of Cisco IOS Release 12.0(16)ST and that has Multiprotocol Label Switching (MPLS) enabled. This situation is related to the use of the aggregate-address Border Gateway Protocol (BGP) command.
Workaround There is no workaround.
•CSCdx09803
Symptoms A customer edge (CE) router does not learn prefixes from a provider edge (PE) router. The neighbor session comes up with a "send-label" that is correctly configured but the Network Layer Reachability Information (NLRI) that is received by the CE router is rejected because of incorrect Subsequent Address Family Identifier (SAFI) information.
Conditions This symptom is observed when the MPLS VPN Carrier Supporting Carrier—IPv4 BGP Label Distribution feature is configured between the CE router and the PE router and the external Border Gateway Protocol (eBGP) is being used.
Workaround There is no workaround.
•CSCdx10517
Symptoms A Cisco 12000 series Internet router loses IPv6 addresses after the Route Processor (RP) reloads.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running IPv6 on an 8-port OC-3/STM-1 ATM line card that is configured with subinterfaces that use permanent virtual connection (PVC) ATM Adaptation Layer 5 Subnetwork Access Protocol (AAL5 SNAP) encapsulation.
Workaround There is no workaround.
•CSCdx11084
Symptoms An ATM OC-12 interface on a Cisco 7500 series port adapter shows output drops that cannot be accounted for anywhere else in the router. None of the permanent virtual connections (PVCs) show any drops, but the interface still accumulates drops.
Conditions This symptom is observed when the traffic rate is very low compared to line rate of the port adapter.
Workaround There is no workaround.
•CSCdx11194
Symptoms The show running-config command does not display the correct configuration for some E1 lines on a Cisco 10000 series edge services router, which causes failures when the router reloads or a Performance Routing Engine (PRE) performs a switchover.
Conditions This symptom is observed when E1 lines on a channelized STM-1 card are set to non-cyclic-redundancy-check-4 (CRC4) framing, that is, when the no-crc4 command is enabled. No failures occur when all E1 lines on the router are configured for non-CRC4 framing.
Workaround There is no workaround.
•CSCdx11208
Symptoms Network control traffic is dropped from a Cisco 10720 series router.
Conditions This symptom is observed on a Cisco 10720 series router that is running Cisco IOS Release 12.0(21)ST or Release 12.0(20)SP and that is subjected to a heavy traffic load. Any configuration in which network control traffic can be sourced by a Cisco 10720 series router can exhibit this problem.
Workaround There is no workaround.
•CSCdx11581
Symptoms A local provider edge (PE) router can learn remote customer edge (CE) routes, but pings do not go through the routes.
Conditions This symptom is observed in an Virtual Private Network (VPN) interautonomous system environment.
Workaround There is no workaround.
•CSCdx11690
Symptoms A Cisco 12000 series Internet router that is configured with an ATM line card cannot ping a neighbor after a Stateful Switchover (SSO).
Conditions This symptom is observed after the active and the standby Router Processor (RP) are fully initialized, an ATM permanent virtual connection (PVC) is reconfigured manually, and the reconfigured PVC is deleted from the standby RP. This situation causes the new active RP to have an invalid channel identification (ID) for communication with the segmentation and reassembly (SAR) component of the ATM line card.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the ATM interface or subinterface.
•CSCdx12501
Symptoms A switch VLAN may come up when its first port comes up. If there is a delay in subsequent switch ports coming up in the same VLAN, a Hot Standby Router Protocol (HSRP) group on that VLAN may become active before receiving any packets from other HSRP groups on the subnet. If HSRP PREEMPT is not configured, this behavior is unexpected.
Conditions This symptom is observed when configuring HSRP between two CATALYST 6000 switches that are running Cisco IOS Release 12.1(8b)E9 and when removing PREEMPT from the configurations of the respective VLANs.
Workaround Configure longer HSRP Hold and Hello timers.
•CSCdx12620
Symptoms The protocol control information (PCI) master aborts, and a Cisco 10000 series edge services router (ESR) reloads. The following error message is displayed:
Router(boot)#sh diag %ERR-1-GT64120 (PCI-1): Fatal error, PCI Master abort GT=0xB4000000, cause=0x00000400, mask=0x00D01D00, real_cause=0x00000400 bus_err_high=0x00000000, bus_err_low=0x00000000, addr_decode_err=0x00000470
%ERR-1-FATAL: Fatal error interrupt, reloading RP FPGA status 0x00000004 EPC 0x60114510 Error EPC 0x6FEF7DFD BadVA 0x0069504B Status 0x3400FF03
Conditions These symptoms are observed when you enter the show diag command from the eboot software image on the Cisco 10000 ESR.
Workaround Use the show diag command from a full software image.
•CSCdx12759
Symptoms A standby Gigabit Route Processor (GRP) reloads after bootup of the router.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is configured with a redundant Gigabit Route Processor (GRP) that is booted with the gsr-p-mz software image of Cisco IOS Release 12.0(21)ST.
Workaround There is no workaround.
•CSCdx13418
Symptoms All Cisco 12000 series line cards reload when you perform an online insertion and removal (OIR) by replacing one line card with another one in the same slot. The following error message (where slot 5 is the slot in which the OIR was performed) is displayed:
SLOT 5:00:02:14: %MDS-2-LC_INVALID_HWIDB_INDEX: Invalid if_index for HWIDB GigabitEthernet5/0 SLOT 5:00:02:14: %MDS-2-LC_INVALID_SWIDB_IFNUM: Invalid if_num for SWIDB GigabitEthernet5/0
Conditions This symptom is observed after a Route Processor Redundancy Plus (RPR+) switchover or a Stateful Switchover (SSO).
Workaround Reload the router.
•CSCdx13597
Symptoms A router reloads when you enter the show tag-switching tdp neighbors command.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx16309
Symptoms A router reloads when you remove both a tunnel interface that is running in IPv6 mode and the loopback interface that has the tunnel interface as its source.
Conditions This symptom is observed on a router that is running Cisco IOS Release 12.0(20.3)ST2.
Workaround There is no workaround.
•CSCdx16684
Symptoms A secondary Route Processor (RP) reloads not long after a Stateful Switchover (SSO) occurs.
Conditions This symptom is observed in a configuration that contains traffic engineering tunnels.
Workaround There is no workaround.
•CSCdx16714
Symptoms A Route Processor (RP) may experience a bus error or pause indefinitely when a crash test is performed.
Conditions This symptom occurs after the test crash command is issued on an active RP.
Workaround Reload or power-cycle the router.
•CSCdx16872
Symptoms Traffic loss occurs because of buffer depletion drops.
Conditions This symptom is observed when there is bidirectional traffic across a number of Multilink PPP (MLPPP) bundles, the router is reloaded, and the configuration that was present prior to the reload is copied to the running configuration. Under these conditions, there are packet buffer leaks relative to the number of active bundles and the traffic presented to them.
Workaround There is no workaround.
•CSCdx17352
Symptoms When a line card of a provider edge (PE) router that is running IPv6 in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) is reloaded or a line card comes up after 6PE routes have already been learned and installed, the 6PE forwarding entries are not downloaded to the line card that has been reloaded or has come up.
Conditions This symptom is observed on a Cisco 12000 series 8-port OC-3 Packet-over-SONET line card.
Workaround There is no workaround.
•CSCdx17568
Symptoms Multicast Border Gateway Protocol (MBGP) for address family IPv6 does not allow the "neighbor x.x.x.x" send label to be configured and causes a provider edge (PE) router that is running IPv6 in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) to work incorrectly.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21.2)S.
Workaround There is no workaround.
•CSCdx17573
Symptoms Multiprotocol Label Switching (MPLS) does not update the Cisco Express Forwarding (CEF) table with the new local tags after a Route Processor Redundancy Plus (RPR+) cutover occurs.
Conditions This symptom is observed on a Cisco 7500 Route Processor (RP) that is running Cisco IOS Release 12.0 S.
In a dual RP system, the standby RP acts as a line card to the primary RP, and all Forwarding Information Base (FIB) and Tag Forwarding Information Base (TFIB) entries are downloaded to the standby RP. Because the Label Distribution Protocol (LDP) is also running on the standby RP, the LDP makes all the rewrites on the tag_info command field to be NULL. After an RPR+ cutover occurs, the FIB does not trigger the TFIB to delete the tag_info command field because the FIB does not detect a nontrivial change. Because of this behavior, the TFIB is associated with invalid and NULL entries.
Workaround There is no workaround.
•CSCdx17784
Symptoms Cisco 12000 series line cards do not come up after an online insertion and removal (OIR) of the active Router Processor (RP).
Conditions This symptom is observed when the active RP is removed and you remove the primary Clock and Scheduler Card (CSC) before the new active RP takes over.
Workaround Reload the router.
•CSCdx17893
Symptoms A Cisco 12000 series Engine 3 line card reloads.
Conditions This symptom is observed when the Engine 3 line card is configured with Intermediate System-to-Intermediate System (IS-IS) or Open Shortest Path First (OSPF) as the Interior Gateway Protocol (IGP), has many (10,000) IS-IS or OSPF routes configured and has load-balancing enabled.
Workaround There is no workaround.
•CSCdx18570
Symptoms A 1-port OC-12 Packet-over-SONET (POS)-MM line card reloads repeatedly after tag switching is configured on the POS interface.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(18)ST.
Workaround Disable tag switching.
•CSCdx18986
Symptoms Outgoing Committed Access Rate (CAR) does not function for Multiprotocol Label Switching (MPLS) packets. All rate-limiting configurations are ignored, and the CAR function is bypassed.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx19023
Symptoms After you have removed the policy-map configuration, it still exists under the virtual circuit (VC).
Conditions This symptom is observed on a Cisco 12000 series Engine 2 8-port OC-3 ATM line card.
Workaround Enter the shutdown command followed by the no shutdown command on the VC to remove the policy-map configuration from the VC.
•CSCdx19277
Symptoms Some packets are not switched on a Cisco 12000 series Internet router.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21.2)S and that is configured with an Engine 4 line card that functions as an ingress line card.
Workaround There is no workaround.
•CSCdx20802
Symptoms Memory fragmentation may cause 2 MB of memory allocation to fail.
Conditions This symptom affects edge routers that are configured for multi-virtual circuit (Multi-VC) and that have Label-Controlled ATM (LC-ATM) interfaces connected toward a Multiprotocol Label Switching (MPLS) core. Incremental memory leaks occur after the LC-ATM interface is toggled by issuing the shutdown interface configuration command followed by the no shutdown interface configuration command or after Cisco Express Forwarding (CEF) is enabled and later disabled on the router by issuing the ip cef global configuration command followed by the no ip cef global configuration command. Incremental memory leaks may also be seen when route flaps occur. If the incremental memory leaks continue, memory fragmentation may occur and traffic may stop passing through the LC-ATM interface.
Workaround There is no workaround.
•CSCdx20954
Symptoms A Cisco 12000 series OC-3 line card reloads unexpectedly and then recovers.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx20979
Symptoms The bandwidth bandwidth-size command is missing from the command-line interface (CLI).
Conditions This symptom is observed in Cisco IOS Release 12.0(21.02)S.
Workaround Use the bandwidth percent value command.
•CSCdx20996
Symptoms A router may reload if a configuration is changed.
Conditions This symptom is observed on a Cisco router that is running Tag Distribution Protocol (TDP) or Label Distribution Protocol (LDP). The reload occurs when TDP or LDP is unconfigured.
Workaround There is no workaround.
•CSCdx23088
Symptoms Sampled NetFlow (SNF) accounting is inaccurate if you apply an access control list (ACL) to the interface of a line card.
Conditions This symptom is observed on a Gigabit Ethernet (GE) interface of a Cisco 12000 series 3-port GE line card.
Workaround Do not apply an ACL to the interface.
•CSCdx23785
Symptoms The slow path (that is, the process-switched path) is broken on a Cisco 12000 series Engine 4 and Engine 4 Plus line card.
Conditions This symptom is observed in an IP to Multiprotocol Label Switching (MPLS) environment. Note that the fast path (that is, the hardware switching path) is not affected.
Workaround There is no workaround.
•CSCdx24242
Symptoms Packets with a valid source IP address that is reachable via tag switching are not passed through.
Conditions This symptom is observed when you have unicast Reverse Path Forwarding (uRPF) configured on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx24750
Symptoms A Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel may assume an outgoing link that is different from the one that is specified in the explicit path if the outgoing link of the TE tunnel fails.
Conditions This symptom is observed in an MPLS TE tunnel that is set up explicitly by specifying the IP address of the next hop interface as the next address. This symptom occurs if the outgoing IP address is a router ID.
Workaround There is no workaround.
•CSCdx25287
Symptoms Traffic does not always resume on the backup path and may stop altogether between two provider edge (PE) routers when you shut down the primary path.
Conditions This symptom is observed when you configure Ethernet over Multiprotocol Label Switching (EoMPLS) virtual circuits (VCs) between peer PE routers that are connected through one primary path and one backup path.
Workaround Reconfigure a VC on the peer PE.
•CSCdx26010
Symptoms A router does not have Tag Forwarding Information Base (TFIB) entries for locally learned routes on a given Virtual Private Network (VPN) routing/forwarding (VRF) instance.
When this symptom occurs, no entries are shown after the show tag forwarding EXEC command is entered. Only tag information is displayed after the show ip cef vrf EXEC command is entered.
Conditions This symptom is observed when the Label Distribution Protocol (LDP) is toggled on and off on Multiprotocol Label Switching (MPLS) VPN provider edge (PE) routes that are running the Carrier Supporting Carrier (CSC) feature with the LDP on the PE to customer edge (CE) interface.
Workaround Do not toggle LDP on or off.
•CSCdx26711
Symptoms A Cisco 7500 series standby Route Processor (RP) reloads.
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(22.1)S when you first configure multiple "new style" permanent virtual connections (PVCs) and then configure "old style" PVCs over a PPP ATM subinterface.
Workaround Do not configure "old style" PVCs after you have configured "new style" PVCs over a PPP ATM subinterface.
•CSCdx27117
Symptoms Pings fail for the loopback address of a customer edge (CE) router.
Conditions This symptom is observed in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) network with a Gigabit Ethernet (GE) connection between the provider edge (PE) router and the CE router. Note that the GE interface can be pinged.
Workaround Enter the clear ip route vrf vrf-name * EXEC command on the PE router.
•CSCdx29393
Symptoms Cisco Express Forwarding (CEF) gets disabled on a Cisco 12000 series Engine 2 16-port OC-3 line card.
Conditions This symptom is observed when the line card is configured with 16 different input access control lists (ACLs) and there are about 100K Border Gateway Protocol (BGP) routes present.
Workaround There is no workaround.
•CSCdx30014
Symptoms Traffic takes up to 40 to 50 seconds to return to full rate after a switchover.
Conditions This symptom is observed on a Cisco 10000 series edge services routers when there are about 2500 PPP and High-Level Data Link Control (HDLC) sessions configured over two 6-port channelized T3, two 1-port channelized OC-12, and one 4-port channelized OC-3 line cards.
Workaround There is no workaround.
•CSCdx30286
Symptoms On a Cisco 12000 series 6-port channelized T3 and a 2-port channelized OC-3 line card, multilink interfaces end up being in an Up/Up state, but no traffic can go through and the adjacencies are incomplete.
Conditions This symptom is observed when you initially load the full multilink configuration but may occur also when the router or the line card boots up. The delays of the Forwarding Information Base (FIB) configuration messages may affect the protocol negotiation and cause a lockup. The larger the configuration file, the more likely that the above-mentioned situation occurs.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the affected multilink interface.
•CSCdx30380
Symptoms The active Cisco 10000 series Performance Routing Engine (PRE) reloads.
Conditions This symptom is observed when you use TFTP to load a card configuration of an over-allocated 1-port channelized OC-12 line card.
Workaround Do not over allocate the 1-port Channelized OC-12 line card.
•CSCdx31158
Symptoms A router does not receive any alarms and remains up when a connected router is shut down.
Conditions This symptom is observed when the controller on a Cisco 7500 series Router Switch Processor (RSP) is shut down.
Workaround There is no workaround.
•CSCdx31190
Symptoms A Cisco 12000 series standby Route Processor (RP) continues to reload.
Conditions This symptom is observed after the standby RP has rebooted following a Stateful Switchover (SSO).
Workaround There is no workaround.
•CSCdx33696
Symptoms The Cisco Express Forwarding (CEF) Toaster processor on a Cisco 10720 series Internet router restarts with the message "Complex Restart."
Conditions This symptom is observed on a Cisco 10720 series Internet router that is running Cisco IOS Release 12.0(21)ST when the following conditions are present:
–Explicit-null labels are configured to be received from the Multiprotocol Label Switching (MPLS) cloud.
–An input service policy is defined.
–There is a glean adjacency for the IP address found in the packet after the null MPLS label is discarded.
Workaround Do not use an explicit null configuration and an input service policy configuration simultaneously.
•CSCdx33749
Symptoms A Cisco 12000 series Internet router reloads when you insert a Clock and Scheduler Card (CSC).
Conditions This symptom is observed when you insert a CSC in slot 16 while a Simple Network Management Protocol (SNMP) query on CISCO-PROCESS-MIB is run.
Workaround Configure an SNMP view excluding CISCO-PROCESS-MIB.
•CSCdx34255
Symptoms NVRAM becomes very busy after the write memory EXEC command is entered to store a very large configuration. A vty session may appear to be active after the TCP session has ended. Neither the vty session nor the line can be cleared. Memory allocation (MALLOC) failures may occur on the slave Route Switch Processor (RSP).
Conditions These symptoms are observed on a router that has master and slave cards if a very large configuration is stored using the write memory EXEC command on the master card.
Workaround Reload the slave RSP using the slave console port.
•CSCdx34724
Symptoms T1 remote loopback functions do not operate on a Cisco 10000 series 24-port channelized E1/T1 line card. Cisco IOS software shows loopback states to be set, but the line card does not send out the bit-oriented message to set the loopback state in the remote interface.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx34902
Symptoms Intermediate System-to-Intermediate System (IS-IS) flapping occurs on a Cisco 10720 Internet router during traffic congestion.
Conditions This symptom is observed when IS-IS packets are sent on a spatial reuse protocol (SRP) ring with an SRP priority 0, which means they are more likely to be dropped by the receiver when congestion occurs.
Workaround To reduce the chances that packets are being dropped by the receiver, disable IS-IS padding on the transmitting node by entering the no isis hello padding interface configuration command.
•CSCdx34970
Symptoms A Cisco 12000 series Route Processor (RP) reloads after attempting to remove an Any Transport over MPLS (AToM) tunnel.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(22)S and that is configured as an provider edge (PE) router in a Multiprotocol Label Switching (MPLS) AToM (in this case, adaptation layer 5 [AAL5] over MPLS) environment.
Workaround There is no workaround.
•CSCdx34997
Symptoms On an OC-3 Packet-over-SONET (POS) line card that has PPP encapsulation enabled, an alarm indication signal (AIS) count may be detected on the far end of the link.
Conditions This symptom is observed when the Rx fiber is removed on the near end.
In fixing this caveat, the OC-12 POS portion of the code was properly corrected, but the OC-3 POS portion of the code was missing a change to a function. As a result, the AIS count may not show up (or it may show up), but the AIS may not be transmitted properly when the port is in the "admin down" or "loopback" state.
Workaround There is no workaround.
•CSCdx36117
Symptoms A microcode reload of a 3-port Gigabit Ethernet (GE) line card causes the Forwarding Information Base (FIB) to be disabled and the following error message to be displayed:
%FIB-3-FIBDISABLE: Fatal error, slot 2: No window message, LC to RP IPC is no n-operational
Conditions This symptom is observed after a Border Gateway Protocol (BGP) convergence of a Cisco 12416 Internet router that is running Cisco IOS Release 12.0(21.2)S and that is configured with 200 BPG peers and the following line cards:
–Two 8-port or 16-port OC-3 Packet-over-SONET line cards (in a shutdown state)
–Four 3-port GE line cards, each configured with an even distribution of 2000 VLAN subinterfaces
–Three 6-port channelized T3 line cards (in a shutdown state)
–Two Quad OC-12 ATM line cards (in a shutdown state)
Workaround There is no workaround.
•CSCdx36273
Symptoms Incoming Multiprotocol Label Switching (MPLS) traffic that is destined for Virtual Private Network (VPN) prefixes cannot be forwarded over a VPN routing/forwarding (VRF) Generic Routing Encapsulation (GRE) tunnel. The traffic is dropped at the disposition Provider Edge (PE) router, which is a Cisco 7500 series router.
Conditions This symptom is observed when distributed switching is enabled on an interface.
Workaround Configure the no ip route-cache distributed command on the input interface.
Alternate Workaround Configure the ip cef command globally.
•CSCdx37097
Symptoms You cannot scale to more than 50,000 Virtual Private Network (VPN) routes on a Cisco 12000 series Engine 4 Plus line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.2)S.
Workaround There is no workaround.
•CSCdx37539
Symptoms When an interface goes into a down state (but not in an administratively down state) and you have a virtual circuit (VC) configured on that interface, the VC goes into an inactive state. However, when the interface comes up again, the VC on the interface does not go into an active state but remains in an inactive state.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx37849
Symptoms A device that is running Cisco IOS software may reload when a command is issued to display a file that contains certain character patterns.
Conditions This symptom occurs if the file in question has a very large line. This line may have a very large continuous set of characters without any new line characters and is most likely corrupted.
Workaround There is no workaround.
•CSCdx37885
Symptoms After reloading a neighboring router that is connected to a Cisco 12000 series 12E3-SMB line card, Loss of Frame errors occur and the interface and line protocol are down.
Conditions This symptom is observed on a Cisco 12000 series 12E3-SMB line card that is running Cisco IOS Release 12.0(21)ST1, after reloading the neighboring router that is connected to the 12E3-SMB line card.
Workaround Enter the hw-module slot shelf-id/slot-number reload EXEC console command for the 12E3-SMB line card.
•CSCdx37965
Symptoms A Cisco 10000 series edge services router (ESR) encounters a parallel express forwarding (PXF) microcode reload. The error logged at the time of the reload may be one of the following:
%TOASTER-2-FAULT T1 SW Exception CPU[t1rXc1] 0x00000780
PXF CPU Toaster Stall Error
PXF DMA FTC Bad AddressConditions This symptom is observed when NetFlow is enabled, there are many active flows, and there is a high traffic rate on the router.
Workaround Disable NetFlow. After the PXF reload, the Cisco IOS software will reload the PXF microcode, and packet forwarding will resume.
•CSCdx38125
Symptoms Traceback messages may be displayed after the ip accounting mac-address input interface configuration command is configured on VLANs that have an input access control list (ACL) present. Also, accounting based on the source MAC address stops incrementing after the tracebacks are observed.
Conditions This symptom is observed on a 3-port Gigabit Ethernet card on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)ST1 in the presence of input VLAN traffic with an input ACL and with input source mac-address accounting configured on the VLAN interface.
Workaround Remove input ACLs on the VLAN interface.
•CSCdx38166
Symptoms On a Cisco 10000 series 24-port channelized E1/T1 line card that is configured with 48 channels and with 12 time-slots per channel, traffic is misdirected from channels 13 to 24 to odd-numbered channels 25 to 47.
Conditions This symptom is observed after you first have configured 24 channels with 24 time-slots per channel on the 24-port channelized E1/T1 line card.
Workaround There is no workaround.
•CSCdx38188
Symptoms Certain IP Services Engine (ISE) optical carrier (OC-3) concatenated line cards may fail to initialize and pause indefinitely at the IOS_STRT process when startup occurs.
Conditions This symptom is observed only on 16-port line cards that are shipped with specific optical modules when releases prior to Cisco IOS Release 12.0(22)S are used. The 16-port line cards that are affected by this symptom have optical modules that are silver and grey in color. The 16-port line cards that are not affected by this symptom have optical modules that are light blue in color.
Workaround Use Cisco IOS Release 12.0(21)ST3, 12.0(22)S, 12.0(21)S4, or a later Cisco IOS release.
•CSCdx38578
Symptoms An edge router reloads when route flapping occurs.
Conditions This symptom is observed on an edge router that has the Multi-VC feature configured and that has an label-controlled ATM (LC-ATM) interface that faces the Multiprotocol Label Switching (MPLS) core.
Workaround There is no workaround.
•CSCdx38690
Symptoms Large packets fail to pass on a Cisco 3600 series router that is configured with a High-Speed Serial Interface (HSSI) Network Module.
Conditions This symptom is observed on a Cisco 3600 series router that is running Cisco IOS Release 12.2(10) or Release 12.2(10.3)T and occurs only when large packets are sent.
Workaround Issue the mtu 1019 interface configuration command to set the maximum transmission unit (MTU) size of the HSSI interface to 1019 bytes. This workaround may not work in all cases.
•CSCdx39482
Symptoms A Traffic Engineering (TE) tunnel that is configured to run an explicit path that uses an IP address of a neighboring router interface takes another outgoing interface than the one specified in the explicit path.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx40927
Symptoms A router that is configured with equal-cost IPv6 static default routes may reload.
Conditions This symptom is observed on a router that is configured with more than four equal-cost IPv6 static default routes that are recursive (which means that the next hop router is not directly connected).
Workaround There is no workaround.
•CSCdx41250
Symptoms A Cisco 12000 series Engine 0 line card interface is in a Down/Down state after a switchover occurs.
Conditions This symptom is observed when the following sequence of events occurs:
a. Switchover in Route Processor Redundancy Plus (RPR+) mode
b. Mode change Stateful Switchover (SSO)
c. Switchover is SSO mode
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface.
•CSCdx41743
Symptoms All channel groups on a T1 line are disabled.
Conditions This symptom is observed when a bit error rate test (BERT) is run on a T1 line and is either stopped or allowed to run to completion and when you subsequently perform an online insertion and removal (OIR) of the line card on which the T1 line is configured.
Workaround Reconfigure the affected channel groups.
•CSCdx41790
Symptoms The T1 interface and line protocol remain down for virtual tributary (VT) controllers on a channelized OC-12 line card.
Conditions This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(22)S.
Workaround There is no workaround.
•CSCdx42955
Symptoms After a policy map is reconfigured, a Cisco 10000 series edge services router (ESR) stops forwarding traffic, but a Parallel Express Forwarding (PXF) reload does not occur.
Conditions This symptom is observed on a Cisco 10000 series ESR that is running Cisco IOS Release 12.0(21)SX when the following conditions are present:
–There is an output policy map applied to more than one interface.
–Some of the existing classes of the policy-map have Weighted Random Early Detection (WRED) configured.
–A new class is added to the policy map and is also configured with WRED.
Workaround Remove the policy map from the interfaces before you modify the policy map.
•CSCdx43665
Symptoms When you send large Internet Control Message Protocol version 6 (ICMPv6) packets (that is, greater than 1024 bytes) out of a Packet-over-SONET interface, there is a response of 75 percent or less on the receiving side, whereas if you use using ICMP version 4 (ICMPv4), there is a response of 100 percent.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx45205
Symptoms Open Shortest Path First (OSPF) fails across a multilink bundle.
Conditions This symptom is observed in a distributed Multilink PPP (dMLP) configuration that has N links in a multilink bundle when a Cisco 7500 router is setup back-to-back with any other peer router. When any of the links are removed from the bundle on one side (other than Cisco 7500), OSPF connectivity is lost for few seconds on the Cisco 7500 router side and then recovers immediately.
Workaround There is no workaround.
•CSCdx45348
Symptoms The show controller au-4-tug-3 slot subslot port does not display any output.
Conditions This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(22)S.
Workaround There is no workaround.
•CSCdx45367
Symptoms A Cisco 10000 series edge services router reloads with an ROM monitor (ROMmon) error and displays the following message:
%SYS-6-BLKINFO: Corrupted next pointer blk.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx45679
Symptoms A router reloads when packets are process switched from the IP to the Multiprotocol Label Switching path and need to be fragmented.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx45702
Symptoms Provider edge (PE) routers that function in a Multiprotocol Label Switching (MPLS) AToM (in this case, adaptation layer 5 [AAL5] over MPLS) cannot reach each other.
Conditions This symptom is observed on routers that are running Cisco IOS Release 12.0(22)S.
Workaround There is no workaround.
•CSCdx46634
Symptoms A Cisco 10000 series edge services router does not receive adjacencies for local IP addresses in Virtual Private Network (VPN) routing/forwarding (VRF) instances, which causes problems with routing protocols.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface that has incorrect adjacencies.
•CSCdx47229
Symptoms A quality of service (QoS) group is overwritten with the port number. The packets that arrive on an egress line card do not have the QoS group set as expected.
Conditions This symptom is observed when a QoS group is set (for example, using the bgp-policy destination ip-qos-map command) for a packet that needs to go through Multiprotocol Label Switching (MPLS) fragmentation.
Workaround There is no workaround.
•CSCdx47342
Symptoms A Cisco 12008 Internet router reloads because of a bus error and displays the following error message:
System returned to ROM by bus error at PC 0x5037FD38, address 0x34303A41
Repeat usage of the show mpls forwarding command or the show tag forwarding command causes the router to reload with the following error message:
Uncompressing (gzip fmt) and reading gsr-p-mz.120-21.ST1.symbols.gz gsr-p-mz.120-21.ST1.symbols.gz read in Enter hex value: 00.00.00.00 00.00.00.00 00.00.00.00 00.00.00.00 00.00.00.00 00.00.00.00 00.00.00.00 00.00.00.00:ipc_compare_ports(00.00.00.00)+0x0 00.00.00.00:ipc_thread_lookup(00.00.00.00)+0x0 00.00.00.00:ipc_get_port(00.00.00.00)+0x0 00.00.00.00:ipc_process_message(00.00.00.00)+0x0 00.00.00.00:ipc_process_raw_pak(00.00.00.00)+0x0 00.00.00.00:ipc_rx_enqueue(00.00.00.00)+0x0 00.00.00.00:csar_receive_buffer(00.00.00.00)+0x0 00.00.00.00:csar_from_fab_handler(00.00.00.00)+0x0 00.00.00.00:csar_int_handler(00.00.00.00)+0x0 00.00.00.00:bfrp_csar_intr(00.00.00.00)+0x0
Conditions These symptoms are observed on a Cisco 12008 Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)ST1 and occur because of a string overflow in a local stack. This string overflow occurs because the Virtual Private Network version 4 (VPNv4) prefixes in the autonomous system border router (ASBR) use the complete IP address as the route distinguisher (for example, "rd: 138.xxx.xxx.xxx:0") when the show tag forwarding command is typed, instead of the much shorter autonomous system number.
Workaround Define the route distinguishers using autonomous system numbers instead of IP addresses.
•CSCdx47936
Symptoms If you configure modular quality of service (QoS) using the command-line interface (CLI) on a 4-port OC-48 Dynamic Packet Transport (DPT) line card, a Cisco 12000 series Internet router fails.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)ST1.
Workaround Configure QoS using the traditional method.
•CSCdx48420
Symptoms Configuring Virtual Private Network (VPN) routing/forwarding (VRF) instances on a Frame Relay (FR) subinterface breaks the connectivity between a provider edge (PE) router and a customer edge (CE) router. The PE router cannot ping the CE router that is directly connected to the PE router.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround Remove the subinterface completely and reconfigure it.
•CSCdx48467
Symptoms A Committed Access Rate (CAR) configuration is not effective to police outbound traffic on a Cisco 12000 series Engine 3 line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.03)S when the outbound traffic is directed to a Traffic Engineering (TE) tunnel.
Workaround There is no workaround.
•CSCdx51317
Symptoms A 4-port OC-12 ATM-MM-SC line card reloads because of a bus error exception.
Conditions This symptom is observed when a standard output access control list (ACL) (127 lines) is configured on another line card—an Engine 2 OC-48E Packet-over-SONET (POS)-SR-SC-B line card—and commands that are related to the Packet Switching ASIC (PSA) are used.
Workaround There is no workaround.
•CSCdx52782
Symptoms A 6-port channelized T3 line card reloads when it is configured into T1 channels and then reconfigured through one TFTP load.
Conditions This symptom is observed on a Cisco 10000 series edge services router. After the line card reloads, the final configuration prevails and the line card works normally.
Workaround Do not configure and reconfigure T1 channels rapidly (that is, using a TFTP load) at boot time.
•CSCdx54358
Symptoms When you enter the show diag command on the Cisco 12000 series Internet router, the Gigabit Route Processor (GRP) is displayed as an GRP-B, which is misleading
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx55296
Symptoms When you attempt to boot up a Cisco 7500 series router from a Flash card that is inserted in a Route Switch Processor that is placed in slot 0 or slot 1, the bootup fails because of a translational bridging (TLB) (load/fetch) exception error.
Conditions This symptom is observed on a Cisco 7500 series router that is running the rsp-pv-mz image of Cisco IOS Release 12.0(21.3)S1.
Workaround Set the configuration register to 0x2102 (or another nonzero value) to prevent the bootup failure. Note that TFTP booting works fine.
•CSCdx55443
Symptoms An Engine 0 line card may reload.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S or Release 12.0(21)ST when IP multicast traffic is present. The following error message may be displayed when this symptom occurs:
%LC-4-UNEXPECTED_INP_INFO: Unexpected info in buffer header, input info 0x0
Workaround Disable IP multicast or use Cisco IOS Release 12.0(21)ST3.
•CSCdx56997
Symptoms A router is in Route Processor Redundancy (RPR) mode, but the configuration is defined as Route Processor Redundancy Plus (RPR+) mode or Stateful Switchover (SS) mode.
Conditions This symptom is observed following a Fast Software Upgrade (FSU) procedure.
Workaround Reload the router.
Alternate Workaround Define the configuration as RPR and then redefine the configuration as RPR+ or SSO.
•CSCdx59056
Symptoms Label Distribution Protocol (LDP) and Border Gateway Protocol (BGP) with IPv4+labels could be applied to the same Virtual Private Network (VPN) routing/forwarding instance (VRF) on the same router, which is restricted in the current code. Hence, the feature cannot work properly.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)3S1.
Workaround There is no workaround.
•CSCdx59650
Symptoms When a 802.1Q interface is already configured on a Cisco 10000 series edge services router, reentering the same commands that you used to configure the 802.1Q interface causes the interface to stop sending traffic.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround Delete and create subinterfaces if you are going to configure 802.1W interfaces. Entering the shutdown interface configuration command followed by the no shutdown interface configuration command on the 802.1Q interface may solve the situation.
•CSCdx60213
Symptoms A router 3 Gigabit Ethernet (GIG E) reloads.
Conditions This symptom is observed on a Cisco 12000 series Internet router when the catalyst connected to one of the 3 Gigabit Ethernet (GE) ports is reset.
Workaround There is no workaround.
•CSCdx62442
Symptoms If you perform two Route Processor Redundancy Plus (RPR+) switchovers and you reload microcode, the router fails to synchronize interface configurations to the standby Route Processor (RP) and the following error message is displayed:
%FILESYS-4-RCSF: running config Too big to sync.. (46453) <> -Traceback= 5038169C 5038177C 50247664 502C8DEC 502C9064 502C9648 502C9700 502CA638 502CA9C4 501E9A24 501E9A10 00:11:28: %GRP-4-CFGSYNC: Failed to sync interface config to standby RP
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx62533
Symptoms A Cisco 7500 series router reloads with an error message that is similar to the following:
rx_intr: Received giant packet -- dsize=4488, max=4488, p_count=10, max_p_count=9
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(21.3)S1 and that is configured with a PA-SRP-OC12MM port adapter.
Workaround There is no workaround.
•CSCdx62750
Symptoms Configuring a router to use a Forwarding Adjacency Traffic Engineering (TE) tunnel may result in a software reload.
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCdx62768
Symptoms Traffic fails after a Performance Routing Engine (PRE) cutover on the provider edge (PE) router.
Conditions This symptom is observed on a Cisco 10000 series edge services router.
Workaround There is no workaround.
•CSCdx62867
Symptoms Sixty six interfaces out of 3000 interfaces do not come up after three switchovers.
Conditions This symptom is observed on a Cisco 10000 series edge services router when 3000 High-Level Data Link Control (HDLC) interfaces are configured and you switch one or more times from the primary Performance Routing Engine (PRE) to the secondary PRE.
Workaround There is no workaround.
•CSCdx63206
Symptoms A Cisco 10000 series 24-port channelized E1/T1 line card cannot ping a remote router if a network line loopback command has been previously applied and then removed.
Conditions These symptoms are observed on a Cisco 10000 series edge services route during channelization tests.
Workaround Do not apply a network line loopback command to the framer of the line card.
•CSCdx64606
Symptoms The routes database of a provider edge (PE) router that is running IPv6 in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) is not cleared when Border Gateway Protocol (BGP) is stopped. When BGP comes up again, the 6PE continues to use old entries and forwards traffic incorrectly.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx65575
Symptoms After an Route Processor Redundancy Plus (RPR+) switchover during Border Gateway Protocol (BGP) convergence, line cards stay in the Cisco IOS "Up" state which causes the line cards to time-out and the following error message to appear:
SLOT 6:00:21:51: %FIB-3-FIBDISABLE: Fatal error, slot 6: Linecard timed out waiting for messages from RP
SLOT 4:00:21:30: %FIB-3-FIBDISABLE: Fatal error, slot 4: Linecard timed out waiting for messages from RP
SLOT 5:00:21:30: %FIB-3-FIBDISABLE: Fatal error, slot 5: Linecard timed out waiting for messages from RP
SLOT 3:00:21:30: %FIB-3-FIBDISABLE: Fatal error, slot 3: Linecard timed out waiting for messages from RPThe switchover occurs after the line cards are in the Cisco IOS "Run" state.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx66626
Symptoms A Cisco router does not forward a Bootstrap Protocol (BootP) that comes across a High-Level Data Link Control (HDLC) encapsulation connection from a particular non-Cisco device. The non-Cisco device sends BootP packets as broadcasts, but neglects to set the "broadcast" bit in the HDLC header, which causes all HDLC packets to be dropped.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0 S.
Workaround There is no workaround.
•CSCdx66913
Symptoms Per-packet load-balancing does not function.
Conditions This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(21.3)S1.
Workaround There is no workaround.
•CSCdx67602
Symptoms An indefinite output pause may occur on a serial interface that is a member of a multilink group, and the following logs may be seen:
May 16 18:53:05.812: %RSP-3-RESTART: interface Serial3/0/0, not transmitting
May 16 18:53:05.812: Serial3/0/0: microcode reloadConditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.2(10) with a PA-4T-V35 port adapter inserted in the Versatile Interface Processor (VIP)2-50 or in the VIP2-40 and where one physical interface is a member of a multilink group and another interface is configured for High-Level Data Link Control (HDLC), and where Cisco Express Forwarding (CEF) is enabled globally and disabled on the multilink interface (bundle master), and, lastly, where distributed weighted fair queuing (WFQ) is enabled on the interface configured for HDLC.
Workaround There is no workaround.
•CSCdx67827
Symptoms Spurious reporting of T1 bit error rate test (BERT) data occurs, and LCDOS reloads may occur on the line card on which the T1 line is configured.
Conditions This symptom is observed on a Cisco 10000 series router when you perform a BERT on a T1 line that is not in an "Up" state.
Workaround There is no workaround.
•CSCdx67850
Symptoms A pattern synchronization "lost/found" interrupt storm causes the depletion of buffer pools on a Cisco 10000 series line card and may cause the line card to reload.
Conditions This symptom is observed on a local router when a remote router is reset during a bit error rate test (BERT).
Workaround There is no workaround. The fix for this caveat adds a throttle mechanism to keep any type of interrupt storm from taking up too much space on the processor of a line card.
•CSCdx69170
Symptoms Enabling 448 lines of ingress access control lists (ACLs) on a Cisco 12000 series Engine 2 Quad OC-12 Packet-over-SONET (POS), a 1-port OC-48 POS, or an OC-48 Dynamic Packet Transport (DPT) line card causes traffic forwarding to fail.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S2.
Workaround There is no workaround.
•CSCdx70546
Symptoms A secondary Cisco 10000 series Performance Routing Engine (PRE) reloads, and both the primary and the secondary PRE go to a ROM monitor (ROMmon) state.
Conditions This symptom is observed when you perform a switchover on a Cisco 10000 series edge services router (ESR) that is configured with 100 ATM permanent virtual connections.
Workaround There is no workaround.
•CSCdx71843
Symptoms Loopback fails on engine 2 line cards.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S2.
Workaround There is no workaround.
•CSCdx73286
Symptoms Two channelized interfaces have the same interface index (ifIndex) number.
Conditions This symptom is observed on a Cisco 12000 series Internet router when you create, clear, and then recreate channelized interface description blocks (IDBs) according to the following steps:
a. Create serial interface 2/0/1:0
b. Create serial interface 2/1/1:0
c. Clear serial interface 2/0/1:0
d. Clear serial interface 2/1/1:0
e. Create serial interface 2/0/1:0
f. Create serial interface 2/0/1:1
g. Create serial interface 2/1/1:0
The condition arises in Steps f and g. When you enter the show idb command, serial interface 2/0/1:1 and serial interface 2/1/1:0 display the same ifIndex number although they have two different IDBs.
Workaround There is no workaround.
•CSCdx73364
Symptoms A Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) between a provider (P) router and a provider edge (PE) router does not function. MPLS VPN deaggregation packets are dropped by the PE router.
Conditions This symptom is observed when you use a Cisco 12000 series 3-port Gigabit Ethernet line card between the P and PE router.
Workaround There is no workaround.
•CSCdx73666
Symptoms Some channelized users may be left down and, via Cisco Discovery Protocol (CDP), you can see these devices connected via different E1s and time slots.
Conditions This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(21)ST when the redundancy force-failover main-cpu command is used.
Workaround A temporary workaround is to reconfigure the correct controller details. Otherwise, there is no workaround.
•CSCdx73916
Symptoms The Multiprotocol Label Switching (MPLS) forwarding table does not display a label for an aggregate route.
Conditions This symptom is observed on a Cisco 10720 Internet router and affects only the aggregate routes that are explicitly configured under the Border Gateway Protocol (BGP) configuration using the aggregate-address address mask summary-only command.
Workaround There is no workaround.
•CSCdx74709
Symptoms The Ring Access Controller (RAC) watchdog timer of a Cisco 12000 series Dynamic Packet Transport (DPT) line card expires and forces the RAC into a pass through state.
Conditions This symptom is observed when there is an error condition and the CPU usage is 100 percent.
Workaround There is no workaround.
•CSCdx74841
Symptoms Irregularities occur when you create permanent virtual connections (PVCs) on a Cisco 10000 series edge services router (ESR).
Conditions This symptom is observed on a Cisco 10000 series ESR when an ATM interface is not up and an existing variable bit rate (VBR) or constant bit rate (CBR) PVC is modified, causing the total subscribed rate that is associated with the ATM interface to be improperly adjusted.
Workaround Modify an existing VBR or CBR PVC when the ATM interface is up.
•CSCdx74864
Symptoms A bus error may occur on a router and the router returns to the ROM monitor (ROMmon) prompt.
Conditions This symptom is observed on a Cisco 10000 series edge services router when running an ATM test, atm_mult_card_mult_port_vbr_aggr_segm_and_reas_change_pcr. This error seems to happen on the unconfiguration part of the test.
Workaround There is no workaround.
•CSCdx75775
Symptoms The multicast prefix 224.0.0.0/4 is missing from the Cisco Express Forwarding (CEF) table for all nondefault Virtual Private Network (VPN) routing/forwarding (VRF) instances on all line cards and redundant Route Processors.
Conditions This symptom is observed on a a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx76085
Symptoms A few out of 1000 interfaces are not up after a Trivial File Transfer Protocol (TFTP) loading configuration has occurred.
Conditions This symptom is observed on a Cisco 10000 series edge services router
Workaround There is no workaround.
•CSCdx76487
Symptoms An IronBus error occurs on a Cisco 10000 series edge services router.
Conditions This symptom is observed when flapping occurs on serial interfaces that are configured on a T1 line that is configured on a T3 line on a Cisco 10000 series 1-port channelized OC-12 line card.
Workaround There is no workaround.
•CSCdx76645
Symptoms A backup clock switched card0 (CSC0) may to go into a "going on" state.
Conditions This symptom is observed when an online insertion and removal (OIR) is performed on a primary CSC on a Cisco 12406 router with the primary clock on CSC1 (slot 17).
Workaround There is no workaround.
•CSCdx77061
Symptoms Certain small packets that require padding encounter packet corruption because the last byte of the packet payload is corrupted.
Conditions This symptom is observed on a Cisco 10720 Internet router that is running Cisco IOS Release 12.0(19)SP or a later release and occurs only on packets that have 35 or 39 bytes of IP length and does not affect packets of any other size.
Workaround There is no workaround.
•CSCdx79262
Symptoms Line cards may reload while trying to send traffic in a basic Virtual Private Network (VPN) setup.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.
Workaround There is no workaround.
•CSCdx79282
Symptoms NetFlow statistics may not be recorded for some packet flows.
Conditions This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(20)ST3. If there are many active flows and they stop all at once, the NetFlow statistics for many of the flows may not be recorded.
Workaround There is no workaround.
•CSCdx79327
Symptoms Under rare situations Parallel Express Forwarding (PXF) may reload with the following message:
"%PXF-2-FAULT: T0 Local Bus Exception: CPU[t0r1c1] TBACB"
Conditions This symptom is observed on a Cisco 10000 series edge services router. The symptom persists while forwarding to a particular IP address. The address cannot readily be predetermined.
In Cisco IOS Release 12.0(20)ST, Release 12.0(21)ST, and Release 12.0(21)SX on Performance Routing Engine (PRE)-1, no reload occurs, but traffic for the affected IP address is not forwarded.
Workaround There is no workaround.
•CSCdx80124
Symptoms Gigabit Route Processor (GRP) and GRP-B temperatures are incorrectly reported as NA.
Conditions This symptom is observed when running the show environment [ temperatures ] privileged EXEC command on a Cisco 120000 series Internet router.
Workaround There is no workaround.
•CSCdx80546
Symptoms A standby Route Processor (RP) may reload when a primary configuration is changed.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx80891
Symptoms If policing is enabled using the Modular QoS CLI (MQC), it may not work with Class-Based Weighted Fair Queueing (CBWFQ) on a Frame Relay subinterface, although with Low Latency Queueing ( ) it may work properly.
Conditions This symptom is observed on a Cisco 7500 series router when packets are Cisco Express Forwarding (CEF) switched instead of distributed Cisco Express Forwarding (dCEF) switched. Also, if output policing is enabled on the router, output policing and output queueing may not work.
Workaround Disable output policing or make sure that packets are dCEF switched instead of non-dCEF switched.
•CSCdx80911
Symptoms An Ethernet over Multiprotocol Label Switching (EoMPLS) Ether Frame with a destination MAC address that starts from 0x4 may high drop on the egress provider edge (PE) router.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx81556
Symptoms Virtual Private Network (VPN) routing/forwarding (VRF) VLAN packet switch ASIC (PSA) registry memory does not reinitialized when another PSA uload loads and then unloads because of higher priority PSA features getting configured and then unconfigured. Therefore, VRF VLAN forwarding no longer works.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx82050
Symptoms The Virtual Private Network (VPN) routing/forwarding (VRF) Selection driver may not initialize the VRF selection registers when the VRF selection bundle gets loaded.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround Reload the microcode in the line card.
•CSCdx82372
Symptoms The layer-2 adjacency of a Cisco router may remain glean.
Conditions This symptom is observed on a Cisco 10720 series edge services router that is running Cisco IOS Release 12.0(21.3)S1 with Virtual Private Network (VPN) routing/forwarding (VRF) static routes on dot1q sub-interfaces on a Fast Ethernet. The layer-2 rewrite can be built through a ping. The symptom did not occur on Cisco IOS Release 12.0(21.4)S.
Workaround There is no workaround.
•CSCdx82381
Symptoms Traceback may occur under certain instances when Border Gateway Protocol (BGP) invokes the Tag Forwarding Information Base (TFIB) module of a provider edge (PE) router that is running IPv6 in a Multiprotocol Label Switching (MPLS) environment (also referred to as a 6PE router) to add a router when nexthop is not set.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is not workaround.
•CSCdx83597
Symptoms Label Distribution Protocol (LDP) may not come up. The show mpls ldp discovery command displays the following output message:
TDP running; needs TDP identifier ..
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(21.4)S only if the router is capable of using Stateful Switchover (SSO) after a switchover.
Workaround Reload the active Route Processor.
•CSCdx83707
Symptoms Parallel Express Forwarding (PXF) may reload and restart.
Conditions This symptom is observed on a Cisco 10000 series edge services router when deleting an attached policy map.
Workaround Remove the policy from all interfaces before deleting the policy from the configuration.
•CSCdx84445
Symptoms A line card may be stuck in the off-for-download state.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S2. This symptom may be indicated in the output of the show cef linecard EXEC command.
Workaround There is no workaround.
•CSCdx84984
Symptoms On a dual Route Processor (RP) router with the Route Processor Redundancy Plus (RPR+) feature enabled, if the standby RP is reloaded before it is fully initialized, the global configuration on the active RP gets locked.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S. The symptom only occurs if the standby RP is reloaded by an operator command while a Bulk Sync is performed on the running configuration.
Workaround There is no workaround.
•CSCdx86498
Symptoms A ping fails over a Multiprotocol Label Switching Traffic Engineering (MPLS-TE) tunnel.
Conditions This symptom is observed on a Cisco 12000 series Internet router when the uplink interface is a Gigabit Ethernet line card.
Workaround There is no workaround.
•CSCdx86570
Symptoms Spurious accesses occur on a per-packet basis on a Versatile Interface Processor (VIP). In addition, interfaces and routing protocols on the affected VIP and other interfaces on the router may flap.
Conditions This symptom is observed on a Cisco 7500 series router when Multiprotocol Label Switching (MPLS) is enabled on one of the VIP interfaces.
Workaround There is no workaround.
•CSCdx86907
The following caveat describes two symptoms, two conditions, and two workarounds:
Symptom A An access control list (ACL) does not operate correctly to match Layer 4 Operation (L4Op) entries. The ACL clears the logical operator unit (LOU) while it is still being used by other interfaces.
Conditions A This symptom is observed when an ACL is removed from one interface after the ACL is applied to multiple interfaces.
Workaround A Remove the ACL from all interfaces to which the ACL has been applied and reapply the ACL to the interfaces as needed.
Symptom B A ternary content addressable memory (TCAM) LOU capacity error may occur even though the number of used LOUs in the existing ACLs is less than the set limit.
Conditions B This symptom is observed when two different ACLs are applied to two different interfaces (ACL A on interface A and ACL B on interface B). When ACL A is applied to interface B, the LOU from ACL B is not cleared. This behavior causes LOUs to be wasted in TCAM.
Workaround B First remove ACL B from the interface, and then reapply ACL A to that interface.
•CSCdx87271
Symptoms A standby Route Processor may reload after a Route Processor Redundancy Plus (RPR+) switchover.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.
Workaround There is no workaround.
•CSCdx87293
Symptoms When Field Diagnostics are executed on a line card, Framer Loopback tests may fail if fiber is connected to the line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S.
Workaround Do not run Field Diagnostics on line cards that have fiber connected to them.
•CSCdx88897
Symptoms Label Distribution Protocol (LDP) cannot create a Tag Information Base (TIB) entry for 0.0.0.0. This prevents LDP from performing label switching on a packet that is routed using the default route.
Conditions This symptom is observed in Cisco IOS Release 12.2(11.03)T, Release 12.2(11.03)S, Release 12.2(011.003), Release 12.0(21.04)SY, and Release 12.0(21.04)S.
Workaround There is no workaround.
•CSCdx89425
Symptoms When a line card reloads while multicast traffic is being sent to its ingress interface, the line card may reload again.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx90522
Symptoms Multicast packets are not reaching the IP/Open Shortest Path First (OSPF) layer in a router.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx91397
Symptoms The Multilink PPP (MLPPP) sequence number may not be updating correctly. Also, traffic gets punted to the Route Processor (RP).
Conditions This symptom is observed on a Cisco 10000 series edge services router that is running Cisco IOS Release 12.0(21.4)S after a Performance Routing Engine (PRE) cutover.
Workaround Enter the shutdown interface configuration command followed by the no shutdown interface configuration command after the cutover.
•CSCdx91482
Symptoms A master Route Switch Processor 8 (RSP8) may reload after an online insertion and removal (OIR) of a line card
Conditions This symptom is observed on a Cisco 7500 series router that is configured with dual RSP8s.
Avoiding an OIR following the bootup of the slave RSP8 reduces the chance that the master RSP8 will reload. The symptoms have not been observed on other RSPs (that is, other than the RSP8s).
Workaround There is no workaround.
•CSCdx93629
Symptoms The following error messages may be displayed on a router:
SLOT 8:00:27:52: %EE48-5-TM_PROC: TCAM Delete Table not free(40), Alpha:RX Lbl:4099 Appl:2 fail: 40
-Traceback= 403503E0 403504FC 40356E34 4035779C 403579B0 400B3DFC 400B3DE8
SLOT 8:00:28:00: %EE48-5-TM_PROC: TCAM Delete Invalid Parameters(35), Alpha:RX Lbl:4099 Appl:2 fail: 35
-Traceback= 403503E0 403504FC 40356E34 4035779C 403579B0 400B3DFC 400B3DE8The access control list (ACL) stops functioning properly after this symptom occurs.
Conditions This symptom is observed if the same ACL is applied to multiple interfaces on an IP Service Engine (ISE) that is installed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdx94390
Symptoms The following error message appears on a Cisco 12000 series Internet router when you enable a turbo access control list (Turbo ACL):
%SYS-2-MALLOCFAIL: Memory allocation of 10980020 bytes failed from 0x400BE22C, alignment 32
Pool: Processor Free: 25912464 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "TurboACL", ipl= 0, pid= 41
-Traceback= 400BB150 400BD4E4 400BE234 40BCDBE4 40BCDA70 40BCDAB8 40BCDAB8 40BCD97C 40BCFD00 40BD1650 400B3DFC 400B3DE8Conditions This symptom is observed on a a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S2 and that is configured with an 8-port Fast Ethernet 100-Base-TX interface with 128 MB of route memory.
Workaround Turn off compiled access lists using the no access-list compiled global configuration command.
•CSCdx96315
Symptoms A line card reloads when you remove a static route from a Cisco 12000 series Internet router.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
•CSCdx96410
Symptoms Traffic that is travelling into the core from a autonomous system border router (ASBR) is dropped from an inter-autonomous system setup because some packets that are travelling out of the ASBR are corrupted in the hardware of a Cisco 12000 series Engine 2 line card.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdy01678
Symptoms Traffic is forwarded to the correct outgoing interface, but no labels are imposed on the traffic.
Conditions This symptom is observed in the case of an Inter-AS Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) when E4P receives traffic on a VPN routing/forwarding (VRF) interface on an autonomous system border router (ASBR).
Workaround There is no workaround.
•CSCdy04039
Symptoms A 3xGE card may reload following the configuration of Border Gateway Protocol (BGP) Policy Accounting on either the main interface or a subinterface.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S2.
Workaround There is no workaround.
•CSCdy10296
This caveats is closed in Cisco IOS Release 12.0(22)S.
Symptoms Distributed Cisco Express Forwarding (dCEF) is disabled on a Cisco 12000 series Engine 4 (E4) line card, and the line card runs out of forwarding memory.
Conditions This symptom is observed on an E4 line card that is configured with approximately 200,000 Border Gateway Protocol (BGP) routes and with more than 4000 Intermediate System-to-Intermediate System (IS-IS)/Open Shortest Path First (OSPF) routes, when each IS-IS/OSPF prefix is a multipath route.
Workaround Disable outgoing class of service (CoS) by entering the no cos gsr tx command. The cos gsr tx command is an undocumented command that, by default, allocates an amount of memory for CoS functionality when the router boots up, even if you have not configured CoS. However, if you have enabled CoS on the E4 line card, entering the no cos gsr tx command will disable CoS on the E4 line card.
•CSCin01394
Symptoms A Cisco 7500 series router displays the following error messages:
%SRP-4-ALARM: SRP0/0/0 Side B Keepalive Failure (MAC)
%SRP-4-WRAP_STATE_CHANGE: SRP0/0/0 wrapped on side A (side B Self Detect Signal Fail)
%SRP-4-ALARM: SRP0/0/0 Side B Keepalive OKConditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(21)S and through which no traffic is flowing.
Workaround There is no workaround.
•CSCin03257
Symptoms A back-to-back ping for multilink fails.
Conditions This symptom is observed when you have the multilink min-links links command configured on the multilink interface.
Workaround Enter the shutdown interface configuration command on the multilink interface, wait for the multilink and the member links to go down, and enter the no shutdown interface configuration command on the multilink interface. After the multilink comes up, the back-to-back ping for multilink will work.
•CSCin03391
Symptoms Pings cannot be sent between routers.
Conditions This symptom is observed when a ping is sent from a customer edge (CE) router to another CE router via a provider edge (PE) router. This symptom occurs if the routers are configured using scripts.
Workaround There is no workaround.
•CSCin07076
Symptoms A Cisco 7500 router may reload.
Conditions This symptom is observed on a Cisco 7500 series router after distributed Multilink PPP (dMLP) is enabled.
Workaround There is no workaround.
•CSCin08685
Symptoms A Cisco 7200 series router reloads because of memory allocation (MALLOC) failures.
Conditions This symptom is observed on a Cisco 7200 series router that is configured with a PA-MC-8TE1+ port adapter when the router is connected back-to-back to another router with full channelization and heavy traffic flowing through the interfaces. When the router that is connected to the Cisco 7200 series router reloads, the interfaces flap and cause the Cisco 7200 series router to reload.
Workaround There is no workaround.
•CSCin10568
Symptoms Untagged entries appear in the Tag Forwarding Information Base (TFIB).
Conditions This symptom is observed when you toggle a Label Distribution Protocol (LDP)/Tag Distribution Protocol (TDP) session by toggling the LDP router identification (ID). This situation occurs in Cisco IOS Release 12.0 (21.01)SY02, Release 12.0(21.01)S02, Release 12.2(08.05)T, Release 12.2(08.04) S, Release 12.002(008.004), or later versions of the above-mentioned releases.
Workaround Enter the clear ip route network command to recover from the situation.
•CSCuk32791
Symptoms A Cisco 12000 series Engine 0 line card that is configured with a high number of adjacencies is disabled when restarted. The following Forwarding Information Base (FIB) disable error message is displayed for the line card:
%FIB-3-FIBDISABLE: Fatal error, slot 3: No window message, LC to RP IPC is non-operational
CEF-IPC: Disabled distributed CEF in 3 slot. linecard disabled because we did not get a window message
CEF-IPC: Sent DCEF terminate request to slot 3Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19)S02, Release 12.0(20.03)ST01, Release 12.0(20.03)S01, or later releases and occurs only at the startup of an Engine 0 line card that is configured with approximately 15,000 or more adjacencies.
Workaround Reduce the number of adjacencies to less than 15,000.
•CSCuk34310
Symptoms A Cisco 12000 series Internet router reloads unexpectedly after multiple Border Gateway Protocol (BGP) route state transitions (flaps) occur.
Conditions This symptom is observed on a Cisco 12000 series Internet router that has Multiprotocol Label Switching (MPLS) enabled.
Workaround There is no workaround.
Wide-Area Networking
•CSCdm12179
Symptoms A multilink interface stops processing received packets from a peer.
Conditions This symptom is observed when the peer multilink interface goes down and comes back up. The show ppp multilink command will indicate "received lost fragments" when the symptom occurs.
Workaround Clear the multilink interface.
•CSCds31716
Symptoms A Cisco 7500 series router that is configured with a Route Switch Processor 1 (RSP1) pauses indefinitely at the rsp_fs_free_memd_pak process and displays the following message on the console:
%RSP-3-BADBUFHDR: freeing MEMD pak, address 0 -Traceback= 60367710 60373AA4 602D30B8 600DA700 602413E0 602416D8 60FCE4D8 60FCC CD0 602223C8 602224F4 6036A260 60378E70 60331290
Conditions The conditions under which these symptoms occur are not known at this time.
Workaround There is no workaround.
•CSCds80984
Symptoms Packets are lost when a single link is contained in a Multilink PPP (MLP) or dialer interface. Interleaving does not work, and most or all voice packets are lost.
Conditions These symptoms are observed in Cisco IOS Release 12.1 and Release 12.1 T when an MLP/Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) routing/forwarding (VRF) instance and Cisco Express Forwarding (CEF) or a dialer interface are used with MLP.
Workaround Use a fragmentation delay of 10 ms or 20 ms on dialer interfaces that use MLP encapsulation with MPLS or with CEF, or add a dialer load threshold of 1 to the dialer interface.
•CSCdu60305
Symptoms A Versatile Interface Processor (VIP) reloads because of memory corruption.
Conditions This symptom is observed when Inter-Switch Link (ISL) encapsulation is enabled on an interconnected Gigabit Ethernet interface and traffic is flowing between two routers that are connected or an information exchange of keepalives or of Cisco Discovery Protocol (CDP) occurs.
Workaround There is no workaround.
•CSCdx02803
Symptoms All router interfaces on a Cisco 7500 series router come down, and the router produces error messages that start in the following way:
%RSP-2-QAERROR: reused or zero link error, write at addr 1AA0 (QA) log 221AA000, data FCF00000 00000000
%QA-3-DIAG: Failed to enqueue buffer header 0xFCF0
%QA-3-DIAG: Approximate stack backtrace prior to interrupt:
%QA-3-DIAG: -Traceback= 60A6AC68 601E0B14 603639D8 60311680
%QA-3-DIAG: No NULL terminator for queue 0x28Note: There may be many other error messages.
Conditions This symptom is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0(20.4)ST.
Workaround There is no workaround.
•CSCdx51820
Symptoms A Cisco 12000 series Internet router that has the frame-relay nni-annex1 command enabled on an Engine 0 or Engine 2 line card and routed permanent virtual circuits (PVCs) configured reloads.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S when you attempt to configure High-Level Data Link Control (HDLC) encapsulation on any Engine 0 or Engine 2 line card.
Workaround Disable the frame-relay nni-annex1 command before you configure the encapsulation.
Resolved Caveats—Cisco IOS Release 12.0(21)S8
Cisco IOS Release 12.0(21)S8 is a rebuild release for Cisco IOS Release 12.0(21)S. The caveats in this section are resolved in Cisco IOS Release 12.0(21)S8 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•Symptoms: A description of what is observed when the caveat occurs.
•Conditions: The conditions under which the caveat has been known to occur.
•Workaround: Solutions, if available, to counteract the caveat.
Miscellaneous
•CSCeb09402
Symptoms: When upgrading to a special build image based on Cisco IOS Release 12.0(21)S6, a Cisco router with peer-group configuration is sending full Border Gateway Protocol (BGP) routes to its neighbors, but there are many prefixes that are missing from the neighbor side. Turning on the debug ip bgp update privileged EXEC command on the neighbor side shows the following error when the routes are received:
BGP: x.x.x.x rcv UPDATE about y.y.y.y/nn -- DENIED due to: non-connected next- hop;
Conditions: The problem is that an incorrect NEXTHOP is sent to some peer- group members. Cisco IOS Release 12.0(21)S2 image does not exhibit this problem.
Workaround: Configure the neighbor ip- address | peer-group-name next-hop- self command for the peer-group. See the following example:
neighbor ext-peers peer-group
neighbor ext-peers next-hop-self•CSCed27956
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
•CSCed38527
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
Resolved Caveats—Cisco IOS Release 12.0(21)S7
Cisco IOS Release 12.0(21)S7 is a rebuild release for Cisco IOS Release 12.0(21)S. The caveats in this section are resolved in Cisco IOS Release 12.0(21)S7 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
•Symptoms: A description of what is observed when the caveat occurs.
•Conditions: The conditions under which the caveat has been known to occur.
•Workaround: Solutions, if available, to counteract the caveat.
Basic System Services
•CSCdx71842
Symptoms: A router may reload when the ip community-list global configuration command is entered on the router with an illegal regular expression pattern. The following is an example of a ip community-list global configuration command that may cause the router to reload:
ip community-list expanded test permit (6327:[1_)
Conditions: This symptom is observed when running Cisco IOS Release 12.0(21)S6.
Workaround: Avoid entering the ip community-list global configuration command with an illegal regular expression pattern.
IP Routing Protocols
•CSCdu53656
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
•CSCdy48954
Symptoms: Border Gateway Protocol (BGP) prefixes may become missing from the routing table even when the prefix is present in BGP. The routing entry that is missing is the next-hop entry that is resolved through the internal Border Gateway Protocol (iBGP).
Conditions: This symptom is observed on a router that is running BGP.
Workaround: Force a best-path recalculation on the prefix to install it to the Routing Information Base (RIB).
•CSCea28131
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, see the advisory at http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
Miscellaneous
•CSCdx59003
Symptoms: A Cisco 12000 series router may report incorrect environmental values, as the following environmental logs display:
%ENV_MON-2-VOLTAGE: MBUS 5V supply (slot 1) volts has reached SHUTDOWN level at 5 m(V) %ENV_MON-2-TEMP: Hotpoint temp sensor (slot 17) temperature has reached SHUTDOWN level at 756(C)
%ENV_MON-2-VOLTAGE: Card 3.3v supply (slot 17) volts has reached CRITICAL level at 2560 m(V)Although the environmental logs indicate that the shutdown level has been reached, the router does not shut down the line cards for which the incorrect environmental values are reported.
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S3, Release 12.0(21)S5, Release 12.0(21)ST2, or Release 12.0(22)S.
Workaround: There is no workaround.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
•CSCea14108
Symptoms: Pings from a customer edge (CE) router may fail in an Any Transport over Multiprotocol Label Switching (AToM) network.
Conditions: This symptom is observed when Ethernet over Multiprotocol Label Switching (EoMPLS) AToM and auto negotiation are configured on a Gigabit Ethernet interface.
Workaround: Unconfigure auto negotiation from the Gigabit Ethernet interface.
•CSCea28914
Symptoms: A Fabric Interface ASIC (FIA) controller halt condition may be observed on the Engine 4 (E4) or Engine 4 plus (E4+) line card of a Cisco 12410.
Conditions: This symptom is observed when the hw-module slot 17 shut EXEC command is entered while a primary Clock Scheduler Card (CSC) is installed in slot 17 of the E4 or E4+ line card of a Cisco 12410. This symptom is observed when the Cisco 12410 is running Cisco IOS Release 12.0(21)S6.
Workaround: Avoid entering the hw-module slot 17 shut EXEC command.
•CSCea37882
Symptoms: It may take about 10 minutes before a Versatile Interface Processor (VIP) synchronizes with a Cisco Express Forwarding (CEF) table.
Conditions: This symptom is observed after you reload the VIP that has the Single Line Card Reload (SLCR) feature and distributed CEF (dCEF) enabled, when there are about 40,000 prefixes in the CEF table, and when Border Gateway Protocol (BGP) is in stable condition.
Workaround: Increase the interprocess communications (IPC) cache significantly; when there are about 40,000 prefixes, increase the IPC cache using the ipc cache 3000 command.
•CSCea38449
Symptoms: Traffic may not be forwarded to an egress line card if an uncorrected parity error is detected.
Conditions: This symptom is observed on an Engine 3 (E3) IP Services Engine (ISE) line card of a Cisco 12000 series.
Workaround: Reload the microcode of the line card after the error recovery process occurs.
•CSCea52787
Symptoms: A memory leak may occur on a line card with the Multicast Distributed Fast Switching (MDFS) line card process, and the line card may reload.
Conditions: This symptom is observed on a Cisco 12000 series line card when IP multicast routing is enabled and when there are tunnel interfaces configured. The line card reloads when the MDFS process on the line card attempts to repeatedly allocate memory after the line card runs out of memory because of the memory leak. This symptom occurs only if multicast routing is enabled by entering the ip multicast-routing distributed global configuration command and if a traffic engineering (TE) tunnel is configured.
Workaround: There is no workaround.
•CSCea54482
Symptoms: A fabric switchover error or cyclic redundancy check (CRC) Fabric Interface ASIC (FIA) controller error may be observed on a Cisco 12000 series when traffic is sent on the router after it is reloaded. Syslog messages such as the following may be displayed:
FABRIC-3-ERR_HANDLE Due to CRC error from slot 8,shutdown the fabric card on slot 22
Conditions: This symptom is observed when one or more Engine 4 plus (E4+) line cards are installed on a Cisco 12400 series and the Cisco 12400 series is reloaded with a Cisco IOS release that triggers a maintenance bus (MBus) download.
Workaround: Perform a second reload of the Cisco 12400 series.
•CSCea62745
Symptoms: The following error message may be generated often for slot 24 or 25 on a Cisco 12000 series:
%MBUS_SYS-3-NOBUFFER: Message from slot 25 in stream 0 dropped
Conditions: This symptom is observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S5 or Release 12.0(21)S6.
Workaround: There is no workaround.
•CSCea74092
Symptoms: A provider edge (PE) router may incorrectly encapsulate packets that are received from a customer edge (CE) router when multicast distributed switching (MDS) is enabled on the PE router. This behavior causes the packets to be punted.
Conditions: This symptom is observed on a PE router that has a generic routing encapsulation (GRE) tunnel interface and that has MDS is enabled.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(21)S6
Cisco IOS Release 12.0(21)S6 is a rebuild of Cisco IOS Release 12.0(21)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(21)S6 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.
The following information is provided for each caveat:
Symptoms—A description of what is observed when the caveat occurs.
Conditions—The conditions under which the caveat has been known to occur.
Workaround—Solutions, if available, to counteract the caveat.
•CSCdw54107
Symptoms: A router keeps advertising type 5 link-state advertisement (LSA) for 0.0.0.0 after external Border Gateway Protocol (eBGP) default route is removed form the routing table and Open Shortest Path First (OSPF) default route is installed in the routing table.
Conditions: This symptom is observed under the following conditions:
–router running OSPF
–the default-information originate command is used
–default-route (0.0.0.0/0) is learned from the following:
•eBGP (Admin Distance of 20)
•internal Border Gateway Protocol (iBGP) (Admin Distance of 200)
•OSPD (Admin Distance of 110)
Workaround: Filter iBGP default route on the router and use the bgp redistribute-internal command under router BGP.
•CSCdw80263
Symptoms: An Engine 4 Plus (E4+) line card may reload with a logical unit overrun error message.
Conditions: These symptoms are observed on the E4+ line card of a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0 ST. This symptom is observed while there is heavy traffic and a large number of Virtual Private Network (VPN) prefixes on the router.
Workaround: There is no workaround.
•CSCdx00274
Symptoms: The single-port Fast Ethernet 100BASETX port adapter (PA-FE-TX) of a Cisco 7206VXR router that has a Network Processing Engine (NPE-300) may stop receiving burst traffic packets.
Conditions: This symptom is observed on a PA-FE-TX.
Workaround: Clear by entering the shutdown interface configuration command followed by the no shutdown interface configuration command on the PA-FE-TX interface.
•CSCdy22744
Symptoms: The fix for CSCdx47695 that was integrated into Cisco IOS Release 12.0(21)S3 introduced a throttling mechanism that may be used when the physical layer interface module (PLIM) is congested. The throttling mechanism prevents interfaces or a bundle, or both, from flapping when bidirectional traffic with small packets is sent through either a 6-port channelized T3 line card or a 2-port channelized OC-3/STM-1 (DS1/E1) line card.
The throttling mechanism produces a severe performance impact, although no link flaps occur.
Conditions: This symptom is observed on a Cisco 12000 series router.
Workaround: There is no workaround. The fix for this caveat consists of a knob for the throttling.
•CSCdy42383
Symptoms: A router may not load balance traffic properly between two OC-48 Packet over SONET (POS) Engine 2 (E2) line cards.
Conditions: This symptom is observed on a Cisco 12416 series Internet router that is running Cisco IOS Release 12.0(21)ST2 and that has two OC-48 POS E2 line cards.
This symptom is observed while the Cisco 12416 has incoming traffic from an Engine 4 (E4) line card and outgoing traffic is sent through the E2 line card via parallel links. This symptom does not occur if the incoming card is replaced with an E2 line card.
Workaround: There is no workaround.
•CSCdy46676
Symptoms: Performance degradation may occur on an Engine 4 plus line card when traffic engineering (TE) tunnel load balancing is enabled.
Conditions: This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(22.3)S.
Workaround: There is no workaround.
•CSCdy67945
Symptoms: When you enter a loopback remote line interface configuration command on a 6-port channelized T3 line card, the command may fail and may cause a T1 connection to flap.
Conditions: This symptom is observed on both American National Standards Institute (ANSI) and Bell Communications Research (Bellcore) loopbacks on networks that are sensitive to T1 framing errors.
When you enter the loopback remote line interface configuration command, the line card causes a brief change of frame alignment (COFA) error. Normally, this error goes unnoticed. However, some devices react to these errors with an alarm indication signal (AIS). Each time the loopback request is initiated (that is, if the T1 connection is configured for remote loopbacks each time the T1 connection comes up), the AIS brings the T1 connection down.
Workaround: There is no workaround.
•CSCdy68292
Symptoms: The following error messages may be generated on a Cisco 12000 series Engine 4 plus (E4+) OC-192 line card:
SLOT 6: %RX192-3-HINTR: status = 0x4000000, mask = 0x7EFFFF FF - Parity error on rx_pbc_mem. -Traceback= 4039CEF0 4044ECEC 400C85B0 SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7 -Process= "CEF IPC Background", ipl= 7, pid= 52 -Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108 SLOT 6: %SYS-2-INTSCHED: 'sleep for' at level 7 -Process= "CEF IPC Background", ipl= 7, pid= 52 -Traceback= 400CABB8 400B9D24 403F5EB0 4044E040 400CEAE4 400C7108
Cisco Express Forwarding (CEF) on the E4+ OC-192 line card may become disabled, and the associated port stays in an "Up/Up" state.
Conditions: This symptom is observed on a Cisco 12000 series router that is running the gsr-k4p-mz image of Cisco IOS Release 12.0(21)S3 or the gsr-p-mz image of Cisco IOS Release 12.0(21)ST2.
Workaround: Enter the microcode reload slot- number global configuration command on the E4+ OC-192 line card.
•CSCdy74705
Symptoms: Memory corruption may be observed on a Network Processing Engine (NPE-200).
Conditions: This symptom is observed on the NPE-200 of a Cisco router when there is a high traffic rate with packets that are greater than 1524 bytes in size.
Workaround: Rearrange the port adapters on the router or upgrade to a Cisco IOS release that has the fix for this symptom.
•CSCdy78970
Symptoms: A Cisco 12000 series Engine 2 (E2) line card may generate the following error messages:
SLOT 14: %LCPOS-3-SOP: TX:BadLenCtr. Source=0x1 (Plim), halt_minor0=0x8001 (1000 0000 0000 00sl, s/l=TooShort/long) SLOT 14: %GSR-3-INTPROC: Process Traceback= 400CCE60 400C90F0 40010A24 -Traceback= 4033F424 4044ED54 400C88B0
Conditions: This symptom is observed when you remove and reinsert switch fabric on a Cisco 12000 series router while traffic is flowing.
Workaround: There is no workaround.
•CSCdz18497
Symptoms: A router may loop indefinitely when a Simple Network Management Protocol (SNMP) walk is performed against certain objects. The SNMP walk will not cycle if a specific interface is specified.
Conditions: These symptoms are observed on a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S2.
Workaround: Reload the router.
•CSCdz21278
Symptoms: A destination interface may not have a value in the NetFlow cache (that is, the destination interface may be null), but it should have a value.
Conditions: This symptom is observed when the egress interface is on a Cisco 12000 series Engine 0 line card and a rate limit access list is applied to the egress interface. The rate limit access list may not cause packets to be dropped, but the destination interface is null in the NetFlow cache.
Workaround: Disable the rate limit on the output interface.
•CSCdz21375
Symptoms: A memory leak may occur on a line card.
Conditions: This symptom is observed on the line card of a Cisco 12000 series after NetFlow is disabled on the last interface of a line card that has NetFlow enabled. This symptom is observed while there are more than 1900 flow records in the NetFlow cache of the line card.
Workaround: Keep NetFlow enabled on at least one interface on the line card.
•CSCdz25339
Symptoms: An unusually formatted Multicast Source Discovery Protocol (MSDP) packet may cause a memory corruption to occur and a router to reload.
Conditions: These symptoms are observed on a Cisco router that has a peer relationship with a vendor router.
Workaround: If this symptom is observed on a Cisco router that has a peer relationship with vendor router, enter the ip msdp shutdown peer-address global configuration command to shut down the peer relationship with the vendor router.
•CSCdz29408
Symptoms: A loss of ping packets may be observed when the IP address of the local interface is pinged.
Conditions: This symptom is observed on a Cisco 12000 series and is specific to Cisco Quad OC-48 Engine 4 (E4) line cards. This symptom occurs when an access control list (ACL) is applied to the input of any of the ports on the line card. All of the ports on the line card will exhibit this symptom as long as an ACL is configured on any one of the ports on the line card.
Workaround: Remove any ACL configuration that applies to any of the ports on the line card.
•CSCdz32988
Symptoms: The CPU of a Versatile Interface Processor (VIP) may exhibit persistently high CPU utilization values.
Conditions: This symptom is observed on the CPU of a VIP on a Cisco 7500 series router or Cisco 12000 series line card and does not directly impact the operation of the router. This symptom is a rare race condition and may occur with parallel paths. When this symptom occurs, the output of the show mpls forwarding-table EXEC command may no longer display accurate counters.
Workaround: There is no workaround. Reload the microcode of the affected line card to restore normal operation.
•CSCdz37224
Symptoms: "Alpha" error messages may be observed on the ingress or egress interfaces of a Cisco 12000 series 4-port OC-12c/STM-4c Packet over SONET (POS) synchronous digital hierarchy IP services engine line card. The following messages may be displayed on the egress interface:
%EE48-3-ALPHAERRS: TX ALPHA: ALPHA_CPU_PIPELINE_CTRL_INT error 1 SLOT 2: %EE48-3-ALPHAPAIR: TX ALPHA: POP PAIR
Conditions: These symptoms are observed if the shape, bandwidth, random detect, or priority value is configured and if both the set ip-dscp-value quality of service (QoS) policy map configuration command and the set mpls experimental policy map configuration command are disabled. This symptom is observed on a Cisco 12016 router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S or Release 12.0(21)ST2a.
Workaround: Remove the transmit (TX) service policy and use Per Interface Rate Control (PIRC) instead.
Additional Notes: The same symptom may occur when an error recovery is performed for hardware failures such as data path parity errors. The symptom under those circumstances would be a failed recovery. There is no workaround for the occurrence of this symptom when an error recovery is performed.
•CSCdz42976
Symptoms: Open Shortest Path First (OSPF) adjacencies may be incomplete, and connectivity across all Engine 2 (E2) interfaces may be affected.
Conditions: These symptoms are observed on a Cisco router after it is loaded with Cisco IOS Release 12.0(21)ST5.
Workaround: There is no workaround.
•CSCdz46604
Symptoms: Multilink adjacencies may show up as invalid.
Conditions: This symptom is observed on the Engine 3 (E3) Quad OC-12 line card of a Cisco 12000 series that is running Cisco IOS Release 12.0(21)S3. It may not be possible to clear this symptom by entering the clear cef line EXEC command or by reloading the microcode on the line card.
Workaround: There is no workaround.
•CSCdz47189
Symptoms: An Engine 3 (E3) 4-port OC-12 line card (4xOC-12) or an E3 OC-48 Packet over SONET (POS) line card may reload and generate traceback messages.
Conditions: These symptoms are observed when the gsr-p-mz image of Cisco IOS Release 12.0(24)S is loaded on a Cisco 12406 router in an Inter Autonomous System Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) of an IP version 4 (IPv4) Border Gateway Protocol (BGP) label distribution environment. The E3 4xOC-12 line card may be operating in either the channelized mode or the POS mode.
Workaround: No workaround is necessary because the line cards will recover without any user intervention.
•CSCdz54539
Symptoms: An Engine 4 plus line card that is installed in a Cisco 12400 series may be reset by the Route Processor (RP) because of interprocess communication (IPC) failures. The following errors may be displayed:
%CPUIF-3-NO_MEM: sendreq_freeq is NULL.
%MDS-2-LC_FAILED_IPC_ACK: RP failed in getting Ack for IPC message of size 148 to LC in slot 3 with sequence 58638, error = timeout
%FIB-3-FIBDISABLE: Fatal error, slot 3: IPC Failure: timeout
%GRP-4-RSTSLOT: Resetting the card in the slot: 3,Event: EV_AUTO_LC_RELOAD_ON_FIBDISABLE ]
Conditions: These symptoms are observed when route flapping occurs; route flapping may generate a high volume of IPC traffic.
Workaround: There is no workaround.
•CSCdz55944
Symptoms: A Cisco 12410 switch fabric card (SFC) may not come up after a software upgrade.
Conditions: This symptom is observed on a Cisco 12410 SFC that is upgraded to Cisco IOS Release 12.0(21)S5.
Workaround: There is no workaround.
•CSCdz55995
Symptoms: Packet or byte counters may not be accurate when a parity error occurs on a line card.
Conditions: This symptom is observed on a Cisco 12000 series router that has an Engine 4 (E4) line card.
Workaround: There is no workaround.
•CSCdz60229
Cisco devices which run IOS and contain support for the Secure Shell (SSH) server are vulnerable to a Denial of Service (DoS) if the SSH server is enabled on the device. A malformed SSH packet directed at the affected device can cause a reload of the device. No authentication is necessary for the packet to be received by the affected device. The SSH server in Cisco IOS is disabled by default.
Cisco will be making free software available to correct the problem as soon as possible.
The malformed packets can be generated using the SSHredder test suite from Rapid7, Inc. Workarounds are available. The Cisco PSIRT is not aware of any malicious exploitation of this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml
•CSCdz69362
Symptoms: Tag forwarding counters may no longer function when parity errors occur on an Engine 4 plus (E4+) line card.
Conditions: This symptom is observed on a Cisco 12000 series router.
Workaround: There is no workaround.
•CSCdz71662
Symptoms: A router may fail because of a bus error.
Conditions: This symptom is observed if the show environment all EXEC command or the show environment internals EXEC command is entered while an online insertion and removal (OIR) procedure is in progress.
Workaround: Do not enter the show environment all EXEC command or the show environment internals EXEC command while an OIR is in progress.
•CSCdz72790
Symptoms: Links may not come up as expected on a 2-port channelized OC-3/STM-1(DS1/E1) line card (2CHOC3/STM1-IR-SC).
Conditions: This symptom is observed on the 2CHOC3/STM1-IR-SC line card of a Cisco 12000 series router.
Workaround: There is no workaround.
•CSCdz74588
Symptoms: Traffic on a load-sharing path may be switched to the wrong destination or dropped altogether.
Conditions: This symptom is observed when a Cisco 12000 series Engine 4 (E4) line card is on the ingress side, there is a load-sharing path or multiple paths on the egress side, and a hidden class of service (CoS) global configuration command is configured on the router.
Workaround: Remove the extra load-sharing paths, and make it one single outgoing path.
•CSCea00096
Symptoms: Packet throttling is activated because of congestion, even when not configured as shown by the following error message:
%LC_CX3-4-THROTTLE: Packet throttling activated due to congestion
Conditions: This symptom is observed on a Cisco 12416 router that is configured with 200 Border Gateway Protocol (BGP) peers containing three 6xCT3 line cards, each configured with an even distribution of ~1500 frame relay subinterfaces.
Workaround: There is no workaround.
•CSCea00954
Symptoms: IP Multicast hardware counter memory is not freed on an Engine 4/4 plus line card after multicast routes are cleared from the routing table.
Conditions: This symptom only occurs when the Engine 4/4 plus line card runs out of mtrie node memory, for example when the routes in the router are more than the line card can handle.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(21)S5
Cisco IOS Release 12.0(21)S5 is a rebuild of Cisco IOS Release 12.0(21)S. The caveats listed in this section are resolved in Cisco IOS Release 12.0(21)S5 but may be open in previous Cisco IOS releases. This section describes only severity 1 and 2 caveats.
The following information is provided for each caveat:
Symptoms—A description of what is observed when the caveat occurs.
Conditions—The conditions under which the caveat has been known to occur.
Workaround—Solutions, if available, to counteract the caveat.
•CSCdw41164
Symptoms A Versatile Interface Processor (VIP) may reload because of an error at the ct3sw_check_tx process.
Conditions This symptom is observed on a Cisco 7000 series VIP that is running Cisco IOS Release 12.0(16)S4.
Workaround There is no workaround.
•CSCdw42422
Symptoms All of the incoming packets may be punted to the line card CPU. This situation may cause most of the traffic to be dropped because of the limited processing capability of the line card CPU.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20.3)ST2. The symptom occurs in a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) environment, if the ingress line card of a provider router is an Engine 4 Plus (E4+) line card.
Workaround There is no workaround.
•CSCdw46156
Symptoms An interface of an Engine 4 Plus (E4+) line card stops receiving Intermediate System-to-Intermediate System (IS-IS) updates.
Conditions This symptom is observed in Cisco IOS Release 12.0(20.3)ST when you configure a maximum transmission unit (MTU) size that is smaller than 4558 on both sides of the link and after you enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the interface of the E4+ line card.
Workaround Reload microcode onto the line card.
Alternate Workaround Change the size of the MTU in the interface to any other value than 4558.
•CSCdx09973
Symptoms Tracebacks may be displayed, and critical alarms may be raised after an online insertion and removal (OIR) procedure.
Conditions This symptom is observed on a Cisco 12410 router that is running Cisco IOS Release 12.0(21)S1.
Workaround There is no workaround.
•CSCdx13872
Symptoms Per VLAN byte counters display inaccurate statistics.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S1 or Release 12.0(21)S3 with an installed 1-port Gigabit Ethernet line card.
Workaround There is no workaround.
•CSCdx19855
Symptoms A router may reload.
Conditions This symptom is observed during the execution of the no e1 1 channel-group 0 command on the controller of a Multi-Channel E3 port adapter on a Cisco 7200 series router that is configured for IP routing.
Workaround Shut the interface down and then remove the channel group.
•CSCdx25179
Symptoms The following error message is seen with a channelized 1-port SONET OC-12 STS-3c/STM-1 line card:
04:22:28: %GRPPOS-3-OP: Interface (POS1/0:1): unknown event - 26
Traffic passes through the router normally after this message is displayed. However, Frame Relay virtual circuit (VC) statistics may be inaccurate.
Conditions This symptom is observed on a Cisco 12000 series router that is configured with a 1-port SONET OC-12 STS-3c/STM-1 line card when Frame Relay traffic is passing through the line card.
Workaround There is no workaround.
•CSCdx35920
Symptoms Service Assurance Agent (SAA) latency measurements may show unrealistic spikes.
Conditions This symptom is observed when Border Gateway Protocol (BGP) is running on a router.
Workaround Use the Jitter Probe, which requires the Response Time Reporter (RTR) responder to be running on the remote Cisco router.
•CSCdx53795
Symptoms If a peer advertises a replacement path (with the same multi-exit discriminator [MED] as the original path), the new path is inserted in the previous position of the original path.
Conditions This symptom may be observed on a Border Gateway Protocol (BGP) router that is using deterministic MED. When this symptom occurs, the replacement path may not be grouped with paths from the same autonomous system number (ASN). This ordering may result in incorrect routing and may cause routing loops.
Workaround Disable and reenable deterministic MED on the router after the router enters the incorrect state.
•CSCdx71843
Symptoms Loopback fails on engine 2 line cards.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.3)S2.
Workaround There is no workaround.
•CSCdx85342
Symptoms A Route Processor (RP) may boot up with the boot helper image instead of the regular image, or a Cisco 12000 series line card that is configured under the primary RP may reset because of interprocess communications (IPC) failures and generate the following error message:
* UTC: %FIB-3-FIBDISABLE: Fatal error, slot 0: IPC Failure: timeout
The two above mentioned symptoms are mutually exclusive.
Conditions These symptoms are observed on a Cisco 12000 series router when the router is configured with a primary RP and a standby RP and you load the gsr-boot-mz image from Bootflash using the boot system tftp global configuration command.
The symptoms affect only the gsr-boot-mz image (the gsr-p-mz image is not affected) and may occur in the following Cisco IOS releases:
–12.0(20.3)S
–12.0(20.3)S1
–12.0(20.3)ST
–12.0(20.3)ST1
–12.0(20.3)ST2
–12.0(20.3)ST3
–12.0(20.4)S
–12.0(20.4)S1
–12.0(20.4)S2
–12.0(20.4)ST
–12.0(20.4)ST1
–12.0(20)ST
–12.0(20)ST1
–12.0(20)ST2
–12.0(20)ST3
–12.0(20)ST4
–12.0(20)ST5
–12.0(21.1)S
–12.0(21.1)S1
–12.0(21.1)S2
–12.0(21.1)S3
–12.0(21.2)S
–12.0(21.3)S
–12.0(21.3)S1
–12.0(21.3)S2
–12.0(21.3)S3
–12.0(21.4)S
–12.0(21.4)S2
–12.0(21.4)S3
–12.0(21)S
–12.0(21)S1
–12.0(21)S2
–12.0(21)S3
–12.0(21)S4
–12.0(21)ST
–12.0(21)ST1
–12.0(21)ST2
–12.0(21)ST3
–12.0(21)ST4
–12.0(22)S
–12.0(22.1)S
Workaround Use a gsr-boot-mz boot image that was released earlier than Release 12.0(20.3)S or later than Release 12.0(22.1)S.
•CSCdx87577
Symptoms Memory allocation failures occur on a Cisco router that has authentication, authorization, and accounting (AAA) configured, and "%SYS-2- MALLOCFAIL" messages are displayed. When you enter the show memory summary command, the command output shows that many small blocks are used by the AAA processes.
Conditions This symptom is observed on a Cisco router that is running Cisco IOS Release 12.0(15)S3.
Workaround There is no workaround.
•CSCdx94390
Symptoms The following error message appears on a Cisco 12000 series Internet router when you enable a turbo access control list (Turbo ACL):
%SYS-2-MALLOCFAIL: Memory allocation of 10980020 bytes failed from 0x400BE22C, alignment 32
Pool: Processor Free: 25912464 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "TurboACL", ipl= 0, pid= 41
-Traceback= 400BB150 400BD4E4 400BE234 40BCDBE4 40BCDA70 40BCDAB8 40BCDAB8 40BCD97C 40BCFD00 40BD1650 400B3DFC 400B3DE8Conditions This symptom is observed on a a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21.4)S2 and that is configured with an 8-port Fast Ethernet 100-Base-TX interface with 128 MB of route memory.
Workaround Turn off compiled access lists using the no access-list compiled global configuration command.
•CSCdy03640
Symptoms A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)ST1 displays the following error message when Sampled NetFlow (SNF) is configured:
SLOT 1:Jun 12 06:10:32.526 UTC: %LC-3-BMACMDRPLY: Problem in BMA reply to command type 128 ToFab BMA sequence no=020 92 00 44 06 3C 20 01 07 68
Conditions This symptom is observed only on Cisco 12000 series routers that are configured with 3-port Gigabit Ethernet line cards.
Workaround Disable Netflow.
•CSCdy12947
Symptoms Reverse Path Forwarding (RPF) checks fail, and multicast packets are dropped from an incoming interface.
Conditions This symptom is observed on a Cisco 12000 series router that is configured with a 3-port Gigabit Ethernet line card that has dot1Q encapsulation enabled.
Workaround Enter the hw-module slot number ip multicast hw-accelerate global configuration command on the router.
•CSCdy16540
Symptoms An incoming multicast traffic stream on an Engine 4 or Engine 4+ line card is not forwarded.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S4 and that is configured with an Engine 4 or Engine 4+ line card when traffic is first received through a non-Reverse Path Forwarding (RPF)-enabled interface during route setup and then through an RPF-enabled interface.
Workaround Enter the clear ip mroute group source privileged EXEC command to reset the state of the multicast traffic stream and clear the symptom.
•CSCdy24389
Symptoms An Engine 2 POS or Gigabit Ethernet line card reloads when the ip multicast-routing distributed command is enabled.
Conditions This symptom is observed on a router that is running Cisco IOS Release 12.0(22.2)S.
Workaround There is no workaround.
•CSCdy27220
Symptoms A ciscoEnvMonRedundantSupplyNotification trap is not generated when a power supply is shut down, and a notification message is not displayed on a Cisco 12000 series Internet router.
Conditions This symptom is observed on the following Cisco 12000 series routers that run Cisco IOS Release 12.0(21)S3:
–Cisco 12016 router
–Cisco 12404 router
–Cisco 12406 router
–Cisco 12410 router
–Cisco 12416 router
Workaround There is no workaround.
•CSCdy29769
Symptoms A line card reloads with a bus error when the dir system: command is issued on that line card.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S3 or an earlier release. This symptom has not been observed with Engine 2 line cards.
Workaround There is no workaround.
•CSCdy30484
Symptoms An Engine 2 3-port Gigabit Ethernet line card that receives a tag packet with a Time to Live (TTL) value of 1 may reload.
Conditions This symptom is observed on a Cisco 12000 series router.
Workaround There is no workaround.
•CSCdy34017
Symptoms An access control list (ACL) with an Internet Control Message Protocol (ICMP) entry may be incorrectly processed by (the packet switch ASIC [PSA] of) an Engine 2 line card.
Conditions This symptom is observed on a Cisco 12000 series Engine line card when an ACL entry matches an ICMP packet that is specifying its type but not its code.
Workaround Specify the code in all ICMP entries.
•CSCdy34581
Symptoms A Cisco 12000 series router may reload because of a memory corruption.
Conditions This symptom is observed during the configuration of traffic shaping.
Workaround There is no workaround.
•CSCdy38827
Symptoms A Cisco router may install a suboptimal Intermediate System-to- Intermediate System (IS-IS) route into its routing table. Depending on the topology, this situation may create a routing loop.
Conditions This symptom is observed on an IS-IS Level 1 - Level 2 (L1L2) router that is running Cisco IOS Release 12.0 S or Release 12.0 ST and that has prefixes configured that are allowed to be leaked into Level 1, that is, prefixes that match the access list that is specified within the redistribute isis ip level-2 into level-1 distribute-list command. When route leaking is not configured, this condition is not observed.
Workaround There is no workaround. The condition resolves itself when the affected route is cleared by entering the clear ip route network EXEC command.
•CSCdy44251
Symptoms The Forwarding Information Base (FIB) table on a Cisco 12000 series Gigabit Route Processor (GRP) may be missing entries for directly connected subnets.
Conditions This symptom is observed on a Cisco 12000 series router after you have removed a large number of routes.
Workaround Enter the clear ip route network for the affected prefixes. The following is an example:
b2#
show ip cef 10.2.0.4 255.255.255.224
%Prefix not found
b2#
clear ip route 10.2.0.4 255.255.255.224
b2#
show ip cef 10.2.0.4 255.255.255.224
10.2.0.4/30, version 285154, epoch 0, attached, connected, cached adjacency to POS1/0 0 packets, 0 bytes via POS1/0, 0 dependencies valid cached adjacency•CSCdy44256
Symptoms Tag forwarding does not function properly for incoming tagged packets that correspond to Border Gateway Protocol (BGP) next-hop prefixes.
Conditions This symptom is observed on a Cisco 12000 series router with an ingress Engine 4+ line card that is running Cisco IOS Release 12.0(21)S. This symptom does not affect incoming IP packets.
Workaround There is no workaround.
•CSCdy47173
Symptoms A Route Processor (RP) may reload when you install a Flash card in slot 1 of the RP.
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdy67171
Symptoms The IP address of an interface that is placed in a passive state, with the passive-interface default router configuration command, is not advertised to Intermediate System-to-Intermediate System (IS-IS) neighbors.
Conditions This symptom is observed only when a router is first booted.
Workaround Reenter the passive-interface default command under IS-IS router configuration mode.
•CSCdy78808
Symptoms An Engine 2 line card displays a "QM-4-STUCK" error message. The line card can also stop forwarding traffic.
Conditions This symptom is observed when an adjacent router is power cycled or a line card on an adjacent router is removed and reinserted.
Workaround Perform a microcode reload on the affected Engine 2 line card.
•CSCdy81738
Symptoms Routes in the Cisco Express Forwarding (CEF) table on a Cisco 12000 series Gigabit Route Processor (GRP) do not match the routes in a line card CEF table. The mismatched routes can be cleared with the clear cef linecard privileged EXEC command. However, this symptom reoccurs when the mismatched routes are learned again.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S4 or Release 12.0(22)S and has an access-list configured to deny Simple Network Management Protocol (SNMP).
Workaround Deconfigure the access-list that denies SNMP, or install Cisco IOS Release 12.0(21)S3 instead of 12.0(21)S4 or 12.0(22)S.
•CSCdy86210
Symptoms NetFlow stops functioning after an online insertion and removal (OIR) procedure is performed on a Switch Fabric Card (SFC).
Conditions This symptom is observed on a Cisco 12000 series Internet router.
Workaround Deconfigure and reconfigure the ip route-cache flow sampled interface configuration command.
•CSCdy89001
Symptoms An Engine 4 Packet-over-SONET (POS) line card reloads.
Conditions This symptom is observed on an Engine 4 Packet-over-SONET (POS) line card in a Cisco 12000 series Internet router during several online insertion and removal (OIR) procedures on a Clock Scheduler Card (CSC).
Workaround There is no workaround.
•CSCdy89663
Symptoms A router reloads when an interface flaps.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S and multicast traffic is present on the router.
Workaround There is no workaround.
•CSCdz07976
Symptoms An Engine 2 line card continuously reloads if an adjacent is power cycled.
Conditions This symptom is observed on an Engine 2 line card in a Cisco 12000 series Internet router that is configured to run the Border Gateway Protocol (BGP) Policy Accounting feature on the line card. This symptom occurs when accounted traffic is passing through the card.
Workaround There is no workaround.
•CSCin15495
Symptoms The output counters that are associated with an interface may remain zero, even though traffic is passed through the interface.
Conditions The conditions under which this symptom occurs are not known at this time.
Workaround There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(21)S4
Cisco IOS Release 12.0(21)S4 is a rebuild release for Cisco IOS Release 12.0(21)S. The caveats in this section are resolved in Cisco IOS Release 12.0(21)S4 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
Symptoms—A description of what is observed when the caveat occurs.
Conditions—The conditions under which the caveat has been known to occur.
Workaround—Solutions, if available, to counteract the caveat.
•CSCdt41343
Symptoms A router may reload.
Conditions This symptom is observed when the configuration of the router is directly written from TFTP to NVRAM or from Cisco IOS Release 12.0 and, in both cases, when a syslog server and syslog source interface have been defined before the source interface has been parsed.
Workaround Place the syslog server and syslog source interface configurations after the source interface itself. To do this, you have to edit the configuration offline, copy it to NVRAM, and then reboot.
•CSCdu00328
Symptoms A Cisco 7500 series router may stop receiving packets on certain interfaces when a Cisco 6500 series switch that is connected through a port channel is reloaded.
Conditions This symptom is observed on a Cisco 7500 router that is connected to a Cisco 6500 series switch through the port channel. This symptom does not occur if the port channel is removed.
Workaround Run normal IP between the Cisco 7500 series router and the Cisco 6500 series switch without the port channel configuration.
•CSCdv11028
Symptoms A queue may become stuck and display messages that are similar to the following:
%GRP-3-FABRIC_UNI: Unicast send timed out
%QM-4-STUCK: Port 0 Queue mask 0x1Conditions This symptom is observed when an OC-48 Packet-over-SONET (POS) interface is flapping and when updates are received.
Workaround Perform a microcode reload of the line card.
•CSCdw88747
Symptoms An Engine 4 (E4) or Engine 4 Plus (E4+) line card stops responding and may be reset by the Route Processor.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(22)S or an earlier release if distributed multicast routing is enabled in the router.
Workaround Use Cisco IOS Release 12.0(22)S.
•CSCdx03185
Symptoms A router may reload when it is searching the Resource Reservation Protocol (RSVP) database.
Conditions This symptom is observed on a Cisco router that is running in the Route Processor Redundancy Plus (RPR+) or the Stateful SwitchOver (SSO) mode. The router reloads when a tunnel is up and when Multiprotocol Label Switching-traffic engineering (MPLS-TE), Cisco Express Forwarding (CEF), and IP routing are unconfigured using the following sequence of commands:
no tag advertise-tags
no mpls ip
no mpls label protocol ldp
no ip routing
no ip cef
no mpls traffic-eng tunnels
Workaround Issue the no mpls traffic-eng tunnels router configuration command to shut down all tunnels before issuing the no ip routing global configuration command.
•CSCdx11084
Symptoms An ATM OC-12 interface on a Cisco 7500 series port adapter shows output drops that cannot be accounted for anywhere else in the router. None of the permanent virtual connections (PVCs) show any drops, but the interface still accumulates drops.
Conditions This symptom is observed when the traffic rate is very low compared to line rate of the port adapter.
Workaround There is no workaround.
•CSCdx29393
Symptoms Cisco Express Forwarding (CEF) may be disabled on a line card.
Conditions This symptom is observed if a 16-port OC3 Engine 2 line card is configured with 16 different input access control lists (ACLs) while there are 100K Border Gateway Protocol (BGP) routes present.
Workaround There is no workaround.
•CSCdx38188
Symptoms Certain IP Services Engine (ISE) optical carrier (OC-3) concatenated line cards may fail to initialize and pause indefinitely at the IOS_STRT process when startup occurs.
Conditions This symptom is observed only on 16-port line cards that are shipped with optical modules when releases prior to Cisco IOS Release 12.0(22)S are used. The 16-port line cards that are affected by this symptom have optical modules that are silver and grey in color. The 16-port line cards that are not affected by this symptom have optical modules that are light blue in color.
Workaround Use Cisco IOS Release 12.0(22)S, 12.0(21)S4, 12.0(21)ST3, or a later Cisco IOS release.
•CSCdx39018
Symptoms The ifOutOctets counter may decrease over a five-minute interval, but the counter is still accurate on a long term basis.
Conditions This symptom is observed on a Cisco 7500 series router when quality of service (QoS) is configured on the egress Versatile Interface Processor (VIP).
Workaround Disable QoS.
•CSCdx51317
Symptoms A 4-port OC-12/STM-4 ATM multimode, signaling controller connector line card (4OC12/ATM-MM-SC) may reload because of a bus error exception.
Conditions This symptom is observed when a 127-line standard output access control list (ACL) is configured on another Engine 2-based line card.
Workaround There is no workaround.
•CSCdx60213
Symptoms A Gigabit Ethernet line card port may reload if a port on the line card is reset while a switch is connected.
Conditions This symptom is observed on a Cisco 12000 series 3-port Gigabit Ethernet line card if a port on the 3-port Gigabit Ethernet line card is reset while a Catalyst switch is connected.
Workaround There is no workaround.
•CSCdx65248
Symptoms Cisco Express Forwarding (CEF) may be disabled on an ATM OC-3 line card after a memory leak occurs.
Conditions This symptom is observed on an ATM OC-3 line card.
Workaround There is no workaround.
•CSCdx69170
Symptoms An access list on a router may drop or forward traffic incorrectly.
Conditions This symptom is observed on a Cisco 12000 series Internet router when an input or output access control list (ACL) is enabled on an Engine 2 line card (QOC12 POS, 1xOC48 POS, OC48 DPT, 16xOC3 POS, or 3xGE).
Workaround There is no workaround.
•CSCdx69852
Symptoms Cisco Express Forwarding (CEF) may be disabled on one or more line cards that are installed on a router after the redundancy force-failover EXEC command is entered.
Conditions This symptom is observed on a Cisco 12416 router that is running Cisco IOS Release 12.0(17)S5 with redundant Gigabit Route Processors (GRPs).
Workaround There is no workaround.
•CSCdx74709
Symptoms The Ring Access Controller (RAC) watchdog timer expires and forces the RAC to enter the pass-through mode.
Conditions This symptom typically occurs when CPU utilization remains at 100 percent for more than 90 seconds.
Workaround There is no workaround.
•CSCdx76645
Symptoms A backup clock switched card 0 (CSC 0) may enter the "going on" state.
Conditions This symptom is observed when an online insertion and removal (OIR) is performed on a Cisco 12406 router with the primary clock on CSC 1 (slot 17).
Workaround There is no workaround.
•CSCdx84445
Symptoms A line card may be stuck in the off-for-download state.
Conditions This symptom is observed on a Cisco 12000 series router that is running Cisco IOS Release 12.0(21)S2. This symptom may be indicated in the output of the show cef linecard EXEC command.
Workaround There is no workaround.
•CSCdx86014
Symptoms Some E3 NetFlow export datagrams may not reach the collector because the line card failed to export the datagrams.
Conditions This symptom is observed when sampled NetFlow is configured on an IP Services Engine (ISE) line card on a Cisco 12416 router.
Workaround There is no workaround.
•CSCdx86907
The following caveat describes two symptoms, two conditions, and two workarounds:
Symptom A An access control list (ACL) does not operate correctly to match Layer 4 Operation (L4Op) entries. The ACL clears the logical operator unit (LOU) while it is still being used by other interfaces.
Condition A This symptom is observed when an ACL is removed from one interface after the ACL is applied to multiple interfaces.
Workaround A Remove the ACL from all interfaces to which the ACL has been applied and reapply the ACL to the interfaces as needed.
Symptom B A ternary content addressable memory (TCAM) LOU capacity error may occur even though the number of used LOUs in the existing ACLs is less than the set limit.
Conditions B This symptom is observed when two different ACLs are applied to two different interfaces (ACL A on interface A and ACL B on interface B). When ACL A is applied to interface B, the LOU from ACL B is not cleared. This behavior causes LOUs to be wasted in TCAM.
Workaround B First remove ACL B from the interface, and then reapply ACL A to that interface.
•CSCdx90950
Symptoms A Cisco 12416 Internet router reloads after the power supply is turned off.
Conditions This symptom is observed on a Cisco 12416 Internet router that is running Cisco IOS Release 12.0(21)S3 when the snmp-server enable traps envmon global configuration command or the snmp-server enable traps envmon supply global configuration command is enabled.
Workaround There is no workaround.
•CSCdx93629
Symptoms The following error messages may be displayed on a router:
-Traceback= 403503E0 403504FC 40356E34 4035779C 403579B0 400B3DFC400B3DE8
SLOT 8:00:28:00: %EE48-5-TM_PROC: TCAM Delete Invalid Parameters(35),
Alpha:RX Lbl:4099 Appl:2 fail: 35
-Traceback= 403503E0 403504FC 40356E34 4035779C 403579B0 400B3DFC400B3DE8
The access control list (ACL) stops functioning properly after this symptom occurs.
Conditions This symptom is observed if the same ACL is applied to multiple interfaces on an IP Service Engine (ISE) that is installed on a Cisco 12000 series Internet router.
Workaround There is no workaround.
•CSCdy05017
Symptoms An Engine 2 line card may reload.
Conditions This symptom is observed when tag switching is enabled on a Cisco 12000 series Internet router that has Engine 2 line cards while load balancing is occurring in the Cisco Express Forwarding (CEF) path.
Workaround There is no workaround.
•CSCdy06328
Symptoms The memory usage of a Cisco 12000 series Route Processor (RP) is very high.
Conditions This symptom is observed on a Cisco 12000 series Internet router that is running the gsr-p-mz image of Cisco IOS Release 12.0(21)S1 and that is configured with an IP Services Engine (ISE) line card with v8 NetFlow enabled.
Workaround There is no workaround.
•CSCin13850
Symptoms A router may stop passing packets.
Conditions This symptom is observed on a 1-port clear channel E3 port adapter (PA-E3) or a 1-port clear channel DS3 port adapter (PA-T3) port adapter that is installed on a Cisco 7500 router that is running Cisco IOS Release 12.0(21)S3.
Workaround There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(21)S3
Cisco IOS Release 12.0(21)S3 is a rebuild of Cisco IOS Release 12.0(21)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(21)S3. This section describes only severity 1 and 2 caveats.
•CSCds52920
The logging source-interface for syslogging must be set to work correctly. On certain platforms, this breaks the IOS copy run start EXEC command and the write mem EXEC command prohibiting the saving of configurations to the system database. There is no workaround.
•CSCdu38436
Clocking problems and link instability resulting from the fact that the default transmit clock source changes to internal when a link is added to an IMA group may occur on a Cisco 7200 or Cisco 7500 router with a PA-A3-8T1IMA port adapter installed and configured for Inverse Multiplexing over ATM (IMA).
This can be seen by using the show controller atm X/Y EXEC command for each T1 interface that is included in the IMA group. If the txtiming field is 0xA, the link is clocking from Line. If the txtiming field is 0xE, the link is clocking from Internal.
Customers who suffer from T1 links that are part of an IMA group that flaps periodically may experience this condition. If the link is removed from the IMA group or if the workaround is applied and the link still flaps, the condition is unrelated to this caveat.
Workaround: Enter the shut down voice-port configuration command to shut down each of the ports in the IMA group. Enter the no ima-group group number interface configuration command to remove each of the ATM interfaces from the IMA group. Enter the clock source line {primary | secondary} controller configuration command to configure the clock source to be line on each of the ports. Enter the ima-group group number command to add the links back to the IMA group. Enter the no shut down voice-port configuration command on the interfaces. If the router is reloaded, the links will return to internal clocking and the workaround will have to be applied again.
•CSCdv34564
"MUESLIX" errors that affect the capability of the router to route traffic may occur on a Cisco 7200 series router that is running Cisco IOS Release 12.0(14)S3 and that has a PA-8T-V35 serial port adapter. There is no workaround.
•CSCdv40244
The following continuous stream of "%POT1E1-3-FWFATAL" error messages may occur on a router:
%POT1E1-3-FWFATAL: Bay 5: firmware needsresetdue to fw watchdog timeout %
POT1E1-3-FWFATAL: Bay 4: firmware needsresetdue to fatal softwareerrors
This symptom is observed on a Cisco 7206VXR router that is using an eight-port multichannel T1 port adapter (PA-MC-8T1). There is no workaround.
•CSCdv84788
A Versatile Interface Processor (VIP) may reload or record spurious access after class maps are configured for Frame Relay. There is no workaround.
•CSCdv90022
After you enter the shutdown command followed by the no shutdown command on a Cisco 2000 series Internet router, the Route Processor stops receiving traffic. This occurs if a default route is configured over the Ethernet 0 interface for management purposes. This configuration is not recommended as the Ethernet interface is not designed to switch traffic.
Workaround: Configure the default IP route as ip route 0.0.0.0 0.0.0.0 x.x.x.x (that is, the IP address of the next-hop router interface).
•CSCdw53512
In Cisco IOS Release 12.0 S, when the number of interfaces is greater than the value of max routes, the excessive interfaces can still can be configured in a subnet. There is no workaround.
•CSCdw61739
When a PA-MC-STM1 port adaptor is configured for framed or unframed mode, you may see several aborts in some channels.
Workaround: Follow the steps below:
1. Configure the network payload loopback on the E1 channel on which you are seeing the condition.
2. Configure another E1 channel on another synchronous payload envelope (SPE).
3. Unconfigure the payload loopback.
•CSCdw86735
On a Cisco 12008 Internet router with an oc48/POS-SM line card, the following error message occurs each time an access control list (ACL) is applied inbound when a sampled NetFlow is also present on the interface:
SLOT 2:Feb 22 05:42:28.160 MET: %LC-3-BMACMDRPLY: Problem in BMA reply to command type 128 ToFab BMA sequence no=1
Workaround: Disable either the sampled netflow or the ACLs on the interface.
•CSCdw89164
A memory allocation failure (MALLOCFAIL) message is displayed when a cable is unplugged from a serial interface. This symptom is observed on a Cisco 7206VXR router that is running Cisco IOS Release 12.2(7a) and that has a Network Processing Engine (NPE-400). This situation occurs when a cable is unplugged from a serial interface and if the l3 bypass global configuration command is enabled. There is no workaround.
•CSCdx01516
If you reoptimize the multihop tunnels on a Cisco 12000 series Internet router that has 400 Multiprotocol Label Switching (MPLS) multihop tunnels configured and an Engine 3 line card that forms one of the links in the path, the first Rx port on the Engine 3 line card may become stuck. There is no workaround.
•CSCdx10480
When Universal Transport Interface (UTI) and per-packet load balancing (PPLB) are enabled on the same E2 line card, the line card stops forwarding packets.
Workaround: Reload the Cisco 12000 series Internet router.
•CSCdx16940
E4 cannot forward traffic to a one-hop tunnel when the tag ip is enabled. There is no workaround.
•CSCdx17230
Multiprotocol Label Switching (MPLS) packets that are switched by an Engine 3 card may get corrupted. There is no workaround.
•CSCdx32108
The E4 load-balancing hash does not evenly distribute the source IP address between the incoming IP packet (src) and the destination IP address in the incoming IP packet (dst) pairs. There is no workaround.
•CSCdx32658
On a Cisco 12000 series Internet router, if you ping the loopback address from the west-end to the east-end router, datagrams are dropped. The first packet size ranges to fail are the packets between 77 and 80 and between 605 and 608. Only these packet ranges are being dropped; all other packets get through. There is no workaround.
•CSCdx36730
In the following setup,
7500--GE back to back-- 12000-8 ----OC48 POS --- 12000-7 --FE - 7200-20
when the output committed access rate (oCAR) is enabled on Cisco 12000-8 router on the GE interface, pings with do-not-fragment (DF) oCAR bits set greater than the GE maximum transmission unit (MTU) are incorrectly passed and incorrectly responded to. For example, the ping from the Cisco 12000-7 router is responded to with 2000-byte pings.
In addition, when pinging with a 1500-byte MTU, giants are seen at the Cisco 7500 router GE interface.
The condition exists only when oCAR is configured on egress 1PGige. 1PGige and 8FE fall under the same code base for oCAR handling.
Workaround: Set the interface MTU to +10; that is, for a normal ip payload of 1500, set the interface MTU to 1512.
•CSCdx38857
When the IP Service Engine 3 (ISE) forwarding hardware (ALPHA) is restarted because of certain error conditions, the Sampled Netflow may not work anymore.
Workaround: Reconfigure the sampling interval using the ip flow-sampling-mode packet-interval value global configuration command.
•CSCdx38981
When the MQC policy command is combined with MQC bandwidth, priority or shape command on an output ISE interface, traffic stops completely on that interface. The configuration must be removed and the card must be reloaded to clear the loss of packet buffers. There is no workaround.
•CSCdx40337
When a suspended Telnet session is "resumed" using the resume EXEC command, with or without arguments, the system may unexpectedly reload with an ALIGN-1-FATAL error at address 0x0.
Workaround: Do not use the resume EXEC command to restore the Telnet session. Just press Enter on your keyboard.
•CSCdx42432
When unicast Reverse Path Forwarding (uRPF) is enabled on an interface and then an access control list (ACL) is applied, the ACL does not function properly.
Workaround: Apply the ACL before enabling the uRPF or disable and then re-enable the uRPF.
•CSCdx42637
A router flushes link-state advertisements (LSAs) that have not been refreshed for more than 50 minutes. This symptom is observed on a Cisco router that is running Cisco IOS
Release 12.0(19)ST1. There is no workaround.•CSCdx43239
If a Cisco 12000 Route Processor runs out of memory, it may soon reload.
There is no workaround.
•CSCdx45298
A Cisco Express Forwarding (CEF) inconsistency may occur between the Gigabit Route Processor (GRP) and the Engine 2 line card. This inconsistency causes flapping and has been observed when there are recursive prefixes and suboptimal line quality.
Workaround: Clear the CEF line card X.
•CSCdx50050
When SNF is enabled on an ingress Cisco 12000 series Internet router engine 0 or engine 1 line card and output access control list (ACL) is enabled on an egress Cisco 12000 series Internet router engine 3 or 4+ line card, output ACL is performed on the ingress line card for all packets, even though it is needed only for packets that are selected by sampled NetFlow. It reduces the forwarding performance of the ingress engine 0 or 1 line card. There is no work around.
•CSCdx59353
Spurious memory access may appear when the E4+ (OC192 ES) line cards come up and the Cisco IOS software and BGP start to exchange information and if Multiprotocol Label Switching (MPLS) virtual private network (VPN) is configured in the routers. There is no workaround.
•CSCdx67286
When output access control lists (ACLs) are configured on an IP Service Engine 3 (ISE) line card (LC), a flag is set on ingress LC indicating that the output ACL processing will be done on the egress LC.
If the ingress LC is an E2 with the 128 or 448 ACL feature code loaded, when the clear cef linecard EXEC command is issued, traffic passing through the card that egresses on the ISE line card is punted to the E2 LC CPY. The LC CPU goes approximately 100 percent utilization and remains there until the line card is reloaded or the E2 feature code is changed. Traffic may be dropped as a result. To check which feature code is active, use the execute-on {slot slot-number | show controller | psa feature} privileged EXEC command.
Workaround: Reload the E2 LC or remove any ingress ACLs from the E2 LC.
•CSCdx73084
On Cisco 12000 series Internet router line cards, the SALSA RD address error is treated as an ASIC_FATAL_ERROR. There is no workaround.
•CSCin01252
A line protocol flap may occur on a router or the router may go down in high traffic conditions. This symptom is observed on a Cisco 7200 router that is configured with a PA-T3, PA-E3, or PA-H port adapter, a Network Processing Engine (NPE-400), or a Network Service Engine-1 (NSE-1).
Workaround: Use dual interface versions of the port adapters mentioned above.
•CSCuk34118
If a line card is online insertion and removal (OIR) out during the line card Cisco Express Forwarding (CEF) table(s) download, all other line cards may get stuck in the "request-reload state" waiting for the OIR out line card to finish its download.
Workaround: Reinstall the line card into the OIR out slot.
Resolved Caveats—Cisco IOS Release 12.0(21)S2
•Cisco IOS Release 12.0(21)S2 is a rebuild of Cisco IOS Release 12.0(21)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(21)S2. This section describes only severity 1 and 2 caveats.
•CSCdu43030
On a Cisco 12000 series Internet router that is configured with an OC-48/SRP line card, when the OC-48 spatial reuse protocol ring is wrapped, the line card may forward a packet for which the destination is its own address (that is, the address of the line card) to the failed ring. There is no workaround.
•CSCdv28626
ATM virtual circuit (VC) counters are not correctly incremented on a 1-port ATM OC3 multimode port adapter (PA-A1-OC3MM) that is installed on a Cisco 7500 router that is running Cisco IOS Release 12.1(7a)E2. There is no workaround.
•CSCdv46696
Sometime after performing an online insertion and removal (OIR) of a Cisco 7000 series Versatile Interface Processor (VIP), all distributed Multilink PPP (dMLP) traffic may stop flowing. This condition may occur several minutes after an OIR or one day after an OIR.
Workaround: Reload the router.
•CSCdv70295
If an Engine-4 line card is configured as the ingress point for a Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel, on reroute, the line card that is configured as the egress point may reload. There is no workaround.
•CSCdv73877
Traffic that is sent from a Multiprotocol Label Switching (MPLS) customer edge (CE) router (MPLS CE 1) to an MPLS CE router (MPLS CE 3) through two MPLS provider edge (PE) routers (MPLS PE 1 and MPLS PE 2) and an MPLS core is not accounted for properly with NetFlow on the incoming interface of the MPLS PE 1 router.
Traffic is accounted for properly with NetFlow when traffic is sent from the MPLS CE 1 router to an MPLS CE router (MPLS CE 2) that is connected directly to the MPLS CE 1 router without going through the MPLS core. This condition is observed on a Cisco 3640 router that is running Cisco IOS Release 12.1(5)T10 or 12.2(5a). This condition occurs only if the incoming interface runs Cisco Express Forwarding (CEF); it does not occur if the traffic that is arriving on an interface is configured to perform fast switching using the no ip route-cache cef command. This condition does not affect the MPLS NetFlow egress functionality.
The condition is seen without VPN routing/forwarding VRF instances and with any traffic that is coming in through a CEF-enabled interface and needs to be MPLS-encapsulated to go into the MPLS core. This condition is observed on a Cisco 7500 series router that is running Cisco IOS Release 12.0.(19)S1 and has distributed Cisco Express Forwarding (dCEF) enabled.
Workaround: Disable CEF.
•CSCdv83875
On a Cisco 7500 series Versatile Interface Processor 4 (VIP4) that is configured with a PA-2FE port adapter that has committed access rate (CAR) enabled outbound on both Fast Ethernet interfaces, after you have reloaded the microcode while the router was forwarding traffic, the router may stop sending traffic. Entering the shutdown command followed by the no shutdown command solves the condition only temporarily.
Workaround: Reload the microcode while there is no egress traffic on the router.
•CSCdv85415
Multiprotocol Label Switching (MPLS) packets that are received on a 802.1q subinterface on a 3-port Gigabit Ethernet line card may be dropped by the Packet Switching ASIC (PSA).
Workaround: Clear Cisco Express Forwarding (CEF) on the affected line card using the clear cef linecard slot command.
•CSCdv88102
An rsp-pv Service Provider Feature Set software image that is installed on a Cisco 7500 series Versatile Interface Processor (VIP) does not include some "x25" commands, such as the show x25 command. There is no workaround.
•CSCdw04221
When you perform a test loop on a Very Short Reach (VSR) OC-192 line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19)S, the line card may reload with an error message that indicates that the program counter is corrupt. There is no workaround.
•CSCdw08605
On a Cisco 12000 series Internet router that is configured with an Engine Quad OC-48 line card that is functioning as an ingress line card and that is performing outbound loadsharing with an egress Engine 2 line card, the loadsharing per source and destination is not performed and only one path is utilized, which results in one path being overutilized and the other path being underutilized. There is no workaround.
•CSCdw11198
A Cisco router may reload when a probe is configured to operate at a frequency of 0 seconds and then is scheduled to run.
Workaround: The probe frequency of 0 seconds is illegal and must not be used.
•CSCdw14750
After you have performed an online insertion and removal (OIR) of a Universal Transport Interface (UTI) Tunnel Server line card and the line card has reloaded, the UTI tunnels do not rebind and a Layer 2 Tunneling Protocol (L2TP) message that may be misleading will be displayed.
Workaround: Reload microcode onto the UTI Tunnel Server line card.
•CSCdw20980
If you perform an online insertion and removal (OIR) of a Versatile Interface Processor (VIP) in a Cisco 7500 series router or use the Single Line Card Reload (SLCR) feature after a VIP has reloaded unexpectedly, and if there are static routes defined that use the interfaces on the failed VIP, traffic that is using those static routes may fail. The static routes include those that are defined within a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) Routing and Forwarding (VRF) instance.
Workaround: Enter the clear cef linecard slot-number adjacency command on the affected VIP.
•CSCdw24749
A Cisco 12000 series Internet router that has multicast enabled and that is configured with an Engine 4 ingress line card may not perform well.
Workaround: Reload microcode on the Engine 4 line card.
•CSCdw24995
If a Cisco 12000 series Engine 2 line card forwards traffic with large Multicast Group ID (MGID) numbers, spurious memory access errors may occur when the multicast routing table is cleared. There is no workaround.
•CSCdw27800
A Versatile Interface Processor (VIP) may reload if distributed Multilink PPP (dMLP) is configured on a channelized T3 or E3 interface after the router is reloaded and booting up. There is no workaround.
•CSCdw28501
A NetFlow aggregation scheme may have a cache entry with a "/32" prefix, even though the minimum mask is not set for this aggregation scheme.
Workaround: Set a value for the minimum mask, such as a value of "/8" or "/16".
•CSCdw31637
Misaligned or spurious memory accesses may be detected on a Versatile Interface Processor (VIP) at the hqf_get_policymap() process. There is no workaround.
•CSCdw31709
On a Cisco 12000 series Internet router that is configured with an Engine 2 ingress line card with a "Rev. @6TBM" application-specific integrated circuit (ASIC), packets that require fragmentation and whose size is close to the maximum transmission unit (MTU) of the egress link may not be processed correctly by the ingress line card. There is no workaround.
•CSCdw36223
A memory leak may occur on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(18)S1 and the "Fabric Ping" process may hold more than 50 MB of memory. There is no workaround.
•CSCdw37443
If you remove an E1 or T1 line from a multilink interface, the interface may not report the correct bandwidth value.
Workaround: Enter the shutdown command followed by the no shutdown command on the controller under which the removed E1 or T1 line was configured.
•CSCdw42883
If you apply the tx-cos name command on a 2-port STM-1/OC-3 channelized E-1/T-1 line card that is configured for Multilink PPP (MLP) and traffic is passing through the line card at line rate, the Forwarding Information Base (FIB) may become disabled.
Workaround: Reload microcode onto the line card.
•CSCdw43326
If you enter the shutdown command followed by the no shutdown command on a 2-port STM-1/OC-3 Channelized E-1/T-1 line card that is configured for Multilink PPP (MLP) and that has traffic flowing through it, the line card may reload. There is no workaround.
•CSCdw49266
A Cisco 2600, 7200, 7500, or 12000 series router that is running a Cisco IOS release other than Cisco IOS Release 12.1 E that contains the fix for CSCdp70087 may experience spurious memory access. There is no workaround.
•CSCdw50369
If you add groups quickly and in large numbers while a Cisco 12000 series 10-port 1-Gigabit Ethernet line card is sending multicast traffic to a large number of groups (like 2000 groups), the line card may drop multicast packets. For example, if the line card sends 1500-byte packets at 10,000 packets per second (pps), only 8,850 pps may be received.
Workaround: Add groups in smaller increments.
•CSCdw50936
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20.4)S1 and that is configured with an Engine 2 Packet-over-SONET (POS) line card, Sampled NetFlow (SNF), and an input access control list (ACL), the ACL may leak traffic that is being sampled even though the ACL is configured to deny the traffic. This situation occurs if you configure SNF before you apply the input ACL.
Workaround: Enable the ACL on the line card before you apply SNF.
Alternate workaround: If you configured SNF before you applied the input ACL, remove SNF and reapply it.
•CSCdw51855
Two routers that are running Cisco IOS Release 12.0(18)S may fail to reestablish a Connectionless Network Service (CLNS) relationship after a Packet-over-SONET (POS) outage has occurred between them.
Workaround: Enter the clear isis * command on the routers.
•CSCdw52694
You may not be able to restart or reschedule an active Response Time Reporter (RTR) probe. Attempts to do so result in the probe being shown with a status of "Unknown" when the show rtr operation command is executed.
Workaround: Enter the no rtr command and reconfigure the RTR probe. Note that the no rtr command will disable all of the RTR probes and must be used with utmost caution.
•CSCdw52740
If you configure VPN routing/forwarding (VRF) instances on the Frame Relay subinterfaces of a Cisco 12000 series line card and you reload the line card, packets that are received on Frame Relay VRF instances may be forwarded with incorrect tag values.
Workaround: Disable and enable tag switching for the affected line card in order to renegotiate tags.
•CSCdw52832
A Cisco router boots the boot image in bootflash instead of booting the full Cisco IOS image from the disk if all of the following conditions are met:
–The configuration register is set to autoboot.
–There is no configuration in NVRAM or boot system command in the configuration.
–There is a complete and bootable Cisco IOS image on the disk and there is a boot image in the bootflash.
Workaround: Set the router to boot the image from the disk using the boot system global configuration command.
•CSCdw52890
On a Cisco 7500 router that has a Versatile Interface Processor (VIP) and that is running Cisco IOS Release 12.0(19.6)S, the "VIP will crash with a %SYS-2-WATCHDOG: Process aborted on watchdog timeout Process = TurboACL" error message may be displayed when compiled access lists with noncontiguous masks are used. This behavior does not affect compiled access lists that do not have noncontiguous masks.
Workaround: Turn off compiled access lists using the no access-list compiled global configuration command.
Alternate workaround: Avoid using entries that have noncontiguous masks or replace such entries with single or multiple entries with contiguous masks.
•CSCdw53957
If an Engine 4 or Engine 4 plus line card that is installed in a Cisco 12400 series Internet router that is running Cisco IOS Release 12.0(21)S receives a large amount of multicast traffic, the line card may stop responding and be reset by the route processor because of a fabric ping timeout. The stack trace in the line card reload context may point to the "lc_mbus_interrupt_handler()" function, whereas the process level traceback may point to the "gen67_tdl_request_hash_search()" function. There is no workaround.
•CSCdw58731
On an Engine 4 plus Quad OC-48 or OC-192 line card that has an access control list (ACL) and committed access rate (CAR) configured on an input port, if you configure the ip unreachable or no ip unreachable command, the line card may reload even though there is no traffic going through the line card.
Workaround: Configure the ip unreachable or no ip unreachable command before you configure security features, such as ACLs, on the line card.
•CSCdw59459
If you attempt to configure the srp count [H.H.H] command, where H.H.H specifies the 48-bit MAC address for the node that originated the packets that will be counted, you may get the following notification message:
% This command is an unreleased and unsupported feature.
If you enter the srp ? interface configuration level command on an OC-48-based Dynamic Packet Transport (DPT) platform, the count command will be hidden. You can still configure the count command, but the previously stated notification message will show up. There is no workaround.
•CSCdw62094
An Engine 4 plus line card that is installed in a Cisco 12400 series Internet router that is running Cisco IOS Release 12.0(21)S may unexpectedly reload when it has to fragment multicast packets before transmitting them.
Workaround: Use interface maximum transmission unit (MTU) values that are large enough to avoid packet fragmentation.
•CSCdw62459
A Cisco 12000 series 6-port DS3, 6-port E3, 12-port DS3, or 12-port E3 line card does not function as a Universal Transport Interface (UTI). There is no workaround.
•CSCdw63200
If you reload a 4-port OC-3 line card on a Cisco 12000 series Internet router, a burst of cyclic redundancy check (CRC) errors may be received at the other end of the OC-3 link. If the remote router is software based (such as a Cisco 7200 series router), this burst of CRC errors may cause high CPU utilization.
Workaround: Shut down the interface at the remote router before you reload the 4-port OC-3 line card.
•CSCdw63657
Spurious memory accesses are observed at the dsx3_controller_t1_framing process when extended super frame (ESF) framing is configured on a Channelized T3 Interface Processor (CT3IP) controller. Spurious memory accesses may also occur if the router is rebooted while framing is set to ESF. There is no workaround.
•CSCdw67592
After a Cisco 12000 series Internet router has reloaded, multicast traffic may not go through an Engine 2 line card if multicast hardware switching is enabled.
Workaround: After the router has reloaded, unconfigure and then reconfigure multicast hardware switching.
•CSCdw68196
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20.04)ST2, if you configure Multilink Frame Relay (MRF) on a 6-port channelized T3 line card or a 2-port STM-1/OC-3 channelized E-1/T-1 line card and you perform an online insertion and removal (OIR) of the line card, the MFR interfaces do not recover. There is no workaround.
•CSCdw70972
On a Cisco 12000 series OC-48 line card, the police, rate-limit, and committed access rate (CAR) do not work correctly if the average configuration exceeds the OC-12 line rate. There is no workaround.
•CSCdw71666
On a Cisco 12000 series Internet router that is configured with a 6-port channelized T3 (6CT3) line card that has a large number of routes in the network, multilink PPP (MLP) interfaces may appear in an "up/up" state after the router has reloaded but traffic will not pass over the multilink interfaces.
Workaround: Enter the hw-module slot shelf-id|slot-number reload command on the 6CT3 line card. This workaround ensures that the Forwarding Information Base (FIB) table on the line card is updated with the information from the FIB table on the route processor (RP).
Alternate workaround: If there are only a few MLP bundles configured on the 6CT3 line card, enter the shutdown command followed by the no shutdown command on all serial interfaces in the multilink bundle on the router that is configured with the 6CT3 line card and on the router at the receiving end. This workaround ensures that the FIB table on the line card is updated with the information from the FIB table on the RP of the router that is configured with the 6CT3 line card.
•CSCdw73961
On a Cisco 7500 series router that is configured with a PA-MC-T1 or PA-MC-E1 port adapter that is part of a multilink connection that has weighted fair queuing (WFQ) configured, low throughput may occur after you enter the shutdown command followed by the no shutdown command on the controller of the port adapter or after you reboot the router.
Workaround: Enter the shutdown command followed by the no shutdown command on the multilink interface.
•CSCdw74061
On a channelized IP Services Engine (ISE) line card (also referred to as an Engine 3 line card), if you add a new channel after the line card has restarted or reloaded and a noncritical transient hardware error occurs, the from-fabric queue of the interface of the line card may become stuck and packets cannot be transmitted out of the interface.
Workaround: Restart or reload the line card.
•CSCdw75717
On a Cisco 12000 series Gigabit Ethernet (GE) line card that has outbound committed access rate (CAR) configured, pings may fail for packets with a size that exceeds 1530 bytes.
Workaround: Disable CAR on the GE line card.
•CSCdw79641
A channelized T3 Interface Processor (CT3IP-50) that is installed in a router that is running Cisco IOS Release 12.0(21)S1 may reload with an error message that is very similar to the following:
$0 : 00000000, AT : 30037FE0, v0 : 00000000, v1 : 3802F3BE
a0 : 60A6FEA0, a1 : 60A07EA0, a2 : 00000007, a3 : 00000020
t0 : 00008000, t1 : 4E90424C, t2 : 00000001, t3 : 601824C8
t4 : 600C8040, t5 : 000000F8, t6 : 00000000, t7 : 611F7BAC
s0 : 60A07EA0, s1 : 0000000A, s2 : 00000030, s3 : 60A71880
s4 : 00006000, s5 : 60A6FEA0, s6 : 00000033, s7 : 60A49660
t8 : 8E07F138, t9 : 00000000, k0 : 00000000, k1 : 00000004
gp : 606DBFC0, sp : 6086C380, s8 : 00000003, ra : 6017DFB0
EPC : 00000000, ErrorEPC : 800086B8, SREG : 3400E103
Cause 00000008 (Code 0x2): TLB (load or instruction fetch) exception
00:00:41: -Traceback= 0x6017DFB0 0x601805FC 0x601825A4
There is no workaround.
•CSCdw82373
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S1 and that is configured with a 6-port channelized T3 (6CT3-SMB) line card that has Multilink Frame Relay (MLFR) enabled, MLFR bundle flaps may occur because of degradation on one link in the MLFR bundle or because of one link in the MLFR bundle being shut. Traffic may no longer be sent over the link that is shut, but the rest of the links should be able to transmit without interruption. There is no workaround.
•CSCdw82466
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19.3)S or a later release may reload because of memory corruption during a hardware failure. This situation may cause a chassis component to identify its slot number incorrectly. There is no workaround.
•CSCdw84138
A Cisco 12008 router that is running Cisco IOS Release 12.0(21)S1 does not initialize or periodically update the Switch Fabric Card (SFC) status LEDs, which causes the LEDs to appear to be nonfunctional. The switching functions of the SFCs are not affected, but the SFCs, as seen from the front panel, appear to be nonfunctional. There is no workaround.
•CSCdw85497
Packets with an incorrect IP checksum that are coming into a Cisco 12000 series Engine 4 plus line card are not getting dropped but are switched out of the router. There is no workaround.
•CSCdw86488
After a 6-port channelized T3 (6CT3-SMB) line card that is configured for Multi Frame (MFR) and that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S1 has reloaded, an associated MFR bundle may not recover.
Workaround: Reload microcode onto the line card.
•CSCdw91171
An erroneous Cisco Express Forwarding (CEF) entry that points to a Gigabit Ethernet interface as a next hop is created for a route that is not in the routing table. This condition is caused by the Address Resolution Protocol (ARP) when ARP looks up a request during multicast processing.
Workaround: Disable proxy ARP on the interface and on all routers that are connected to the same segment using the no ip proxy arp interface configuration command.
•CSCdw91774
On a Cisco 12000 series Internet router, the switchover to the backup Clock and Scheduler Card (CSC) may not be generated when loss of signal (LOS) or cyclic redundancy check (CRC) errors are detected.
Workaround: Replace the CSC that has the hardware failure.
•CSCdw94637
On a line card in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)ST with Interface Under Test (IUT) configured as the Border Gateway Protocol (BGP) neighbor link to the traffic source, if you configure unicast Reverse Path Forwarding (uRPF) strict check on the IUT, traffic will be blocked for both valid and invalid source addresses.
Workaround: Remove uRPF from all interfaces on the affected line card and then add uRPF again.
•CSCdx03050
If you configure Per Interface Rate Control (PIRC) on one port of a Cisco 12000 series Engine 2 line card, any packet that has an IP precedence higher than zero, that is directed to the router itself, and that is arriving at any other port of the same Engine 2 line card will be dropped because of an "ip.checksum error."
Workaround: Remove PIRC.
•CSCdx04074
In a Multiprotocol Label Switching Fast Reroute (MPLS FRR) Traffic Engineering (TE) configuration that has a one-hop primary TE tunnel with a two-hop FRR backup tunnel, if you use a Cisco 12000 series Engine 4 line card at the egress side of the Penultimate Hop Popping (PHP) in the MPLS FRR TE path, traffic forwarding may stop after FRR has started. There is no workaround.
•CSCdx04487
An enhanced 4-port OC-12 Packet-over-SONET (POS) line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19)S1 may repeatedly report the following error message:
SLOT 6:Mar 14 09:49:23 MET: %LCPOS-3-SOP: RX:UnexpectedSop. Source=0x4 (Framer), halt_minor0=0x8000
SLOT 6:Mar 14 09:49:23 MET: %GSR-3-INTPROC: Process Traceback= 400C8E08 400C4730 40010A24
-Traceback= 402EF7E4 40620744 400C3F0C
A SONET synchronization difficulty may precede the error message. The line protocol goes down on the affected interface and if the affected interface is not shut down, the line card will eventually be reloaded by the router because of internal ping timeouts and the following error message will appear:
%GRP-3-COREDUMP: Core dump incident on slot 6, error: Fabric ping failure (seq:502605)
There is no workaround.
•CSCdx06621
A Cisco router that is running Cisco IOS Release 12.1(13) or another Cisco IOS release may reload with a bus error that is related to Open Shortest Path First (OSPF). There is no workaround.
•CSCdx12759
On a Cisco 12000 series Internet router that is configured with a redundant Gigabit Route Processor (GRP) that is booted with the gsr-p-mz software image of Cisco IOS Release 12.0(21)ST, the standby GRP may reload after bootup. There is no workaround.
•CSCdx17893
A Cisco 12000 series Engine 3 line card that is configured with Intermediate System-to-Intermediate System (IS-IS) or Open Shortest Path First (OSPF) as the Interior Gateway Protocol (IGP), that has many (10,000) IS-IS or OSPF routes configured, and that has loadbalancing enabled may reload. There is no workaround.
•CSCdx20954
A Cisco 12000 series OC-3 line card may reload unexpectedly and then recover. There is no workaround.
•CSCdx23088
On a Gigabit Ethernet (GE) interface of a Cisco 12000 series 3-port GE line card, Sampled NetFlow (SNF) accounting may be inaccurate if you apply an access control list (ACL) to the interface.
Workaround: Do not apply an ACL to the interface.
•CSCdx24242
If you have unicast Reverse Path Forwarding (uRPF) configured on a Cisco 12000 series Internet router, packets with a valid source IP address that is reachable via tag switching may not be passed through. There is no workaround.
•CSCdx33749
A Cisco 12000 series Internet router may reload if you insert a Clock and Scheduler Card (CSC) in slot 16 while a program runs and a Simple Network Management Protocol (SNMP) query is performed using "CISCO-PROCESS-MIB." There is no workaround.
•CSCin02000
If you add new interfaces on a line card that is installed in a Cisco 12000 series Internet router, the Multicast Distributed Fast Switching (MDFS) functions on other line cards of the same router do not recognize the newly added interfaces until multicast is enabled on the newly added interfaces.
Workaround: Turn on a multicast function, such as the Protocol Independent Multicast (PIM) mode.
•CSCin02825
On a PA-4T+ or PA-8T port adapter that has non-V3 microcode loaded and that is installed in a Cisco router that is running Cisco IOS Release 12.0 S, "STARTFAIL/STOPFAIL" messages may occur if you enter the disable command from the driver while the interface is operating under heavy traffic.
Workaround: Perform an online insertion and removal (OIR) of the port adapter.
•CSCuk32594
A Cisco 12000 series Internet router may encounter the following error messages on an Engine 2 line card:
00: 22:20: %FIB-3-FIBDISABLE: Fatal error, slot 0: No window message, LC to RP IPC is non-operational.
This message indicates that Cisco Express Forwarding (CEF) has been disabled on the Engine 2 line card. This situation occurs under the following circumstances:
–If the router reloads and the Engine 2 line card is the last card to reboot.
–If all Border Gateway Protocol (BGP) neighbors are reachable only through an Engine 2 line card or if BGP neighbors are reachable through other interfaces but the BGP sessions do not come up within 6 minutes of the reboot of the Engine 2 line card.
–If the router is running Cisco IOS Release 12.0(21)S1.
In Cisco IOS Release 12.0(21)S1, the behavior of CEF was modified in such a way that no single line card enables CEF until all line cards are rebooted. In addition, if a line card requests a CEF reload while BGP is in the process of using system resources aggressively, this reload is suspended until BGP signals that it is safe to do so. These modifications were made to prevent CEF and BGP from contending for system resources at the same time (see CSCdw54825 for details).
In the situation described in this DDTS, some or all Engine 2 line cards actually request a second CEF reload just after CEF is enabled. When this second request occurs, the line card is placed in a waiting state until BGP signals to proceed with the reload (as documented in CSCdw54825); however, BGP does not give that signal until a peer comes up, or until 6 minutes have passed (whichever comes first).
While the line card is in this waiting state, the route processor (RP) ignores its CEF keepalives. After 6 minutes (a predefined timer), if the line card is still in the waiting state, the RP disables CEF on this line card because the RP does not register any keepalives.
Workaround: Configure the nonenhanced BGP convergence mode by entering the bgp normal-mode command. You can enter this command under the "bgp router <x> section" of the configuration file. Note that this command is available only in Cisco IOS Release 12.0(21)S1.
The fix for this DDTS serves two purposes:
–The RP no longer ignores keepalives from line cards that are waiting for a CEF reload.
–The BGP timer that waits for the first peer to come up has been decreased from 6 minutes to 2.5 minutes.
Resolved Caveats—Cisco IOS Release 12.0(21)S1
Cisco IOS Release 12.0(21)S1 is a rebuild of Cisco IOS Release 12.0(21)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(21)S1. This section describes only severity 1 and 2 caveats.
•CSCdv04951
A Cisco 7200 series router may reload when it is passing heavy traffic of large packets through a PA-A1 port adapter. The reload does not occur under normal traffic conditions.
Possible workaround: Reduce the maximum transmission unit (MTU) size of the ATM interface so that the interface never has to pass a packet of more than 4500 bytes.
•CSCdv14760
On a Cisco 12000 series Internet router, the configuration of the ip route-cache cef command on the Ethernet 0 interface results in the following error message:
%CEF not supported for ARPA
Cisco Express Forwarding (CEF) cannot be enabled on the Ethernet 0 interface.
Note The Gigabit Route Processor (GRP) Ethernet port is designed for use as a management interface only. Cisco does not support either the use of Ethernet 0 as a traffic-switching port or the enabling of CEF on this port. Cisco will likely disable the ip route-cache cef for Ethernet 0 in future Cisco IOS releases. Cisco encourages customers to migrate from Ethernet 0 switching configurations. Ethernet line cards are available for the Cisco 12000 series Internet router for customers who require Ethernet interfaces.
•CSCdv42325
On a Cisco 12000 series Internet router, switching from load balancing to a fast adjacency or from a fast adjacency to load balancing may result in traffic loss. There is no workaround.
•CSCdv90792
A 3-port Gigabit Ethernet line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S or higher 12.0(16)S releases may reload intermittently with "PSAERRSS" errors and bus errors under the following conditions:
a. At least five output access control lists (ACLs) are configured on the router (the sixth output ACL is being handled by the CPU of the line card).
b. Ingress traffic that is destined for egress on the local line card is matching access control entries (ACEs) that are being executed on the ingress CPU.
c. A large volume of Border Gateway Protocol (BGP) routes are present.
d. The above-mentioned traffic scenario occurs during periods of heavy changes in the Forwarding Information Base (FIB).
"FIB-4-RADIX" insert messages may be displayed before the line card reloads.
This issue is resolved in Cisco IOS Release 12.0(16)S7 and higher releases. There is no workaround for the affected releases.
•CSCdw10748
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S to 12.0(19)S may not correctly switch over to the backup Clock Scheduler Card (CSC) in the event of a CSC card failure because of "grant parity" or "request parity" errors. If such an error occurs the following message may be seen in the output of the show log command:
Sep 22 03:00:56.674 JST: %FABRIC-3-PARITYERR: To Fabric parity error was detected. Grant parity error Data = 0x2.
SLOT 1:Sep 22 03:00:56.674 JST: %FABRIC-3-PARITYERR: To Fabric parity error was detected. Grant parity error Data = 0x1
The output of the show controller fia command may look as follows:
Fabric configuration: Full bandwidth redundant
Master Scheduler: Slot 16
From Fabric FIA Errors
-----------------------
redund fifo parity 0 redund overflow 0 cell drops 116
crc32 lkup parity 0 cell parity 0 crc32 0
Switch cards present 0x001F Slots 16 17 18 19 20
Switch cards monitored 0x001F Slots 16 17 18 19 20
Slot: 16 17 18 19 20
Name: csc0 csc1 sfc0 sfc1 sfc2
-------- -------- -------- -------- --------
los 0 1 0 0 0
state Off Off Off Off Off
crc16 1167 402 1167 1167 1167
To Fabric FIA Errors
-----------------------
sca not pres 0 req error xx uni fifo overflow 0
grant parity xx multi req 0 uni fifo undrflow 0
cntrl parity 0 uni req 0 crc32 lkup parity 0
multi fifo 0 empty dst req 0 handshake error 0
cell parity 0
There is no workaround.
•CSCdw17012
On a Cisco 12000 series Internet router that is configured with an Engine 4 line card that had 256 MB of CPU memory, the show processes memory command may show more than 4 GB of used memory. When the counter reaches 4.2 GB, it may reset to 0, which causes the line card to think it has run out of memory and to disable Cisco Express Forwarding (CEF). Issuing the clear cef linecard [slot-number] command will bring the line card back up. But there is no workaround for the memory problem or to prevent the counter from resetting to 0.
•CSCdw24515
The line card on a Cisco router may reload when the same access control list (ACL) is applied to two or more main interfaces and then any ACL is applied to a subinterface on one or more of the same main interfaces. There is no workaround.
•CSCdw30178
A Cisco router that is running Cisco IOS Release 12.0(20.3)S1 may not be accessible through the Ethernet 0 interface.
Workaround: Load the software onto the router, copy the running configuration file to the startup configuration, and reload the router.
•CSCdw47388
If you configure an output access control list (ACL) with 448 lines on a Cisco 12000 series Internet router and the ingress line card for the traffic that needs to be filtered is an 8-port or 16-port OC-3 Packet-over-SONET (POS) line card, the output ACL will not filter traffic.
Workaround: Do not configure an ACL with more than 128 lines on any interface of a Cisco 12000 series Internet router that is configured with an 8-port or 16-port OC-3 POS line card.
•CSCdw54825
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S may experience memory allocation failures in Border Gateway Protocol (BGP) if the following conditions exist:
–The router is using peer groups for BGP neighbors.
–The line cards are still booting after BGP has started to converge.
The problem stems from BGP and Cisco Express Forwarding (CEF) ineffectively sharing free memory during a reload.
Workaround: Ensure that all line cards have booted before BGP has begun convergence. This can be achieved several ways:
–Increase the update-delay time to the maximum boot time of a line card. This action reduces the churn and enables BGP and CEF to share the free memory without overrunning the box:
router bgp autonomous system
bgp update-delay seconds–Ensure that the line cards have fabric downloaders and ROM monitors that are fully upgraded. This way, when the router reloads, the line cards will have booted before BGP starts to converge.
–While the line cards are booting, shut down all BGP neighbors:
router bgp autonomous system
neighbor ip-address peer-group peer-group-name
shutdownand then after the line cards have booted, bring those neighbors back up:
no neighbor ip-address peer-group peer-group-name
shutdownIn addition, it is advised to increase the line card memory buffer size. This command enables CEF to free memory on the Route Processor (RP) at a faster rate. (See CSCds89515 for details.)
ip cef linecard ipc memory 10000
This ddts will be used to implement a generic mechanism that allows BGP to respond to low memory conditions by slowing down. A related DDTS (CSCdw60365) also addresses this problem by making the bgp update-delay 360 command the default.
•CSCdw59362
When a Route Processor (RP) Ethernet port (int e0) is enabled for traffic switching, packets coming in from a Cisco 12000 series Internet router OC-192/Quad OC-48 card and switched out to interface e0 would make the RP generate "GRP-4-NO_INTF" error messages.
•CSCdw63027
When Cisco Express Forwarding (CEF) does a full reload of the Forwarding Information Base (FIB) table of a line card, CEF can use a lot of memory queuing up the data on the route processor (RP). Under low memory conditions, this condition can cause Cisco IOS to run out of memory.
Workaround: Configure the ip cef linecard ipc memory 10000 command (if all the line cards have 256 MB or greater memory) or ip cef linecard ipc memory 5000 command (if one linecard has less than 256 MB memory). These commands increase the amount of storage that the line cards reserve to handle data from the RP, which reduces the queueing required on the RP.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
•CSCdw60365
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S may experience memory allocation failures during initialization under the following conditions:
–A large BGP routing table exists with peer groups configured.
–Many line cards are present.
–The router is not configured to synchronize BGP startup with the line card initialization.
The BGP performance enhancements that were introduced in Cisco IOS Release 12.0(19)S significantly decrease routing convergence time by improving the efficiency of communication between BGP neighbors. These enhancements aggressively use available router resources to achieve optimal convergence. BGP must therefore be synchronized with other processes to prevent contention for critical resources such as memory and CPU cycles. On the Cisco 12000 series Internet router platform, this requirement is even more critical because of the amount of memory needed to distribute forwarding tables to the line cards. The Cisco 12000 series Internet router switching fabric infrastructure enhancements that were introduced in Cisco IOS Release 12.0(21)S require a one-time update of internal structures that are stored on the line cards. This update will require approximately 30 seconds per line card of additional boot time during the first upgrade Cisco IOS Release 12.0(21)S or later. The line cards will not be able to process forwarding table updates generated by BGP and Cisco Express Forwarding (CEF) during the software upgrade. The combination of increased memory usage by BGP and the need to buffer additional CEF updates while the line cards are upgrading may cause a router to run out of memory after loading Cisco IOS Release 12.0(21)S for the first time. This condition affects only a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S.
Workaround: Manually configure the process synchronization bgp update-delay 360 router configuration command. This command will prevent BGP from advertising or installing routes until the line cards are fully initialized. This configuration is recommended for all routers to ensure optimal convergence and is now required for a Cisco 12000 series Internet router with a large routing table that is running Cisco IOS Release 12.0(21)S.
•CSCdw63039
During low memory conditions, it is possible for the peer-group leader to not receive all routes. There is no workaround, but the clear ip bgp ip-address soft out command can be used to force Border Gateway Protocol (BGP) to resend updates to the peer specified in the ip-address argument.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
•CSCuk30224
On platforms that support distributed Cisco Express Forwarding (dCEF), when CEF reloads the forwarding table on a line card, either at boot time or after an online insertion and removal (OIR) event, the Forwarding Information Base (FIB) of the line card may be missing one or more prefixes.
Workaround: Enter the clear cef linecard slot on the affected line card.
•CSCuk31851
On a Cisco 12000 series Internet router with downrev fabric downloaders and a lot of line cards, the Cisco IOS image on line cards in higher slots can take a long time to start running. On the Route Processor (RP), Cisco Express Forwarding (CEF) starts a keepalive timer for each line card when it initializes. After 6 minutes, CEF will disable line cards not yet booted with the following message:
%FIB-3-FIBDISABLE: Fatal error, slot 8: No window message,
LC to RP IPC is non-operational
Workaround: Upgrade the fabric downloader. If the problem occurs, it can be cleared by using the clear cef linecard slot command for the affected slots.
Resolved Caveats—Cisco IOS Release 12.0(21)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(21)S. This section describes only severity 1, severity 2, and select severity 3 caveats.
Basic System Services
•CSCdr89245
Depending on the platform, if you use the operation ID of 2147483647 for Service Assurance Agent (SAA) operation and use the show running-config, show rtr operational-state, or show rtr collection-statistics EXEC commands, the platform could reload or pause indefinitely.
Workaround: Do not use 2147483647 for an SAA operation.
•CSCds30298
The following sequence of commands causes a Cisco router to reload:
a. The configure [terminal] privileged EXEC command
b. The rtr 2147483647 command,
c. The rtr schedule [start-time {now}] global configuration command
d. The rt reset global configuration command
Workaround: Avoid using entry number 2147483647 in the rtr 2147483647 command. The router reloads only when you use entry number 2147483647. Any other available number may be used.
•CSCds53023
If the snmp-server community global configuration command is not configured, a Cisco router does not respond to the snmpwalk command. When you add the snmp-server community command to the configuration, the router responds to the snmpwalk command. When you remove the snmp-server community command from the running configuration, the router still responds to the snmpwalk command. If you restart the router, the router no longer responds to the snmpwalk command. There is no workaround.
•CSCdt23572
Round-Trip Time (RTT) measurement may be incorrect if the measurement cycle begins just before 00:00:00 Coordinated Universal Time (UTC) time. This situation applies to all probe types. There is no workaround.
•CSCdt81722
A Cisco 7500 series router that is running Cisco IOS Release 12.1(7) and that is configured for Frame Relay switching over an IP generic routing encapsulation (GRE) tunnel passes data only in one direction. This situation occurs when a multichannel T1 card (for example, an eight-port multichannel T1 port adapter (PA-MC-8T1) or a PA-MC-4T1 port adapter) is installed in a Versatile Interface Processor (VIP) and the serial interface associated with the T1 controller port is configured to route an incoming data-link connection identifier (DLCI) to a tunnel interface. The permanent virtual circuits appear active, but IP fails across the tunnel.
Workaround: Use a Fast Serial Interface Processor (FSIP) with an external CSU instead of the PA-MC-8T1 or PA-MC-4T1 port adapter.
•CSCdv78855
Under certain conditions, public buffer pools on a Cisco router are not grown dynamically.
Workaround: To create the buffers statically, use the buffers verybig permanent number global configuration command.
•CSCdv89415
The rtr reaction-configuration command can be used to trigger another probe when a timeout, a threshold violation, or a verify error occurs. However, the probe to be triggered gets activated only once during the first occurrence of the reaction condition. If the reaction condition occurs again (for example, when the timeout condition clears) and the triggered probe is in the pending state, the probe should get activated again.
Workaround: This condition is resolved in Cisco IOS Release 12.0(21)S.
•CSCdw02017
An EVENT-MIB set action may not work correctly. There is no workaround.
•CSCdw09442
The boot flash memory of a Cisco MGX 8850 Route Processor Module (RPM-PR) may be corrupt, an invalid file header magic number may be generated, and the dir command may not work. Although you can read the Flash memory after a "squeeze boot flash" operation, you cannot copy anything onto the Flash memory.
Workaround: Format and copy files from the disk to recover the Flash memory.
•CSCdw17012
On a Cisco 12000 series Internet router that is configured with an Engine 4 line card with 256 MB of CPU memory, the show processes memory command may show more than 4 GB of used memory. When the counter reaches 4.2 GB, it may reset to 0, which causes the line card to think it has run out of memory and to disable Cisco Express Forwarding (CEF). Issuing the clear cef linecard [slot-number] command will bring the line card back up, but there is no workaround for the memory problem or to prevent the counter from resetting to 0.
•CSCdw17162
If you add new line-card interfaces on a Cisco 12000 series Internet router, the Multicast Distributed Fast Switching (MDFS) functions on other line cards of the same router do not recognize the newly added interfaces until multicast is enabled on the newly added interfaces.
Workaround: Turn on a multicast function, such as the Protocol Independent Multicast (PIM) mode.
•CSCdw30178
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S may not be accessible through Ethernet interface 0.
Workaround: Load the software image onto the router and then copy the running configurations to the startup configuration and reload the router.
•CSCdw39619
On a Cisco 12000 series Internet router, the aggregate NetFlow cache may report a source mask even when the source address is not routable. The source prefix may show an incorrect mask in the aggregation cache and display a corresponding incorrect prefix. This condition occurs because of an inconsistency in the Cisco Express Forwarding (CEF) wrt default routes for the line cards and route processor. There is no workaround.
Interfaces and Bridging
•CSCdk27330
A Versatile Interface Processor (VIP) may reload if the following command sequence is applied to the controller on a Channelized T3 Interface Processor (CT3IP):
t1 external 3 linecode b8zs cablelength 100 no t1 3 timeslots 1-24 no t1 3 clock source line
All commands that are entered after the no t1 3 timeslots 1-24 command may cause the VIP to reload.
Workaround: To prevent the controller from reloading, enter the commands in the following order:
no t1 3 clock source line t1 external 3 linecode b8zs cablelength 100 no t1 3 timeslots 1-24
or
no t1 3 clock source line no t1 3 timeslots 1-24 t1 external 3 linecode b8zs cablelength 100
Be certain to enter the no t1 3 timeslots 1-24 command after the no t1 3 clock source line command.
•CSCdu71723
A Cisco router that is running Cisco IOS Release 12.1(6) may produce the following traceback messages:
%ALIGN-3-SPURIOUS Spurious memory access made at 0x603DE76C reading 0x78 %ALIGN-3-TRACE -Traceback= 603DE76C 6058CA04 6058C6D8 6058BF2C 607CAC8C 607CE4A0 607C03F4 607C94DC
There is no workaround.
•CSCdv04951
A Cisco 7200 series router may reload when it is passing a heavy traffic of large packets through a PA-A1 port adapter. The reload does not occur under normal traffic conditions.
Possible workaround: Reduce the maximum transmission unit (MTU) size of the ATM interface so that the interface never has to pass a packet of more than 4500 bytes.
•CSCdv37998
A Cisco 7500 series router that is running Cisco IOS Release 12.0(16)S1 with a channelized T3 (CT3) single wide port adapter on a Versatile Interface Processor (VIP) may experience a flapping of the interfaces that are created on the CT3 controller.
Workaround: Reload the VIP.
•CSCdv48962
When a Fast Ethernet (FE) interface is configured for a keepalive value other than the default of 10 seconds, this new value remains in the startup configuration and in the running configuration until you enter the shutdown command followed by the no shutdown command on the FE interface. After you have entered these commands, the keepalive value in the running configuration goes back to the default value of 10 seconds. However, the new value remains in the startup configuration. There is no workaround.
•CSCdv51548
A multichannel T3 port adapter (PA-MC-2T3+) that is operating in the clear-channel mode does not send an alarm indication signal (AIS) after it is administratively shut down. There is no workaround.
•CSCdv76946
If you first configure dot1Q encapsulation on a Fast-Ethernet subinterface and then change the encapsulation to Inter-Switch Link (ISL), the router may reload when you try to send a ping message. There is no workaround.
IP Routing Protocols
•CSCdv30330
Cisco routers that are configured for Multicast Source Discovery Protocol (MSDP) may experience frequent MSDP session resets with the MSDP peers of the router. This situation is often caused by excessive source, group (S, G) information that should be contained in a domain that is being passed to the outside.
Workarounds:
–Determine if the routers have the Source-Active (SA) filters configured properly by reviewing the "MSDP SA filter recommendations" posted at ftp://ftpeng.cisco.com/ipmulticast/config-notes/msdp-sa-filter.txt.
–Determine if the router is running a Cisco IOS image that has the fix for CSCdr93446 (MSDP: Reducing SA storms and session resets [MSDP rearchitect]).
–Review the output of the show ip msdp sa-cache EXEC command to see if some of the SAs can be filtered based on the source address, the RP address, or the AS number.
•CSCdv44531
A Cisco 12000 series Internet router may reload because of a software error and display interprocess communication (IPC) and watchdog timeout messages. There is no workaround.
•CSCdv47188
If the first entry in the Multicast Border Gateway Protocol (MBGP) routing table is supernet of the destination IP address or the MBGP route exists but does not have the best path, Reverse Path Forwarding (RPF) lookup will fail or return a unicast Border Gateway Protocol (BGP) route if a unicast BGP route exists.
Workaround: Remove the first entry or add a dummy route that is smaller than the first entry. In case of a MBGP route without a best path, change the network configuration to ensure that the specified destination address has the best path.
•CSCdv63992
If you specify a group list in the ip pim rp-candidate command, the command does not get "nvgened" correctly. The group list is not "nvgened." There is no workaround.
•CSCdv65521
When there is a neighbor change on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(17)S, routes may be deleted and reinstalled for no apparent reason. There is no workaround.
•CSCdv74675
If a Border Gateway Protocol (BGP) peer-group is configured for unicast and multicast routes, multicast-routing information may be advertised to a peer-group member that did not negotiate to receive IPv4 multicast routes, causing this member to send a notification that a required attribute is missing.
Workaround: Upgrade the peer-group member that is sending the notification that a required attribute is missing to the same software as the router that is sending the multicast-routing information.
First alternative workaround: Configure the router that is sending the notification that a required attribute is missing to negotiate for IPv4 multicast routes.
Second alternative workaround: Configure the router that is sending the multicast-routing information in such a way that the peer-group members that are accepting only unicast routes are in one peer-group and the peer-group members that are accepting both unicast and multicast routes are in another peer-group.
•CSCdv81127
On a Cisco 12000 series Internet router, a Traffic Engineering (TE) tunnel may not come up after the line card reloads on the TE tunnel headend.
Workaround: Enter the shutdown command followed by the no shutdown command on the line card that functions as the outgoing interface for the TE tunnel headend.
•CSCdw11274
If a Cisco router receives a gratuitous Address Resolution Protocol (ARP) for a static ARP entry with an alias keyword, the router may reload because of a bus error.
Workaround: Do not use an alias keyword on a static ARP entry. An alias keyword allows the router to answer ARP requests for the static ARP entry, but in many cases an alias keyword is not required because the router needs the static ARP entry only for its own use.
•CSCdw15323
If you have enabled the Resource Reservation Protocol (RSVP) on a Cisco router using the ip rsvp bandwidth command and the router has at least one RSVP session going, entering the show ip rsvp reservation command returns an interface name that is clipped to only five digits. There is no workaround.
•CSCdw36746
A Cisco 12000 series Internet router that is configured with Open Shortest Path First (OSPF) may reload because of a bus error at an invalid address. There is no workaround.
•CSCdw17989
Inconsistent, unpredictable behavior may manifest when Protocol Independent Multicast dense mode (PIM-DM) is used on a point-to-point interface. There is no workaround.
ISO CLNS
•CSCdw27973
If you configure Intermediate System-to-Intermediate System (IS-IS) mesh groups under an interface without correctly configuring the IS-IS process in the global configuration, a Cisco 12000 series Engine 4 line card may reload.
Workaround: Correctly configure the IS-IS process using the router isis global configuration command.
•CSCdw31942
When a Cisco 12000 series line card is reloaded with microcode, the Intermediate System-to-Intermediate System (IS-IS) interface configuration may be lost.
Workaround: Manually reconfigure the interface configuration.
Miscellaneous
•CSCdm00113
After an online insertion and removal (OIR) of an ATM-CES-OC3 interface that is installed in a Cisco 7200 series router, all running-configuration parameters are retained except for the parameters of the atm max-channels command. There is no workaround.
•CSCdr92924
If three Cisco 12000 series Internet router that are using Frame Relay encapsulation connect to each other, and the middle router is configured with access lists, pings between the routers fail. There is no workaround.
•CSCds21112
A route will be suppressed only if an update is received while the penalty value is above the suppression limit. This condition will cause the software to flag a route as suppressed when the withdraw that causes the penalty to go above the suppress limit is received. There is no workaround.
•CSCds28731
When a member link is shut down in a distributed Multilink PPP (dMLP) bundle, the Multilink interface may flap. The following sample syslog output is displayed when this condition occurs:
%SYS-5-CONFIG_I: Configured from console by console %LINK-5-CHANGED: Interface Serial0/0/0:0, changed state to administratively down %LINK-3-UPDOWN: Interface Multilink1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0:0, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/1:0, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink1, changed state to down %LINK-3-UPDOWN: Interface Multilink1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/1:0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink1, changed state to up
There is no workaround.
•CSCds30121
A Cisco 12000 series Internet router with approximately 100 switched virtual circuits (SVCs) may stop sending data randomly across any SVC. This situation is accompanied by "encapsulation error2" failure messages.
Workaround: Remove the SVC from the map group and add it back again.
•CSCds76314
A permanent virtual connection (PVC) may go from active status to inactive status and display "%ATMCES-1-ERRCREATEVC" error messages if the following actions occur:
–The following sequence of commands is entered on a subinterface:
(config-subif)
# shut(config-subif)
# shutdown# no shut
(config-subif)(config-subif)#
no shutdown–PVC configuration mode is entered and then exited by entering the end command.
Workaround: Reconfigure the PVC or reload the router.
•CSCds82662
On a Cisco 7200 series I/O controller card with a Fast Ethernet (FE) interface (RJ-45) that is configured with Protocol Independent Multicast (PIM) and full duplex, the line protocol flaps when the cable is removed or fails instead of just going to line protocol down.
Workaround: Remove either PIM or full duplex from the interface.
•CSCdu05363
Selective packet discard (SPD) does not function on Gigabit Ethernet line cards (Engine 1 and Engine 2) and Fast Ethernet line cards that are installed in a Cisco 12000 series Internet router.
Workaround: Increase the input hold queue to store the excess packets.
•CSCdu53023
The IfTable is not updated with the ATM information layer when a new ATM card is inserted.
Workaround: Reload the router.
•CSCdu60369
The logging synchronous line configuration command may cause logging to stop.
Workaround: Remove this command.
•CSCdu67066
The Layer 2 (L2) status may suddenly change to TEL_ASSIGNED on a multichannel DS1/PRI port adapter (PA-MC-4T1). This condition cannot be corrected by entering the shutdown command followed by the no shutdown command.
Workaround: Reload the router.
•CSCdu72587
Multiprotocol Label Switching (MPLS) and tag switching do not function properly between Multilink PPP interfaces on Cisco 7500/RSP series routers if distributed Cisco Express Forwarding (dCEF) switching is enabled on interfaces participating in tag switching.
Workaround: Do not enable dCEF globally, or disable dCEF on interfaces that are configured for tag switching by entering the no ip route-cache distributed interface configuration command.
•CSCdv01350
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0 S may see Internet Group Management Protocol (IGMP) mtrace response packets (protocol=2, IGMP type=0x1E) stay in an interface input hold queue indefinitely. These packets may eventually fill up the interface input hold queue and cause packet drops.
Workaround: Reload the router to clear the packets from the input hold queue, and increase the input hold queue depth using the hold-queue queue-length interface configuration command.
•CSCdv14760
On a Cisco 12000 series Internet router, the configuration of the ip route-cache cef command on the Ethernet 0 interface results in the following error message:
%CEF not supported for ARPA
CEF cannot be enabled on the Ethernet 0 interface.
Note The GRP Ethernet port is designed for use as a management interface only. Cisco does not support the use of Ethernet 0 as a traffic-switching port nor the enabling of CEF on this port. Cisco will likely disable the ip route-cache cef for Ethernet 0 in future Cisco IOS releases. Cisco encourages customers to migrate from Ethernet 0 switching configurations. Ethernet line cards are available for the Cisco 12000 series Internet router for customers who require Ethernet interfaces.
•CSCdv19356
On Cisco 12000 series Internet routers, output packet and byte counters are sometimes reported too high on Channelized T3 and DS3 line cards when the ingress rate is higher than the egress rate (for example, OC-3 or OC-12 in and T3 or lower out). In this situation, packets are dropped. There is no workaround.
•CSCdv19845
On a Cisco router that is running Cisco IOS Release 12.0(15)S5, the Router Processor may become overloaded if IP multicast routing is enabled but Multicast Distributed Fast Switching (MDFS) is not enabled on the interfaces.
Workaround:
Make MDFS the default for IP multicast switching.
•CSCdv25238
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19)S, the router may not forward Multiprotocol Label Switching (MPLS)-encapsulated TCP packets correctly when it has to POP the outer label. This situation also affects User Datagram Protocol (UDP)/Internet Control Message Protocol (ICMP)-based traffic when the packet size equals 1500 bytes. A symptom of this condition is giant frame counter increments on the interface. There is no workaround.
•CSCdv40918
When the tag-switching ip configuration is disabled globally, the Tag Distribution Protocol (TDP) or a Label Distribution Protocol (LDP) will not be torn on a label-controlled ATM (LC-ATM) interface even if the interface is not being used by any other application. The Tag Forwarding Information Base (TFIB) is properly maintained in spite of this condition. This condition does not occur if non-ATM interfaces are used. There is no workaround.
•CSCdv43373
A Gigabit Ethernet interface on a Cisco 7500 series router may experience interprocess communication (IPC) memory buffer problems after the output becomes stuck and may display the following message:
%RSP-3-RESTART: interface GigabitEthernet0/0/0, not transmitting Output Stuck on GigabitEthernet0/0/0
Workaround: Avoid using autonegotiation.
•CSCdv43870
When you configure a Cisco 12000 series Internet router for load sharing over equal-cost paths with Multiprotocol Label Switching (MPLS) or tag switching, traffic may be dropped. There is no workaround.
•CSCdv44349
If you send Connectionless Network Service (CNLS) traffic through an ATM Permanent Virtual Circuit (PVC) on a Cisco 7500 series router, a spurious memory access occurs at location hqf_vip_decode_encaps. There is no workaround.
•CSCdv48810
On a Cisco 12000 series Internet routers that is running Cisco IOS Release 12.0(19)S, the Unicast Reverse Path Forwarding (uRPF) feature on Packet-over-SONET (POS)-based Engine 2 line cards yields low performance rates. This occurs for both basic uRPF and extended uRPF. There is no workaround.
•CSCdv52657
On a Cisco router with an interface or subinterface that is configured with "new style" switched virtual circuits (SVCs) that serve as network service-access points (NSAPs), when you select a SVC for deletion, only the last-configured SVC may get deleted instead of the SVC that was selected for deletion. There is no workaround.
•CSCdv54509
Bringing up an X.75 call on an E1/PRI interface may cause a "SYS-3-INVMEMINT" error message that indicates that there is a memory action (malloc) at the interrupt level. There is no workaround. This error message does not impact the user.
•CSCdv56910
All multicast traffic slows down when Protocol Independent Multicast (PIM) is disabled on one egress. This condition occurs because all multicast packets are punted to the Route Processor (RP) after the PIM is disabled on one egress card. There is no workaround.
•CSCdv60987
A Cisco router may reload when the show flash all EXEC command is entered. (This condition is noticeable only on low end systems that support multiple banksizes for internal flash.)
Workaround: Replace multiple banksize flash with uniform banksize flash.
•CSCdv61178
On a Cisco 7500 series router that is running Cisco IOS Release 12.0(19)S, a VIP4-80 with an OC-12 ATM multimode port adaptor reloads when an ATM subinterface is configured with ATM adaptation layer 5 (AAL5) Subnetwork Access Protocol (SNAP) bridge encapsulation and the following input and output rate limits:
rate-limit i 10k 5k 5k co tr ex dr
rate-limit o 10k 5k 5k co tr ex drThere is no workaround.
•CSCdv62988
If a Cisco 12000 series egress line card is configured with ports that have different bandwidth, the ToFab queues on an Engine 3 line card may not be serviced fairly by Modified Deficit Round Robin (MDRR). There is no workaround.
•CSCdv63849
On a Cisco 12000 series Internet router that is functioning in a Multiprotocol Border Gateway Protocol (MBGP) and Multiprotocol Label Switching (MPLS) environment, a Gigabit Ethernet (GE) line card that is configured with an async interface and the ip multicast-routing distributed and ip mroute-cache distributed commands does not transmit multicast traffic from slot 0.
Workaround: Enter the shutdown command followed by the no shutdown command.
First alternative workaround: Remove the configuration of the async interface.
Second alternative workaround: Enter the no ip mroute-cache command on the GE line card.
•CSCdv64966
If you enable Turbo access control lists (Turbo ACLs) on a Cisco 12000 series line card and an ACL is applied to the interface that is running traffic, disabling and then reenabling Turbo ACLs will cause the line card to reload.
Workaround: Remove the ACL from the interface, recompile the Turbo ACLs, and reapply the ACL to the interface.
•CSCdv66909
On a Cisco 12000 series Internet router that is configured with a 1-port or a 3-port Gigabit Ethernet line card, packets that are destined for a VLAN subinterface that has been configured as administratively down may still be forwarded through the router. There is no workaround.
•CSCdv67719
Output distributed committed access rate (DCAR) on a subinterface does not work in distributed Cisco Express Forwarding (dCEF) mode for packets that are coming in from the same Versatile Interface Processor (VIP).
Workaround: Use the police feature provided by the service policy.
•CSCdv68765
If an Advanced Technology Attachment (ATA) disk is inserted into a different slot after a router has booted up, the Inode numbers of the files in the Inode table may be displayed incorrectly. This condition may not occur if the disk is removed and reinserted to the same slot. There is no workaround.
•CSCdv69195
A Cisco 12000 series 4-port OC48/POS line card that is used as an ingress interface reloads when egress traffic contains tagged packets that have to be fragmented. There is no workaround.
•CSCdv70344
The "Per-Second-Jobs" process on a Cisco 12000 series Internet router may randomly use too much memory and cause the router to stop functioning. There is no workaround.
Note A "Per-Second Job" is part of a process that is visible if you enter the show proc cpu command.
•CSCdv70626
A "TUG-3" channel may start up in an invalid state, which causes a "TUG-3:DS-3/E3" channel to remain in a "down/down" state. There is no workaround.
•CSCdv71868
Tagswitching may not function after it has been enabled. There is no workaround.
•CSCdv73253
A DS-3 channel that is reprovisioned to a "TUG-3:DS-3/E3" channel may remain in a down state, even though no SONET alarms are reported. There is no workaround.
•CSCdv77168
If an access control list (ACL) with 128 or 448 lines is configured on a Cisco 12000 series Engine 2 line card, traffic may match a wrong line of the ACL.
Workaround for an ACL with 128 lines: Use an ACL with less than 96 lines.
Workaround for an ACL with 448 lines: Use an ACL with less than 416 lines.
•CSCdv77966
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19)S or a higher release, the CPU utilization of a 10-port 1-Gigabit Ethernet line card goes up to 100 percent if the card receives packets with the "Don't Fragment" bit set to 1 and these packets must be fragmented.
After two or three minutes, the Forwarding Information Base (FIB) becomes disabled with the following error message:
Nov 2 10:08:41: %FIB-3-FIBDISABLE: Fatal error, slot 5: No window message, LC t o RP IPC is non-operational
There is no workaround.
•CSCdv79054
A Cisco 7500 series router that is configured with a PA-MC-STM1 port adapter may lose a few hundred bytes of memory each time a channel group is added and deleted. There is no workaround.
•CSCdv79980
Significant throughput degradation may occur on a PPP multilink if the fragment delay on a 2-port multichannel E1 port adapter (PA-MC-2E1) that is configured for channel groups is set to a value that is lower than the default value. There is no workaround.
•CSCdv80459
If you enter the show controller frfab traffic-shape 1 0 127 command on an Engine 4 line card that is installed in a Cisco 12000 series Internet router, the line card may reload. There is no workaround.
•CSCdv81042
A Cisco 12000 series Internet router may generate shutdown messages for its power supplies, but the power supplies work fine and the LEDs do not indicate any problems. There is no workaround.
•CSCdv81088
On a Cisco 12000 series Internet router, when a Gigabit Interface Converter is removed from and then reinserted in a 1-port Gigabit Ethernet line card that is switching multicast traffic, the line card reloads. There is no workaround.
•CSCdv81133
On a Cisco 12000 series Internet router, when you connect and disconnect the Rx cable between Engine 4 Packet-over-SONET (POS) line cards and a Cisco ONS platform, continuous ping failures may occur, although the line cards are in an up/up state.
Workaround: Enter the hw-module slot x reload command on the POS line cards.
•CSCdv82664
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(18)S1, when the 1-port OC48/POS line card is configured with the rate-limit input command and the set-prec-transmit command is set to 1, the line card fails to ping the far-end router. When the set-prec-transmit command is set to 0, the ping is successful. There is no workaround.
•CSCdv83917
If you repeatedly create and delete channel groups on a Cisco 7500 series router that is configured with a PA-MC-STM1 port adapter, the router may reload. There is no workaround.
•CSCdv84086
In Cisco IOS software that is running Multiprotocol Label Switching (MPLS) Traffic Engineering (TE), the Link Management (LM) module may remove a Label Switched Path (LSP) while it is in the process of preempting other LSPs in order to admit the original one. This may result in a software reload.
This condition may occur if immediately after receiving a reservation request for an LSP, the Resource Reservation Protocol (RSVP) receives a teardown request for the same LSP. The problem is only triggered when preemption of other LSPs is necessary in order to admit the LSP in question, and when an unlikely timing of interactions between LM and RSVP occurs.
•CSCdv84259
If you globally enable the ip cef distributed command on a Cisco 7500 series router, a non-Versatile Interface Processor (VIP) interface will come up with the ip route-cache distributed command enabled by default, causing some features to fail.
Workaround: Configure the no ip route-cache distributed command on a non-VIP interface.
•CSCdv85106
On a Cisco 12000 series 1-port Gigabit Ethernet line card, if you ping an Engine 4 1-port OC192/POS line card or an Engine 4 4-port OC48/POS line card, datagrams are dropped. The first packet-size ranges to fail are the packets from 36 through 45 and from 1501 through 1525. From 1501 on, packet sizes fail at intervals of 1480 packets: from 2981 (that is, 1501 + 1480) packets are again dropped for 24 packets and then get through again for another 1480 packets, and so on. There is no workaround.
•CSCdv86327
When tag switching is enabled on a Cisco 12000 series Engine 4 Packet-over-SONET line card, the output committed access rate (CAR) counter counts the wrong exceeded IP-to-tag packets. There is no workaround.
•CSCdv86429
If you enter the clear ip mds forwarding command on a line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(20)S or Release 12.0(20)ST, the Multicast Forwarding Information Base (MFIB) may end up being incomplete and may stop traffic form being forwarded.
Workaround: Enter the clear ip mroute * command on the Route Processor to restore traffic forwarding.
•CSCdv87400
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S, the output interface IP byte counters on an Engine 4 or Engine 4 plus line card may be incorrect. There is no workaround.
•CSCdv87559
When you enable distributed tag switching on a serial interface on a Cisco 7500 series PA-MC-STM-1 port adapter and a packet cannot be switched by the Versatile Interface Processor (VIP), the packet may be dropped without being switched by the Route Switch Processor (RSP). There is no workaround.
•CSCdv88431
An online insertion and removal (OIR) of a Cisco 12000 series Engine 4 Packet-over-SONET (POS) line card may cause the line card to pause indefinitely in the "PWR ON" state.
Workaround: Continue to perform an OIR until the line card comes up correctly.
•CSCdv88646
A Cisco 12000 series Internet router that is configured with an Engine 4 plus card may generate tracebacks, causing Cisco Express Forwarding (CEF) to be disabled. There is no workaround.
•CSCdv89042
Traffic may fail when you enable Sampled NetFlow on any physical interface of a Cisco 12000 series Engine 2 Packet-over-SONET (POS) line card. This condition may be seen with any type of TCP/IP traffic. There is no workaround.
•CSCdv89193
When you perform an online insertion and removal (OIR) of the primary Clock and Scheduler Card (CSC) in a Cisco 12000 series Internet router while multicast traffic is being sent to a large number of multicast groups, all line cards in the router will reload.
Workaround: Do not perform an OIR of the primary CSC when multicast traffic is passing through the router to a large number of multicast groups.
•CSCdv89200
If you remove a Turbo access control list (ACL) from a Cisco 12000 series line card while traffic is being processed, the line card will reload. There is no workaround.
•CSCdv89241
If you configure an output access control list (ACL) on a Cisco 12000 series Engine 2 line card, the line card may reload. There is no workaround.
•CSCdv89507
When you insert for the first time an OC-48c/STM-16c DPT line card in a Cisco 12000 series Internet router and you do not enter the hw-module <slot- x> srp command, the router may reload with a bus error. There is no workaround.
•CSCdv89964
If you first apply a policy map to the TX side of an interface and then apply it to the to RX side of the same interface, all the incoming packets on this interface will get dropped.
Workaround: First apply the policy-map to the RX side of the interface and then apply it to the TX side.
•CSCdv90122
When a large output access control list (ACL) is applied on an Engine 3 line card that is installed in a Cisco 12000 series Internet router, the following error message may be displayed for a slot that contains an Engine 2 line card:
%SYS-4-EXMALLOCFAIL: External memory allocation of 20971520 bytes failed from EXMEM 1
There is no workaround.
•CSCdv90383
The output committed access rate (CAR) on a tag-enabled Cisco 12000 series Engine 4 Packet-over-SONET (POS) line card will not take effect if the ingress line card is an Engine 3 line card. There is no workaround.
•CSCdv90560
After an upgrade from Cisco IOS Release 12.0(18)ST to Cisco IOS Release 12.0(19)S, a Cisco 12000 series Internet router may lose the connection with the switching fabric after having recognized the switching fabric after the reboot. When the router recognizes the switching fabric, the following message will be displayed:
Primary Clock is CSC_0
Fabric Clock is Non Redundant
Bandwidth Mode: Full Bandwidth
*Nov 15 04:51:01.411: %MBUS-6-FIA_CONFIG: Switch Cards 0x1D (bit mask); Primary Clock CSC_0When the router loses the connection with the switching fabric, the following error messages will be displayed:
.Nov 15 12:39:26.885: %MBUS-6-OIR: Switch Fabric Card 16XOC48 Removed from Slot 18 .Nov 15 12:39:27.885: %MBUS-6-OIR: Switch Fabric Card 16XOC48 Removed from Slot 19 .Nov 15 12:39:28.885: %MBUS-6-OIR: Switch Fabric Card 16XOC48 Removed from Slot 20 .Nov 15 12:39:29.885: %MBUS-6-OIR: Clock Scheduler Card 16XOC48 Removed from Slot 16
Nov 15 12:40:11.193: %MBUS-0-NOCSC: Cannot find CSC card in slot 16
Nov 15 12:40:11.317: %MBUS-0-NOCSC: Must have at least 1 CSC card
Nov 15 12:40:18.917: %FABRIC-3-CRC: Switch card 16There is no workaround.
•CSCdv90792
A 3-port Gigabit Ethernet line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S or higher 12.0(16)S releases may reload intermittently with "PSAERRSS" errors and bus errors under the following conditions:
a. At least five output access control lists (ACLs) are configured on the router (the sixth output ACL is being handled by the CPU of the line card).
b. Ingress traffic that is destined for egress on the local line card is matching access control entries (ACEs) that are being executed on the ingress CPU.
c. A large volume of Border Gateway Protocol (BGP) routes are present.
d. The above-mentioned traffic scenario occurs during periods of heavy changes in the Forwarding Information Base (FIB).
"FIB-4-RADIX" insert messages may be displayed before the line card reloads.
This issue is resolved in Cisco IOS Release 12.0(16)S7 and higher releases. There is no workaround for the affected releases.
•CSCdw00005
When a channelized port adapter (CT3) is used and if framing is reconfigured with the t1 1 framing esf privileged EXEC command, certain interfaces that are configured on that T1 line may stop passing traffic. This condition occurs only if the t1 1 framing esf privileged EXEC command is entered after channel groups are already configured on the T1 line and while the channel groups are passing traffic. The framing needs to be set only for the T1 line when the first channel group is configured and does not need to be reentered when a new channel group is added.
Workaround: Enter the t1 1 framing esf privileged EXEC command only when the first interface on a T1 line is configured.
•CSCdw00011
When a channelized T3 port adapter (CT3) that is configured with multiple channel groups is used, all interfaces may stop passing traffic if T1 frames are received on one of the groups that has voice signaling enabled.
Workaround: To clear this condition, shut down the interface that corresponds to the channel group that is receiving the invalid frame. If any of the other interfaces continues to flap after the interface that is receiving the invalid frame is shut down, the interface has to be reconfigured.
•CSCdw00500
When you copy a configuration file from a File Transfer Protocol (FTP) server to a Cisco router, a one-time password tool such as SecurID does not work because the Cisco IOS software establishes multiple sessions to the FTP server with the same password.
Workaround: Do not use a one-time password tool.
Alternative workaround: To copy the configuration file, use another protocol, such as the TFTP or the remote copy protocol (RCP).
•CSCdw01226
An Engine 4 line card that is running Cisco IOS Release 12.0(17)ST3 may reload repeatedly and enter the REQ DUMP state. There is no workaround.
•CSCdw02485
After you enter the encapsulation ppp command on a channelized interface during the configuring of distributed Multilink PPP (dMLPPP) on an 8-port multichannel T1/E1 port adapter, a FlexWAN module may reload.
Workaround: Complete the configuration after the FlexWAN module has reloaded.
•CSCdw02869
A Cisco 7206VXR router that is configured with Multiprotocol Label Switching (MPLS) and the Web Cache Communication Protocol (WCCP) may reload because of a bus error and display the following message in the log:
%ALIGN-1-FATAL: Corrupted program counter pc=0x0, ra=0x60F82504, sp=0x628D48F0
%ALIGN-1-FATAL: Corrupted program counter pc=0x0, ra=0x60F82504, sp=0x628D48F0The crashinfo file will contain the following message:
Unexpected exception, CPU signal 10, PC = 0x0
$0 : 00000000, AT : 00000030, v0 : 00000000, v1 : 00000001
a0 : 6333CA68, a1 : 628A1428, a2 : 5E19160A, a3 : 6325DB98
t0 : 0000883E, t1 : 62BF8700, t2 : 629D80A0, t3 : 625D0000
t4 : 00000030, t5 : 00000000, t6 : D4989620, t7 : 6333CA68
s0 : 00000003, s1 : 00000000, s2 : 62942B80, s3 : 628A144C
s4 : 6293B998, s5 : 628A1428, s6 : 6293A714, s7 : 5E1915E0
t8 : 6060E108, t9 : 62A62468, k0 : 00000000, k1 : 00000000
gp : 6238A280, sp : 628D48F0, s8 : 628D4BA8, ra : 60F82504
EPC : 00000000, ErrorEPC : 604E54D4, SREG : 3400F903
Cause 00000008 (Code 0x2): TLB (load or instruction fetch) exception
-Traceback= 0 60F82504 60F81F58 60F89848 601053F0 601091A0
Workaround: Disable the WCCP redirection.
•CSCdw03079
When you make thousands of calls, the "IPC LC Message Handler" process uses a high amount of the CPU because of the statistics update. There is no workaround.
•CSCdw03179
When you configure a Packet-over-SONET 8xOC-3 line card in a Cisco 12000 series Internet router as an Automatic Protection Switching (APS) working or protecting line card, the line card may accept input traffic even while it is deselected by APS. This condition causes duplicated packets.
Workaround: When the error condition occurs, enter the shutdown command followed by the no shutdown command on the line card that is deselected by APS.
•CSCdw03264
If you perform a copy operation from the TFTP server to the running configuration file in order to copy access control entries (ACEs) to access control lists (ACLs) that are already applied to an interface of a Cisco 12000 series Engine 3 line card, the router reloads.
Workaround: First copy the ACEs to the running configuration file and then apply the ACLs to the interface.
•CSCdw04701
The Cisco Discovery Protocol (CDP) is disabled by default on a Cisco 10000 series edge services router. You can enable the CDP by entering the cdp run global configuration command on each interface.
After you have saved the configuration and reloaded the router, the cdp run global configuration command is saved in the configuration. However, the CDP commands on the interfaces are not saved in the configuration and you have to manually reenter the cdp enable command on each interface. There is no workaround.
•CSCdw05061
A line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19)S1 may slowly lose its available memory. The memory allocation of the "LC IP Source Tracker Export" process, which you can display by entering the show processes memory command, will increase at a rate of about 416 bytes per minute.
Partial workaround: Enter the ip source-track export interval 120 configuration command to reduce the leak rate to 104 bytes per minute.
•CSCdw06558
A Cisco 12000 series Internet router with about 500 or more tunnels configured may reload if you enter the no mpls traffic-eng tunnels command. There is no workaround.
•CSCdw06785
On a Cisco 12000 series Internet router, Sampled NetFlow may report a source interface incorrectly. There is no workaround.
•CSCdw07376
When the same access control list (ACL) is applied as an output ACL to several interfaces on a Cisco 12000 series Internet router and you reload the router, the ACL no longer works correctly.
Workaround: Reload the microcode onto the line card or line cards with the interfaces to which the output ACL is applied.
Alternative workaround: Reapply the ACL to the interfaces.
•CSCdw07833
If you unshut (restart) a Cisco 12000 series line-card interface to which an access control list (ACL) is applied, the line card reloads and generates a "Profile Manager" failure message. There is no workaround.
•CSCdw08646
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S, IP-to-IP fragmentation does not occur on a 3-port Gigabit Ethernet line card, regardless of whether the ingress and egress line cards are the same or not. When you configure a maximum transmission unit (MTU) on port 0 of the egress card and the MTU is larger than the packet that is to be sent, the fragmentation will not occur. There is no workaround.
•CSCdw09570
If you use the debug condition interface command to enable conditional debugging on an interface, some serial debugs—notably High-Level Data Link Control (HDLC) keepalive debugs—will also be enabled, even if you do not set the debug serial interface command. There is no workaround.
•CSCdw10550
On an interface of a Cisco 7500 series router, if the input service policies have the same classes as the output service policies and you cause an invalid configuration by attaching an input service policy with the same queuing feature that is already enabled on the output service policy, the input service policy will be denied. If you then try to update the output service policy, the router may reload.
Workaround: First remove the output service policy from the interface and then reconfigure and update the output service policy.
•CSCdw11216
Even though a slot on a Cisco 12000 series Internet router is not populated with a line card and no online insertion and removal (OIR) message was displayed when a line card was inserted and removed from the slot, the router may display the following messages:
%MBUS-3-EEPROM: Failed read EEPROM location 1 in slot 0 detecting bad h/w at startup %MBUS-3-READREG: Failed to read register 20000 in slot 0 show controller fab_clk_fpga
There is no workaround.
•CSCdw11416
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19)S and that has the Cisco Group Management Protocol (CGMP) configured on a 3-port Gigabit Ethernet line card may send out CGMP messages with an incorrect station MAC address. There is no workaround.
•CSCdw13574
With more than one permanent virtual circuit (PVC) configured on a PA-A2 port adapter that is installed in a Cisco 7200 series router, the port adapter can still receive output drops when the peak cell rate (PCR) is reached. If you stop the traffic flow, the interface continues to take output drops until you enter the shutdown command followed by the no shutdown command. There is no workaround.
•CSCdw15235
If you apply a policy map to an interface on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S3, the router reloads. There is no workaround.
•CSCdw15531
When you send tag packets to a Cisco 12000 series Engine 4 line card that is not enabled for Multiprotocol Label Switching (MPLS), the line protocol of the line card will go down after about 200 packets. There is no workaround.
•CSCdw18116
An interface of a PA-MC-T1 or PA-MC-E1 port adapter may experience an "Output Stuck" condition, especially when it is configured in PRI mode. There is no workaround.
•CSCdw19011
A PA-2E3 Packet-over-E3 port adapter may exhibit cyclic redundancy check (CRC) errors. There is no workaround.
•CSCdw20118
If you enter the copy rcp command to enable the remote copy protocol and you specify the destination filename, the startup may fail with an error message that states that there is not enough space on the device:
r01.nycmny01.us.bb#copy rcp: startup Address or name of remote host [eng0]? Source username [jared]? Source filename [r01.nycmny01.us.bb-confg]? r01.nycmny01.us.bb-confg Destination filename [startup-config]? startup-config Accessing rcp://jared@eng0/r01.nycmny01.us.bb-confg...! %Error copying rcp://jared@eng0/r01.nycmny01.us.bb-confg (Not enough space on device)
There is no workaround.
•CSCdw20150
If you enter the no cos gsr tx command on a Cisco 12000 series Internet router that is configured with Engine 4 line cards, packets may be switched to the wrong interfaces. There is no workaround.
•CSCdw21652
Attaching a quality of service (QoS) service policy with bandwidth "kbps" classes to an ATM permanent virtual circuit (PVC) may cause the following error:
bandwidth assignment must be at least 1% of link rate
Workaround: Use bandwidth percent in the QoS configuration.
•CSCdw21954
An output committed access rate (CAR) rule that is configured on a Cisco 12000 series line card may not be hit correctly.
Workaround: Reload the microcode onto the line card.
Alternative workaround: Reapply the output CAR rule to the line card.
•CSCdw24488
If working and protect Automatic Protection Switching (APS) Packet-over-SONET (POS) interfaces are installed in different Cisco 12000 series Internet routers and the router that contains the working interface reloads, the protect interface may not be activated, even after the reboot process of the router that contains the working interface has been completed.
Workaround: Before you the reload the router that contains the working interface, enter the aps manual 1 command on the protect interface to force the traffic to the protect interface.
Alternative workaround: After you have reloaded the router that contains the working interface, enter the shutdown command followed by the no shutdown command on the working interface.
•CSCdw24656
After you have entered the clear ip bgp command for neighbors that have a large number of prefixes, an Engine 2 line card that is installed in a Cisco 12000 series Internet router may incorrectly drop some high-priority packets that are destined for the router. This condition may result in a loss of Border Gateway Protocol (BGP) keepalives, which will cause the BGP connection to reset. There is no workaround.
•CSCdw24762
If you use the hw-module slot slot-number shutdown command to perform an online insertion and removal (OIR) of the primary Clock and Scheduler Card (CSC) of a Cisco 12000 series Internet router during active traffic, an Engine 4 plus 4-port OC-48 line card may reload. There is no workaround.
•CSCdw24905
If you configure Multilink PPP (MLPPP) on a 6-port channelized T3 line card and you perform an online insertion and removal (OIR) of the line card, the following error message and traceback will occur:
%DMLPGRP-4-NOTCX3LINK: cannot remove the link because it is not CX3
-Traceback= 50312618 505E4400 505E7258 501BB5CC 501BB5BThere is no workaround.
•CSCdw25090
A Cisco 7500 series router may reload because of a watchdog timeout. There is no workaround.
•CSCdw25191
After many tag bindings (that is, thousands of tag bindings for hundreds of destinations) have been established on a Cisco 7200 series router, entering the no tag ip global configuration command may cause the router to reload.
Workaround: Instead of entering the no tag ip command at the router level, enter the command on each interface individually.
•CSCdw26742
If you inject a large number of routes (about 160,000) on an Engine 4 line card that is installed in a Cisco 12000 series Internet router, the line card may reset. There is no workaround.
•CSCdw26943
If you insert or remove a primary Clock and Scheduler Card (CSC) in or from a Cisco 12000 series Internet router, an Engine 4 10-port Gigabit Ethernet line card may stop forwarding and receiving traffic.
Workaround: Reload the microcode to restore the line card to normal operation.
•CSCdw29949
If you enable tag-to-tag load balancing on a Cisco 12000 series Internet router with an Engine 4 line card that serves as an ingress line card, the router stops forwarding traffic.
Workaround: Enter the clear ip route * command.
•CSCdw30397
An egress access control list (ACL) on an Engine 2 line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(21)S may cause an OC48/SRP line card to fail. There is no workaround.
•CSCdw32136
Launching the fabric downloader on a Cisco 12000 series line card with 128 MB of memory or less may fail. This condition occurs when the ROM version of the fabric downloader is "downrev" and you download through the maintenance bus (MBus).
"Downrev" means that either the major version of the ROM is different from the version that is bundled with the running Cisco IOS software image or the major version of the ROM is the same but the minor version of the ROM is lower than the required minor version for the running Cisco IOS software image.
If the ROM version is "downrev", the Cisco IOS software image tries to use the bundled version of the fabric downloader, otherwise the ROM version is used.
Workaround: Change to a Cisco IOS software image that contains a good fabric downloader. In case the non-working fabric downloader has been upgraded into the ROM, use a real old Cisco IOS software image (such as a one-year old image) with a different major version of the fabric downloader for the bootup process and then upgrade the fabric downloader in the ROM.
•CSCdw32604
If you manually apply multiple committed access rate (CAR) rules, the following error messages may display:
SLOT 3:00:42:03: %EE48-5-TM_PROC: TCAM Mgr Add Table not free(40), Alpha:RX Lbl:6183 Appl:3 fail: 40
or
SLOT 2:00:43:17: %TCAM_MGR-3-UNUSUAL_BUG_WARNING: Deleting mbu with refcount = 0 from alloced mbus table mbu 44F45D3C free_array_index 0 region_id 14
Workaround: Copy the CAR rules from the TFTP server.
•CSCdw37661
If you use the Modular QoS CLI (MQC) to apply the same committed access rate (CAR) rule to two different interfaces and then you unconfigure and reconfigure the CAR rule on both interfaces, the following error message may be displayed:
SLOT 6:00:01:52: %EE48-5-TM_PROC: TCAM Mgr Add Table not free(40), Alpha:RX Lbl:6148 Appl:3 fail: 40
Workaround: Copy the new configuration from the TFTP server instead of entering the configuration manually.
•CSCdw37768
Even after you have removed a line card from the slot of a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(18)S, the router may still display messages that are associated with the removed line card. There is no workaround.
•CSCuk28769
If you enter the clear ip route * command or the clear cef linecard command, the Forwarding Information Base (FIB) may become inconsistent with the Routing Information Base (RIB), which could cause a forwarding loop. There is no workaround.
•CSCuk30224
On platforms that support distributed Cisco Express Forwarding (dCEF), when CEF reloads the forwarding table (FIB) on a line card, either at boot time or after an online insertion and removal (OIR) event, the Forwarding Information Base (FIB) of the line card may be missing one or more prefixes.
Workaround: Enter the clear cef linecard slot on the affected line card.
Wide-Area Networking
•CSCdt57260
Pings are not passed with bridged PPP. There is no workaround.
•CSCdv34579
Under heavy traffic conditions, a Versatile Interface Processor (VIP), Gigabit Ethernet Interface Processor (GEIP), GEIP+, or Packet OC-3 Interface Processor (POSIP) that is installed in a Cisco 7500 series router may reload. The VIP reload information contains the following error message:
%DMA-1-DRQ_STALLED: DRQ stalled. Dumping DRQ.
There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(19)S4
Cisco IOS Release 12.0(19)S4 is a rebuild of Cisco IOS Release 12.0(19)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(19)S4. This section describes only severity 1 and 2 caveats.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Resolved Caveats—Cisco IOS Release 12.0(19)S3
Cisco IOS Release 12.0(19)S3 is a rebuild of Cisco IOS Release 12.0(19)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(19)S3. This section describes only severity 1 and 2 caveats.
•CSCdv84788
A Versatile Interface Processor (VIP) may reload or record spurious access after class maps are configured for Frame Relay. There is no workaround.
•CSCdw24995
If a Cisco 12000 series Engine 2 line card forwards traffic with large Multicast Group ID (MGID) numbers, spurious memory access errors may occur when the multicast routing table is cleared. There is no workaround.
•CSCdw63039
During low memory conditions, it is possible for the peer-group leader to not receive all routes.
There is no workaround to prevent this situation, but if this situation occurs, use the clear ip bgp x.x.x.x soft out EXEC command to force Border Gateway Protocol (BGP) to resend updates to x.x.x.x.
•CSCdx06621
A Cisco router that is running Cisco IOS Release 12.1(13) or another Cisco IOS release may reload with a bus error that is related to Open Shortest Path First (OSPF). There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(19)S2
Cisco IOS Release 12.0(19)S2 is a rebuild of Cisco IOS Release 12.0(19)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(19)S2. This section describes only severity 1 and 2 caveats.
•CSCdv90792
A 3-port Gigabit Ethernet line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S or higher 12.0(16)S releases may reload intermittently with "PSAERRSS" errors and bus errors under the following conditions:
a. At least five output access control lists (ACLs) are configured on the router (the sixth output ACL is being handled by the CPU of the line card).
b. Ingress traffic that is destined for egress on the local line card is matching access control entries (ACEs) that are being executed on the ingress CPU.
c. A large volume of Border Gateway Protocol (BGP) routes are present.
d. The above-mentioned traffic scenario occurs during periods of heavy changes in the Forwarding Information Base (FIB).
"FIB-4-RADIX" insert messages may be displayed before the line card reloads.
This issue is resolved in Cisco IOS Release 12.0(16)S7 and higher releases. There is no workaround for the affected releases.
•CSCdw10748
A Cisco 12016 Internet router that is running Cisco IOS Release 12.0(15)S, Release 12.0(19)S, or any release in between these releases may not correctly switch over to the backup Clock Scheduler Card (CSC) in the event of a CSC failure because of a "grant parity" or "request parity" error. If one of these errors occurs, the following message may be seen in the output of the show log command:
Sep 22 03:00:56.674 JST: %FABRIC-3-PARITYERR: To Fabric parity error was detected. Grant parity error Data = 0x2.
SLOT 1:Sep 22 03:00:56.674 JST: %FABRIC-3-PARITYERR: To Fabric parity error was detected. Grant parity error Data = 0x1
The output of the show controller fia command may look as follows:
Fabric configuration: Full bandwidth redundant
Master Scheduler: Slot 16
From Fabric FIA Errors
------------------------
redund fifo parity 0 redund overflow 0 cell drops 116
crc32 lkup parity 0 cell parity 0 crc32 0
Switch cards present 0x001F Slots 16 17 18 19 20
Switch cards monitored 0x001F Slots 16 17 18 19 20
Slot: 16 17 18 19 20
Name: csc0 csc1 sfc0 sfc1 sfc2
-------- -------- -------- -------- -------- --------
los 0 1 0 0 0
state Off Off Off Off Off
crc16 1167 402 1167 1167 1167
To Fabric FIA Errors
----------------------
sca not pres 0 req error xx uni fifo overflow 0
grant parity xx multi req 0 uni fifo undrflow 0
cntrl parity 0 uni req 0 crc32 lkup parity 0
multi fifo 0 empty dst req 0 handshake error 0
cell parity 0
For further information, see the Fabric Parity Error on GSR CSC16 Card field notice at the following location: http://www.cisco.com/warp/public/770/fn16872.shtml.
There is no workaround.
•CSCdw17012
On a Cisco 12000 series Internet router that is configured with an Engine 4 line card that has 256 MB of CPU memory, the show processes memory command may show more than 4 GB of used memory. When the counter reaches 4.2 GB, it may reset to 0, which causes the line card to think it has run out of memory and to disable Cisco Express Forwarding (CEF). Issuing the clear cef linecard [slot-number] command will bring the line card back up. There is no workaround for the memory problem or to prevent the counter from resetting to 0.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(19)S1
Cisco IOS Release 12.0(19)S1 is a rebuild of Cisco IOS Release 12.0(19)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(19)S1. This section describes only severity 1 and 2 caveats.
•CSCds37169
When IP Cisco Express Forwarding (CEF) is enabled on a Route Switch Module (RSM) and you reload the RSM, the interfaces show that the no ip route-cache cef interface configuration command is enabled, which causes the CPU to run at 99 percent.
Workaround: Manually change the configuration.
•CSCds81716
On a Versatile Interface Processor (VIP) console, a spurious memory access trace message may be displayed when the serial interface comes up. There is no workaround.
•CSCdt96253
Three different Cisco product lines are susceptible to multiple vulnerabilities in the Secure Shell (SSH) protocol. These issues are inherent to the SSH protocol version 1.5, which is implemented in several Cisco product lines.
By exploiting the weakness in the SSH protocol, it is possible to insert an arbitrary command into an established SSH session, collect information that may help in brute force key recovery, or brute force a session key.
The affected product lines are as follows:
–All devices, including routers and switches, running Cisco IOS software supporting SSH
–Catalyst 6000 switches running CatOS
–Cisco PIX Firewall
No other Cisco products are vulnerable.
It is possible to mitigate this vulnerability by preventing, or having a control over, interception of SSH traffic. see the advisory at the following URL:
http://www.cisco.com/warp/public/707/SSH-multiple-pub.html
•CSCdu05363
Selective packet discard (SPD) does not function on Gigabit Ethernet line cards (Engine 1 and Engine 2) and Fast Ethernet line cards that are installed in a Cisco 12000 series Internet router.
Workaround: Increase the input hold queue to store the excess packets.
•CSCdu35175
Six vulnerabilities involving the access control list (ACL) have been discovered in multiple releases of Cisco IOS software for the Cisco 12000 series Internet router. Not all vulnerabilities are present in all Cisco IOS releases, and only line cards based on the Engine 2 are affected by them. No other Cisco product is vulnerable.
The workarounds are described in the "Workarounds" section of the advisory that is available at the following URL:
http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
Workaround: Use the shut command followed by the no shut command to flap the interface.
•CSCdu81007
The Cisco Express Forwarding (CEF) table is not updated properly when the IP address of an interface changes. The new IP address is added to the CEF table but the old one is not removed. If subinterfaces are used, the old ones remain in the CEF table even after the subinterfaces are removed.
Workaround: When you issue the shut command on the subinterface before changing the address, the IP address is correctly deleted from the CEF tables.
•CSCdu81936
If a router receives an Address Resolution Protocol (ARP) packet that has the router's own interface address but with a different MAC address, the ARP packet can overwrite the router's own MAC address in the ARP table, causing that interface to stop sending and receiving traffic. This attack is successful only against interfaces on the Ethernet segment that is local to the attacking host.
Workaround: Hard-code the interface's ARP table entry by using the arp ip-address hardware-address type [alias] command. This entry will remain in the ARP table until the clear arp command is issued. see the advisory at the following URL:
http://www.cisco.com/warp/public/707/IOS-arp-overwrite-vuln-pub.shtml
•CSCdu86853
A Cisco 7500 series router that is running Cisco IOS Release 12.0 S, 12.1, 12.2, or 12.1 E with a 2-port channelized T3 port adapter (PA-MC-2T3+) may report an incorrect FREEDM version for the second port. The FREEDM version for the first port is shown correctly, but a version number of zero (0) is shown as the version number for the second port. There is no workaround.
•CSCdv19356
On Cisco 12000 series Internet routers, output packet and byte counters are sometimes reported too high on Channelized T3 and DS3 line cards when the ingress rate is higher than the egress rate (for example, OC-3 or OC-12 in and T3 or lower out). In this situation, packets are dropped. There is no workaround.
•CSCdv21302
On a 4xOC12 or 16xOC3 channelized ISE line card that is installed in a Cisco 12000 series Internet router that is configured for Automatic Protection Switching (APS), after forcing a switchover via the aps force 1 command and then reloading the protecting line card, there is no switchover back to the working line card.
Workaround: Force the switchover back to the working line card by entering the shutdown command followed by the no shutdown command.
•CSCdv24152
A Cisco router that is running Cisco IOS Release 12.0(17)S and later 12.0 S releases may reset if Frame Relay has been incorrectly configured. If you apply the same data link control (DLC) value on an interface and on its subinterface twice in a row, the router may reset. There is no workaround.
•CSCdv25238
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19)S, the router may not forward Multiprotocol Label Switching (MPLS)-encapsulated TCP packets correctly when it has to POP the outer label. This situation also affects User Datagram Protocol (UDP)/Internet Control Message Protocol (ICMP)-based traffic when the packet size equals 1500 bytes. A symptom of this condition is giant frame counter increments on the interface. There is no known workaround.
•CSCdv26031
The T3 controller on a 2CT3 port adapter does not come up (even if locally looped) if the controller is receiving "loss of signal" messages. There is no workaround.
•CSCdv32536
When a Cisco 7200 series router that is configured with an ATM-PA-A3 port adapter receives packets with a multicast MAC address on a virtual circuit (VC) that has been configured for 1483-bridged mode, all packets with the multicast MAC address are dropped. There is no workaround.
•CSCdv37998
A Cisco 7500 series router that is running Cisco IOS Release 12.0(16)S1 with a channelized T3 (CT3) single wide port adapter on a Versatile Interface Processor (VIP) may experience flapping of the interfaces that are created on the CT3 controller.
Workaround: Reload the VIP.
•CSCdv42325
On a Cisco 12000 series Internet router, switching from load balancing to a fast adjacency or from a fast adjacency to load balancing may result in traffic loss. There is no workaround.
•CSCdv43694
On a Cisco 7500 series router, Distributed Multilink PPP (DMLPPP) and Versatile Interface Processor (VIP) local switching may not work properly on a 2-port channelized T3 port adapter. There is no workaround.
•CSCdv47664
The online insertion and removal (OIR) of a Versatile Interface Processor (VIP) in a Cisco 7500 series router may cause Cisco Express Forwarding (CEF) to become disabled on VIP cards in other slots.
Workaround: Enter the microcode reload global configuration command after a failed OIR.
•CSCdv48810
On a Cisco 12000 series Internet routers that is running Cisco IOS Release 12.0(19)S, the Unicast Reverse Path Forwarding (uRPF) feature on Packet-over-SONET (POS)-based Engine 2 line cards yields low performance rates. This occurs for both basic uRPF and extended uRPF. There is no workaround.
•CSCdv51463
A Cisco router may experience problems with the Address Resolution Protocol (ARP) when Cisco Express Forwarding (CEF) is enabled.
Workaround: Disable CEF.
•CSCdv52657
On a Cisco router with an interface or subinterface that is configured with "new style" switched virtual circuits (SVCs) that serve as network service-access points (NSAPs), when you select a SVC for deletion, only the last-configured SVC may get deleted instead of the SVC that was selected for deletion. There is no workaround.
•CSCdv53563
On a Cisco 12000 series Engine 4 or Engine 4 plus line card, an IP multicast (S or G) flow may be duplicated, which causes all downstream routers to receive duplicate packets. There is no workaround.
•CSCdv53894
A Cisco 12000 series Internet router may fail to correctly forward IP multicast packets out of an interface. When this condition occurs, the router generates the following error message:
%GRP-3-ENCAP: Failure to allocate encap table entry, exceeded max number of entries
On the outgoing line card, the "exec slot N show controller rewrite" message (in which "N" represents the line card) displays empty (0) adjacency information for the affected multicast routes:
(209.165.200.224, 255.255.255.224) In: POS3/0
SRP0/0 0x00000000 (0):
There is no workaround.
•CSCdv59181
On a Cisco 12000 series 1-port Gigabit Ethernet line card with a SALSA ASIC, an access control list (ACL) on a VLAN does not work. There is no workaround.
•CSCdv61178
On a Cisco 7500 series router that is running Cisco IOS Release 12.0(19)S, a VIP4-80 with an OC-12 ATM multimode port adaptor reloads when an ATM subinterface is configured with ATM adaptation layer 5 (AAL5) Subnetwork Access Protocol (SNAP) bridge encapsulation and the following input and output rate limits:
rate-limit i 10k 5k 5k co tr ex dr
rate-limit o 10k 5k 5k co tr ex drThere is no workaround.
•CSCdv63849
On a Cisco 12000 series Internet router that is functioning in a Multiprotocol Border Gateway Protocol (MBGP) and Multiprotocol Label Switching (MPLS) environment, a Gigabit Ethernet (GE) line card that is configured with an async interface and the ip multicast-routing distributed and ip mroute-cache distributed commands does not transmit multicast traffic from slot 0.
Workaround: Issue the shutdown command followed by the no shutdown command.
First alternative workaround: Remove the configuration of the async interface.
Second alternative workaround: Issue the no ip mroute-cache command on the GE line card.
•CSCdv74675
If a Border Gateway Protocol (BGP) peer-group is configured for unicast and multicast routes, multicast-routing information may be advertised to a peer-group member that did not negotiate to receive IPv4 multicast routes, causing this member to send a notification that a required attribute is missing.
Workaround: Upgrade the peer-group member that is sending the notification that a required attribute is missing to the same software as the router that is sending the multicast-routing information.
First alternative workaround: Configure the router that is sending the notification that a required attribute is missing to negotiate for IPv4 multicast routes.
Second alternative workaround: Configure the router that is sending the multicast-routing information in such a way that the peer-group members that are accepting only unicast routes are in one peer-group and the peer-group members that are accepting both unicast and multicast routes are in another peer-group.
•CSCdv81042
A Cisco 12000 series Internet router may generate shutdown messages for its power supplies, but the power supplies work fine and the LEDs do not indicate any problems. There is no workaround.
•CSCdv81133
On a Cisco 12000 series Internet router, when you connect and disconnect the Rx cable between Engine 4 Packet-over-SONET line cards and a Cisco ONS platform, continuous ping failures may occur, although the line cards are in an up/up state.
Workaround: Issue the hw-module slot x reload command on the line cards.
•CSCdv88646
A Cisco 12000 series Internet router that is configured with an Engine 4 plus card may generate tracebacks, causing Cisco Express Forwarding (CEF) to be disabled. There is no workaround.
•CSCdw04221
When you perform a test loop on a Very Short Reach (VSR) OC-192 line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(19)S, the line card may reload with an error message that indicates that the program counter is corrupt. There is no workaround.
•CSCuk26683
If IP is disabled (by entering the no ip address interface configuration command) on an interface while Cisco Express Forwarding (CEF) is globally disabled and then CEF is enabled, the interface may show inconsistencies when the show cef interface EXEC command is entered. In the case of distributed platforms, this sequence could result in inconsistencies between the line card and the Route Processor in which the network prefixes and the host prefix show up in the CEF table when IP is disabled on the interface.
The sequence to reproduce this situation is as follows:
ip cef distributed
!
interface lo 2
ip address 1.0.0.1 255.255.255.0
!
no ip cef
interface lo 2
no ip address
shut
!
ip cef distributedWorkaround: Enable IP on the interface while CEF is enabled, and then disable the interface.
•CSCuk27873
A Cisco router may reload if a line card runs out of memory and causes distributed Cisco Express Forwarding (dCEF) to disable itself while dCEF is in the process of forwarding a traffic load. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(19)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(19)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdt06162
On a Cisco 12000 series Internet router, the 1-minute input rate statistics in the output of the show interfaces privileged EXEC command may not accurately reflect the traffic load on the interface. There is no workaround.
Interfaces and Bridging
•CSCdp88674
ATM subinterfaces might appear as INACTIVE when you use the show atm vc privileged EXEC command. This symptom occurs when you add new subinterfaces to the router. Using the shut and the no shut commands on the subinterface does not correct the problem.
Workaround: Use the shut command followed by the no shut command on the main interface to bring the state to ACTIVE.
•CSCdu66138
ATM half bridging is not supported on the ATM OC-12 port adapter. There is no workaround.
•CSCdu88600
Bridged-style permanent virtual circuits (BPVCs) half-bridging commands are not implemented with the new group of ATM commands. There is no workaround.
IP Routing Protocols
•CSCdt92114
Cisco Express Forwarding (CEF) may behave inconsistently with routing protocols that use holddown to protect against suboptimal routing. A route in holddown should be used to forward traffic until routing protocol timer expiration and/or convergence. CEF, however, removes the forwarding information from the Forwarding Information Base (FIB) immediately upon the route entering holddown. Process and fast switching will continue to forward traffic as expected. There is no workaround.
•CSCdu01537
Under certain circumstances in a redundant topology, traffic loss can occur for up to 60-seconds after the designated router (DR) has rebooted. There is no workaround.
•CSCdu26591
When Border Gateway Protocol (BGP) routing is repeatedly enabled and disabled by entering the router bgp as-number and no router bgp as-number commands, the system may lose memory. This situation may result in memory corruption, and in some cases, the system may reload.
Workaround: Do not toggle BGP routing dynamically. Once BGP routing is disabled, save the configuration and reload the system.
•CSCdu32820
A router with a configuration containing IP static routes with an administrative distance of 115 may reload when the Intermediate System-to-Intermediate System (IS-IS) Protocol Partial SPF is run. This problem occurs regardless of whether the static route is redistributed into IS-IS. This behavior has been observed on Cisco 2500 series and 3600 series routers that are running Cisco IOS Release 12.0(10)S, 12.0(7)T, 12.1(5), or 12.1(8). An error message similar to the following may be observed in the log as a result of the crash:
%CLNS-1-LINKERR: ISIS: LSP prev doesn.t point at head in 0x1C524E, lsp_next 0x0, lsp_prev 0x0, index 0, ver 0, head 0x155AAC -Traceback= 37C5006 37C52E4 37C55FC 37A1A00 37A1C5A 37A2750 37C2428 37C2FF2 37B7B6A 37B82C8
An IP static route with an administrative distance of 114 or 116 does not cause a reload.
Workaround: Use an administrative distance other than that of 115 since 115 conflicts with IS-IS.
•CSCdu41549
A Cisco router that is using the CSCds88981 patch may reload with the following stack trace:
ip_midb_compare_idb(0x606299e8)+0x20 avl_search(0x60907100)+0x40 wavl_search(0x60907d68)+0x94 ip_get_midb_tree(0x6062cd78)+0x68 ip_get_midb(0x6062ce0c)+0x10 ip_delete_mroute_idb(0x6062b124)+0x58 ip_rpf_check_mroute(0x60631560)+0x3a8 ip_age_one_mroute(0x6062f828)+0x3b8 ...
Workaround: Remove the ip multicast boundary access-list-number interface configuration command from the interfaces to prevent the router from reloading.
•CSCdv04214
A Cisco router may reload when it is attempting to generate an Open Shortest Path First (OSPF) summary or external Link-State Advertisements (LSAs) in low memory conditions. There is no workaround.
ISO CLNS
•CSCdu79294
A Cisco 7500 router may reload when Intermediate System-to-Intermediate System (ISIS) is configured after software alignment correction is disabled using the no service align detect command.
Workaround: Do not disable software alignment correction when configuring ISIS.
Miscellaneous
•CSCds08358
An Enhanced Gigabit Ethernet Interface Processor (GEIP+) will sometimes return a wrong cardtype on Simple Network Management Protocol (SNMP). The GEIP+ should return a value of 199, but in this situation, the GEIP+ returns the value of 427, which is the card type for a Gigabit Ethernet port adapter (PA-GE). There is no workaround.
•CSCds27962
IP precedence is not set on multicast packets using input Committed Access Rate (CAR) with an access list. This situation does not exist if Cisco Express Forwarding (CEF) is turned off on an interface that is configured with the rate-limit interface configuration command. Unicast packets work correctly with CEF and precedence set. There is no workaround.
•CSCds30714
A Cisco AS5800 series universal access server that is running Cisco IOS Release 12.1(2a)XH1 or 12.1(3a)T1, and that is operating under a heavy load may experience a system reload because the system temporarily runs out of memory for the interprocess communication (IPC) header cache. There is no workaround.
•CSCds61495
A Versatile Interface Processor (VIP) may produce spurious access messages under heavy loads.
Workaround: Use the Cisco IOS release that contains the fix for this caveat.
•CSCds78612
On Cisco 12000 series Engine 2 and Engine 4 line cards, a CPUHOG message similar to the following may be displayed during the Forwarding Information Base (FIB) update:
%SYS-3-CPUHOG: Task ran for 11012 msec (334/0),process = CEF IPC Background, PC = 400AE140.
In a large prefix configuration with no static default route, if a routing protocol adds or changes a default route, this CPUHOG may extend beyond a timeout on the line cards, and may cause a reload with the following message:
%GRP-3-COREDUMP: Core dump incident on slot 1, error: Fabric ping failure (seq:167767)
Workaround: Configure a placeholder default route static route, such as "ip route 0.0.0.0 0.0.0.0 null0".
•CSCds78877
A Cisco 12016 series Internet router with two clock switched cards (CSCs) may display the following error messaged during a cold boot (the second CSC is installed for redundancy):
MBUS-3-BADCLK: Slot 0 does not see fabric clock from CSC_0 Card will not operate on fabric using this clock
Possible workarounds: Perform one of the following actions:
–After the error message is displayed, reload the Cisco 12016 series Internet router with a warm boot, and verify that the redundant CSC has been accepted by the system with the show controllers clock EXEC command.
–Reseat the CSC that is specified by the error message.
•CSCds85383
For Cisco 12000 series Internet routers that have 6-port channelized T3 (CT3) line cards and that are running Cisco IOS Release 12.0(14)S to 12.0(17)S, the state of T3s or T1s may be reported incorrectly, and CT3 interfaces may remain down even though the corresponding T1s are up but reported as down. The output of the show ipc status EXEC commands on the router processor indicate that some interprocess communication (IPC) messages have timed out.
Workaround: Reset the line card.
•CSCdt38708
A 1500-byte IP packet with three Multiprotocol Label Switching (MPLS) labels cannot be received on a Fast Ethernet or Gigabit Ethernet interface because the packet will be counted as a giant and dropped. There is no workaround.
•CSCdt72044
On a Cisco router that has Generic Routing Encapsulation (GRE) or IPinIP tunnels configured, an input access list on a physical interface will fail to deny GRE or IPinIP encapsulated packets.
Workaround: Configure a key on the GRE tunnel interfaces. Traffic going in and out of the tunnel interfaces will then be process switched. There is no workaround for IPinIP tunnel interfaces.
•CSCdt78402
A line card may reload when an additional static route is added to support load balancing and to change the tag forwarding table. This condition occurs when load-balanced external Border Gateway Protocol (eBGP) is enabled along with tag switching on all interfaces. There is no workaround.
•CSCdt85206
A Cisco 7200 Internet router that is running Cisco IOS Release 12.1 with a multichannel DS1/PRI port adapter (PA-MC-4T1) may experience calls that pause indefinitely. The calls that are dropped will not get reestablished. There is no workaround.
•CSCdt85356
A Versatile Interface Processor (VIP) may reload with distributed Cisco express forwarding (dCEF) and Multiprotocol Label Switching (MPLS) configured on a tunnel interface after the following sequence of commands:
no interface tunnel x
interface tunnel x
microcode type sys slot
There is no workaround.
•CSCdt97325
Cisco routers that are running Cisco IOS Release 12.1, 12.2, or 12.0S with an Advanced Technology Attachment (ATA) sandisk card (of any capacity) may pause indefinitely or be slow to respond to command-line interface (CLI) command input when the SNMP FlashMIB is queried. The FlashMIB queries may also timeout. This problem occurs when the inode numbers of the files in the ATA sandisk are not sequential and when there is a large difference in the inode numbers.
The following is an example of a directory list with inode numbers that are likely to cause an SNMP timeout when the Flash MIB is queried:
gt3-7200-3#dir disk1: Directory of disk1:/
3 -rw- 1690 shankar
4 -rw- 1690 sara
5 -rw- 1690 sara1
6 -rw- 1690 sara12
7 -rw- 1690 sara123
8 -rw- 1690 sara1234
10 -rw- 1690 sara12345
11 -rw- 1690 sara123456
12 -rw- 1690 7
9 drw- 0 directory-one
15 -rw- 8623108 c7200-is-mz.121-7.4
14 -rw- 3578452 c7200-boot-mz.del96042
2994 -rw- 4307448 c7200-boot-mz.flo96042
4046 -rw- 3578544 c7200-boot-mz.del96042first
Workaround: Exclude the ciscoFlashFileEntry MIB from FlashMIB queries.
•CSCdu03684
A Cisco 12000 series Internet router that is running Cisco IOS 12.0(16.6)S may experience 100 percent route processor utilization when Multiprotocol Label Switching (MPLS) fragmentation is configured.
Workaround: Do not change the size of the default maximum transmission unit (MTU) on the interfaces when running MPLS.
•CSCdu10213
A Label Edge Router (LER) that is running the c7200-p-mz.122-0.18 or the rsp-pv-mz.122-0.18 image of Cisco IOS Release 12.0(18) may experience tagged virtual circuits (TVCs) that are held in the "bindwait" state if router flapping occurs on the paths from the LER to some destinations that have TVCs configured. This problem occurs even when alternate paths exist.
Workaround: Enter the shut command followed by the no shut command on the interfaces on the LER.
•CSCdu13460
A Cisco 12000 series Internet router with an OC-192 Engine 4 line card may run out of memory when the router receives more than 200,000 Border Gateway Protocol (BGP) and 4,000 Intermediate System-to-Intermediate System (IS-IS) routes simultaneously.There is no workaround.
•CSCdu13849
Multicast fragmentation may not work on egress interfaces on an Engine 4 line card. There is no workaround.
•CSCdu15053
The tailend of a tagged virtual circuit (TVC) may remain active while the headend of a TVC becomes missing. This problem is triggered when TVCs are reestablished when better routes become available due to change of topology. The new TVCs are set up normally, but the old TVCs are not cleaned up properly. There is no workaround.
•CSCdu16973
When cell-mode Multiprotocol Label Switching (MPLS) is used in a network of Cisco Catalyst 8500 switches with redundant paths, the conversion for MPLS after a routing change may take up to 4.5 minutes. Open Shortest Path First (OSPF) converges normally. There is no workaround.
•CSCdu20643
Layer 2 Tunneling Protocol (L2TP) and Generic Routing Encapsulation (GRE) tunnels fail to operate correctly on a Cisco 7500 series router that is running centralized Cisco Express Forwarding (CEF). L2TP tunnels fail completely, whereas packets switched through a GRE tunnel will be fast or process switched.
Workaround: Enable distributed CEF switching.
•CSCdu26552
An ATM line card on a Cisco 12000 series Internet router may not send a Simple Network Management Protocol (SNMP) trap after a reload, software forced reload, or online insertion and removal (OIR). The router does not send the ATM link-down trap to the SNMP server. If a trap is received, the following trap may be displayed by the SNMP server:
(E) Trap contains no readable strings
Some versions of SNMP software will not display this error message. There is no workaround.
•CSCdu26757
A single-port Gigabit Ethernet line card may fail with Unicast timeouts. This situation occurs only if bad IP packets are received by the last hop of a Multiprotocol Label Switching (MPLS)-enabled network (for example, when the last tag is popped and the packet is sent out as an IP packet). There is no workaround.
•CSCdu29450
A Cisco 12410 series Internet router or a Cisco 12406 series Internet router may not report a five volt power supply alarm. There is no workaround.
•CSCdu32133
Distributed MPLS (VIP MPLS) does not work on Channelized STM1 port adapter. There is no workaround.
•CSCdu33529
When a router interface is administratively shut down the switch or other connecting device will still show the router as connected when it is not. This problem exists only on certain port adapters (PA-2FE-TX, PA-2FE-FX, and PA-4E).
Workaround: Physically disconnect and reconnect the cable between the devices to force both sides of the link down.
•CSCdu34327
When IP precedence is rate limited individually by different rules on an Engine 4 line card (OC-192 or Quad OC-48), all Class of Service (CoS) features (such as Output Rate Shaping (ORS), Weighted Random Early Detection (WRED), or Modified Deficit Round Robin (MDRR)) that are configured on any line card in the same router should function normally.
If iCAR is configured on an Engine 4 line card so that there are at least two individual IP precedences that are rate limited by the same rule, all CoS features (such as ORS, WRED, or MDRR) that are configured on any line card in the same router will behave as if they are rate limited by the same rule and go to the same queue.
When port aggregate iCAR is configured on an Engine 4 line card, all CoS features (such as ORS, WRED, or MDRR) that are configured on any line card in the same router will stop functioning for traffic that is sent from the Engine 4 line card. This configuration is regarded as a special case in that all IP precedences (0-7) are rate limited by a single rule. There is no workaround.
•CSCdu36136
A Spatial Reuse Protocol (SRP) port adapter may not recover from a data parity error on a peripheral component interconnect (PCI) bus and may remain in an unstable state until an online insertion and removal (OIR) is performed on the SRP port adapter or after the router is reloaded.
Workaround: Perform an OIR on the SRP port adapter or reload the router.
•CSCdu37307
When new access list entries are added to a simple access control list (ACL) that has been previously deleted using the no access-list access-list-number global configuration command, the ACL may fail to become active.
Workaround: Remove the binding of the ACL from the interface and rebind the ACL using the no ip access-group 1 interface configuration command followed by the ip access-group 1 interface configuration command.
•CSCdu38369
When Transmit (Tx) Side Weighted Random Early Detection (WRED) and ORS are enabled simultaneously on a port, neither will take effect properly.
Workaround: Avoid using Tx WRED and ORS together.
•CSCdu40761
Spurious access is observed on a Cisco 7500 series router when a serial link is added to a multilink bundle while distributed Multilink PPP (dMLP) is running. There is no workaround.
•CSCdu41117
A Cisco 12000 series Internet router with an Engine 4 line card may stop forwarding traffic and reload under certain circumstances. There is no workaround.
•CSCdu42275
Applying a large access-list (approximately 3,000 lines) to a Cisco 3-Port Gigabit Ethernet line card may cause the router to reload. There is no workaround.
•CSCdu44102
When both input access control lists (ACLs) and output ACLs are enabled, Sampled NetFlow stops functioning properly. There is no workaround.
•CSCdu44294
When operation, administration, and maintenance (OAM) functionality is used on ATM permanent virtual connections, spurious memory access may result. There is no workaround.
•CSCdu47419
When a file with a size between number and number-1 clusters is copied to an ATA disk that has a free space of number clusters, a truncated file may bee created with a "Bad DFS cluster data passed" message. Each cluster is 4k in size. There is no workaround.
•CSCdu47902
Inserting a large number of Border Gateway Protocol (BGP) routes may cause memory to become fragmented and result in distributed Cisco Express Forwarding (dCEF) becoming disabled because of a low memory condition. There is no workaround.
•CSCdu48652
Voice calls may pause indefinitely when Flash MIBs for a vendor-specific Flash device located in slot 0 or slot 1 of a Cisco 7200 series router are queried. Depending on the protocols that are running, the calls may hang indefinitely or clear after a short period of time.
Workaround: Avoid querying the Flash device or remove the cards located in slot 0 or slot 1.
•CSCdu48791
On a Cisco 12000 series Internet router that is running Cisco IOS version 12.0(17.6)S and performing IP packet fragmentation, every attempt to configure an MPLS TE tunnel causes egress line card crash if the egress line card is an E4 card (4xOC48, OC192).
The following error messages are generated:
%FIB-3-FIBDISABLE: Fatal error, slot 8: IPC failure
%GRP-3-COREDUMP: Core dump incident on slot 8, error: Fabric ping failure (seq:122)
%LCINFO-3-CRASH: Line card in slot 8 crashed
%MBUS-6-FAILEDPEER: Failed peer RP in slot 8 reason peer: oth GRP req core
%LINK-5-CHANGED: Interface POS8/2, changed state to administratively downThere is no workaround.
•CSCdu48907
On 3-Port Gigabit Ethernet line cards, the Gigabit Ethernet port may store the MAC address entry for the hosts even though source MAC accounting is disabled. The port should only store the following MAC addresses when source MAC accounting:
–the interface address of the port
–the broadcast address
–Hot Standby Router Protocol (HSRP) addresses
There is no workaround.
•CSCdu48926
Cisco Express Forwarding (CEF) becomes disabled on a Generic Routing Encapsulation (GRE) tunnel interface when a key is configured with the tunnel key key-number interface configuration command. The tunnel interface switches to the next available switching mechanism, which is process switching (fast switching has no support for GRE tunnel options).
Workaround: To reenable CEF or fast switching on the tunnel interface, remove the tunnel key. This workaround cannot be used if a tunnel key is required with CEF switching on the GRE tunnel.
•CSCdu49594
If a Cisco router has the same IP address configured on two interfaces where one of the interfaces is in shutdown state and is configured to run a Tag Distribution Protocol (TDP)/Label Distribution Protocol (LDP) session, then the router's peer may have Tag Forwarding Information Base (TFIB) entries that are untagged.
Workaround: Remove the duplicate IP address from the shutdown interface.
•CSCdu50386
If a single-port OC-48 line card is configured as the tunnel server card while installed in slot 0 of a Cisco 12000 series Internet router, the output of the showing running-configuration command does not show the "hw-module slot0 mode server" line. In this situation, if the router is reloaded, the line card is not configured to act as the tunnel server and all Universal Transport Interface (UTI) tunnels that are present on the router fail.
Workaround: Manually configure the line card to act as the sever by entering the hw-module slot0 mode server command.
•CSCdu50884
A Cisco 7200, 7500/RSP or 12000 series router may reload when the dir slot0: EXEC command is entered with too many characters between "slot" and ":". The proper command syntax should be used. There is no workaround.
•CSCdu52687
A Cisco router may reload when a subinterface is being configured with the mpls label protocol ldp command when the interface is tag-switching enabled and running with the mpls label protocol tdp command enabled. This condition occurs when the tag-switching ip command is enabled on the router with the default mpls label protocol tdp command enabled on the interfaces.
Workaround: Configure the no tag-switching ip command globally on the router before changing the tag switching protocol between Label Distribution Protocol (LDP) and Tag Distribution Protocol (TDP) in either direction.
•CSCdu53060
The ATM permanent virtual circuit (PVC) inverse Address Resolution Protocol (ARP) may not function as expected. Inverse ARP requests are not replied to when the interface is a point-to-point connection.
Workaround: Use a point-to-multipoint connection if ATM inverse ARP is used, or use the protocol statement under the PVC configuration mode.
•CSCdu53584
The switching path changes from distributed Cisco Express Forwarding (dCEF) to Cisco Express Forwarding (CEF) after 40 online insertion and removal (OIR) events. This condition affects quality of services (QoS) functionality and the performance of the router, which requires a dCEF path. There is no workaround.
•CSCdu54878
On Engine 2 line cards on a Cisco 12000 series Internet router, the correct feature microcode may not be loaded when two PSA access control lists (ACLs) are configured and then removed.
Workaround: Perform a microcode reload on the line card.
•CSCdu56205
A Cisco 12000 series Internet router that is running Multiprotocol Label Switching (MPLS) with Engine 2 line cards may experience some packets not getting passed through the router. This condition occurs if the following are all true:
–An Engine 2 line card is the Ingress card.
–The packets are coming into the Engine 2 line card untagged and having a Label pushed onto them.
–Some event has occurred which caused the Cisco Express Forwarding (CEF) table to change the label of the route.
–The route is "double recursive." See the following example:
show ip route x.x.x.x <---- Learned via BGP, has next hop of y.y.y.y
show ip route y.y.y.y <---- Learned via BGP, has next hop of z.z.z.z
show ip route z.z.z.z <---- Learned via IGP (ISIS, OSPF, EIGRP, etc.).
You will experience the problem only with the x.x.x.x route.
Workaround: Change the Border Gateway Protocol (BGP) next-hop of the x.x.x.x route with the neighbor a.a.a.a. next-hop-self router configuration command on the router learning the external BGP (eBGP) routes. This command would be used on all your iBGP neighbors.
•CSCdu57137
If the write erase command is issued on a Cisco 7200 series router, the configuration register may get set to 0x0, which will cause the router to wait at ROMmon at the next boot.
Workaround: Change the configuration register to the desired setting (usually 0x2102) to avoid this situation by performing one of the following actions.
–If you are at the ROMmon, enter the confreg 0x2102 command.
–If you are still in Cisco IOS software, enter the config-register 0x2102 global configuration command.
•CSCdu58607
On a Cisco 7500 series router that is running Cisco IOS Release 12.0(13)S2 with no service single-slot-reload-enable configured and distributed Cisco Express Forwarding (dCEF) enabled, the online insertion and removal (OIR) of a Versatile Interface Processor (VIP) can cause the Multilink interfaces in other slots to go down, and the following error appears on the console:
%OIR-6-REMCARD: Card removed from slot 4, interfaces disabled
%RSP-3-NOIDB: bad vc 3 on E1 9/1/0
%RSP-3-NOIDB: bad vc 3 on E1 9/1/1
%RSP-3-NOIDB: bad vc 3 on E1 9/1/2
%RSP-3-NOIDB: bad vc 3 on E1 9/1/3After the message, the Multilink interface will go down together with the physical interfaces it is using, and the following messages are displayed:
%LINK-3-UPDOWN: Interface Multilink4, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial9/1/0:0, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial9/1/1:0, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial9/1/2:0, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial9/1/3:0, changed state to downAfter these messages, the router usually recovers, and all interfaces go up again. This situation does not occur when CEF is running instead of dCEF.
Workaround: Disable the keepalives on the member interfaces of the Multilink interface.
•CSCdu58992
When large or jumbo frames are received on an Ethernet, Fast Ethernet or Gigabit Ethernet interface that uses the i82543 Medium Access Controller, the MAC will continue to write descriptors back past the end of the descriptor ring, which causes memory corruption. There is no workaround.
•CSCdu60153
A Cisco 12000 series Internet router with a large access control list (approximately 10,000 lines) applied to an OC-48 Packet-over-SONET (POS) line card may reload if the access control list is removed from the configuration by the no access-list access-list-number global configuration command. There is no workaround.
•CSCdu64069
IP coloring (IP marking) may fail to mark a packet if IP coloring is configured on an interface with an input Access Control List (ACL), or if any interface on a Cisco 12000 Internet Router has an output that has an output ACL. ACL will still function as normal. This condition only occurs if IP coloring is configured on an E2 line card. There is no workaround.
•CSCdu64444
Inter-Switch Link (ISL) packets may not be recognized by Cisco Express Forwarding (CEF) switching. This situation occurs on PA-2FE-TX, PA-2FE-FX, C7200-I/O-2FE/E, C7200-I/O-GE+E, and Cisco 7410 native Gigabit Ethernet ports. In this situation, all ISL packets are process-switched, and Committed Access Rate (CAR) does not function properly.
Workaround: Use port adapters other than the ones mentioned in this caveat.
•CSCdu65048
After debug sanity is enabled on Cisco routers that support particles, the router may experience a memory leak and reload. The amount of time that it takes for the memory leak to surface and the reload to occur varies. There is no workaround.
•CSCdu65115
A Cisco router that is running Cisco IOS Release 12.0(17)S may experience 100-percent CPU utilization on the Route Processor (RP) that is caused by E4-to-E4 Multiprotocol Label Switching (MPLS) fragmentation. Several "%IPC-3-NOBUFF" messages are observed. There is no workaround.
•CSCdu67202
A Cisco 12000 Internet router that is running Cisco IOS Release 12.0(18)S may reload when an IP routing policy is configured on any interface.
Workaround: Avoid configuring policy routing on any interface.
•CSCdu67408
An Engine 4 line card on a Cisco 12000 Internet router that is running Cisco IOS Release 12.0(15)S may stop working and experience a route processor (RP)-forced reload if one of the interfaces is configured to run IP multicast and if the no ip mroute-cache distributed command is configured.
Workaround: Configure the ip multicast-routing distributed global configuration command on Engine 4 line cards that are running multicast.
•CSCdu68954
If no cos gsr tx is configured on a Cisco 12000 series Internet router, ingress Engine 4 line cards may forward traffic out the incorrect interface. There is no workaround.
•CSCdu69292
A Gigabit Ethernet port adapter (PA-GE) on a Cisco 7206VXR that is running Cisco IOS Release 12.0(17)ST may stop forwarding traffic after logging the receipt of giant frames or packets. In this situation, the interface locks up and continues to increment the overrun counter that is displayed when the show interface EXEC command is entered.
Workaround: Enter the shut command followed by the no shut command on the interface.
•CSCdu70232
When the fiber is removed from the interface on a Cisco 7500 series router with an Enhanced Gigabit Ethernet Interface Processor (GEIP+), the interface stays in an up/up state even through the output of the show controllers command on the Versatile Interface Processor (VIP) shows an up/down state. There is no workaround.
•CSCdu74951
A Cisco 7500 with a RSP4 Route Switch Processor may reload with a bus error if you attempt to enter the no service-policy output name subinterface ATM configuration command via Telnet.
Workaround: Enter the command from the console port.
•CSCdu75397
An Engine 4 line card in Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(18.3)S may display error messages similar to the following and forward duplicate multicast packets out of the same interface:
SLOT 0:
%TX192-3-MGID: no hw_mdb in mcast table hw_mdb=1 26, port=3 -Traceback= 40323F0C 4032411C 40687FC4 40687E28 40688214 40681D64 40684274 40684360 40683AC8 400A1D4C 400A1D38
There is no workaround.
•CSCdu79417
Some "!!!" characters are displayed when a running configuration is saved. There is no workaround.
•CSCdu84031
A Cisco 7500 series router that is hosting an ATM PA-A1 port adapter in any Versatile Interface Processor (VIP) may start losing Rx-side buffers when high traffic is moving through the router. The high traffic also causes an increasing "rx-freeze" counter in the show controllers atm privileged EXEC command log. There is no workaround.
•CSCdu86320
A Cisco 7200 series router may experience a flapping line protocol on a full-duplex Fast Ethernet interface when Hot-Standby Router Protocol (HSRP) is configured with a nondefault configuration and the Ethernet cable is removed.
Workaround: Enter the keepalive 3 interface configuration command on the affected interface, use the burnt-in address, or ensure that the hello and hold times are at least 3 and 10 seconds respectively.
•CSCdu87539
When some permanent virtual circuits (PVCs) are created on ATM interfaces with Operation, Administration, and Maintenance (OAM) enabled, the PVC does not move to the down state when OAM loopback fails.
Workaround: Use newer PVC commands.
•CSCdv02546
Unicast traffic with a Multicast address in the source should be dropped by E2 cards. There is no workaround.
•CSCuk25747
A small memory leak (144-288 bytes) may occur each time a Hot Standby Routing Protocol (HSRP) group becomes active.
Workaround: Configure the standby use-bia interface configuration command.
Wide-Area Networking
•CSCdt90224
A Cisco 7500 series router with a second-generation Versatile Interface Processor (VIP2) may experience a condition where Cisco Express Forwarding (CEF) is disabled on cards residing in neighboring slots if an online insertion and removal (OIR) is performed on the VIP. There is no workaround.
•CSCdu45569
After a Cisco 7513 router has been upgraded from Cisco IOS Release 11.1(30)CC to Cisco IOS Release 12.0(16)S1, dialup may stop functioning. This situation has been observed with two Cisco 7513 routers where dialup is accomplished through the pri-group controller configuration command on a PA-MC-E3 port adapter. In this situation, there were no changes to the configuration, and all dial-in and dial-out attempts fail with error messages at the call setup. This situation has not been observed on other software/hardware combinations. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(18)S7
Cisco IOS Release 12.0(18)S7 is a rebuild of Cisco IOS Release 12.0(18)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(18)S7. This section describes only severity 1 and 2 caveats.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Resolved Caveats—Cisco IOS Release 12.0(18)S6
Cisco IOS Release 12.0(18)S6 is a rebuild of Cisco IOS Release 12.0(18)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(18)S6. This section describes only severity 1 and 2 caveats.
•CSCds30121
A Cisco 12000 series Internet router with approximately 100 switched virtual circuits (SVCs) may stop sending data randomly across any SVC. This situation is accompanied by "encapsulation error2" failure messages.
Workaround: Remove the SVC from the map group, and add it back again.
•CSCdw06558
A Cisco 12000 series Internet router with about 500 or more tunnels configured may reload if you enter the no mpls traffic-eng tunnels command. There is no workaround.
•CSCdw09409
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(17)S, Release 12.0(18)S, Release 12.0(19)S, or a rebuilt release that is based on one of these three releases, and that is configured with one or more 3-port Gigabit Ethernet line cards may show the following two symptoms:
–The router may become totally inoperable and no longer forward traffic or respond to console commands. Restoring the affected router to normal operation requires either a manual power cycling or a break- in and soft reset using the console break sequence.
– The router may reload because of a software-forced reload. This occurs because the router goes into an infinite look, and the watchdog timer starts and reloads the router.
This situation is caused by a very rare event in the Address Resolution Protocol (ARP) code that may cause data structure corruption, which results in system instability. Because of the rare nature of this event, the affected router may experience intermittent hangs at intervals of hours up to several months. There is no workaround. (Upgrade a susceptible router to a Cisco IOS software release in which this caveat has been resolved.)
Note This caveat does not apply to a router that is configured with one or more single-port Gigabit Ethernet line cards.
•CSCdw63039
During low memory conditions, it is possible for the peer-group leader to not receive all routes. There is not a workaround to prevent this problem but if this problem occurs, the clear ip bgp x.x.x.x soft out command can be used to force BGP to resend updates to x.x.x.x.
•CSCdw63152
The following error messages may occur with Engine 2 OC-48 line cards after Multiprotocol Label Switching (MPLS) is enabled:
%ALIGN-3-SPURIOUS: Spurious memory access made at 0x402B25A0 reading 0x10
%ALIGN-3-TRACE: -Traceback= 402B25A0 402B27E0 402B2AE0 402B3BBC 4063490C 40634FA0 4063B364 4060A854
There is no workaround.
•CSCdw63200
If you reload a 4-port OC-3 line card on a Cisco 12000 series Internet router, a burst of cyclic redundancy check (CRC) errors may be received at the other end of the OC-3 link. If the remote router is software based (such as a Cisco 7200 series router), this burst of CRC errors may cause high CPU utilization.
Workaround: Shut down the interface at the remote router before you reload the 4-port OC-3 line card.
•CSCdw77076
IP packets that are received on an Engine 2 line card and destinated to an interface that is configured for tag switching or Multiprotocol Label Switching (MPLS) will be punted to line card CPU for switching instead of being switched in hardware by the PSA, even if the outgoing packet is not tagged. This condition affects the performance of the incoming linecard to switch packets. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(18)S5
Cisco IOS Release 12.0(18)S5 is a rebuild of Cisco IOS Release 12.0(18)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(18)S5. This section describes only severity 1 and 2 caveats.
•CSCdv70295
If an Engine-4 line card is configured as the ingress point for a Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel, on reroute, the line card that is configured as the egress point may reload. There is no workaround.
•CSCdw47388
If you configure an output access control list (ACL) with 448 lines on a Cisco 12000 series Internet router, and the ingress line card for the traffic that needs to be filtered is an 8-port or 16-port OC-3 Packet-over-SONET (POS) line card, the output ACL will not filter traffic.
Workaround: Do not configure an ACL with more than 128 lines on any interface of a Cisco 12000 series Internet router that is configured with an 8-port or 16-port OC-3 POS line card.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(18)S3
Cisco IOS Release 12.0(18)S3 is a rebuild of Cisco IOS Release 12.0(18)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(18)S3. This section describes only severity 1 and 2 caveats.
•CSCds13054
A memory leak occurs when Simple Network Management Protocol (SNMP) requests are done on the doc3StatsEtherChipset object in the dot3StatsTable. This condition is platform independent.
Workaround: Do not perform SNMP get or getnext operations on the dot3StatsTable.
•CSCdt96253
Three different Cisco product lines are susceptible to multiple vulnerabilities in the Secure Shell (SSH) protocol. These issues are inherent to the SSH protocol version 1.5, which is implemented in several Cisco product lines.
By exploiting the weakness in the SSH protocol, it is possible to insert an arbitrary command into an established SSH session, collect information that may help in brute force key recovery, or brute force a session key.
The affected product lines are as follows:
–All devices, including routers and switches, running Cisco IOS software supporting SSH
–Catalyst 6000 switches running CatOS
–Cisco PIX Firewall
No other Cisco products are vulnerable.
It is possible to mitigate this vulnerability by preventing, or having a control over, interception of SSH traffic. see the advisory at the following URL:
http://www.cisco.com/warp/public/707/SSH-multiple-pub.html
•CSCdu29618
Under certain conditions on a Cisco 12000 series Internet router, Engine 4 line cards may update Cisco Express Forwarding (CEF) entries slower than Engine 2 line cards do. There is no workaround.
•CSCdu87946
On a Cisco 12000 series Internet router that has tag switching configured, an OC-192 line card may reload when the network mask is changed from /30 to /24. This condition has been observed in Cisco IOS Release 12.0(17)S, 12.0(18)S, and 12.0(19)S. There is no workaround.
•CSCdv33612
A Cisco 12000 series Internet router may exhibit any of the following symptoms:
–Packets that exit the router have a corrupted or invalid MAC header. A common example of this situation occurs when a single-hop Traffic Engineering (TE) tunnel is configured out of a given interface. In this case, IP packets that exit other interfaces on the same line card will have a Multiprotocol Label Switching (MPLS) process identification number (PID) field in the High-Level Data Link Control (HDLC)/PPP header.
–Traffic gets dropped in the incoming line card. This situation presents itself in the case of multicast traffic for which no matching (S,G) entry is found in the line card. In this situation, traffic gets sent to the Route Processor or dropped.
There might be other symptoms that have not been observed yet. The easiest way to determine the existence of this error condition is to enter the show gsr encapsulation command; if the output of the Output Info record is empty even though there are point-to-point interfaces in the system that are up and running, you have encountered this error condition.
Workaround: For the cases with invalid MAC headers due to of a single-hop TE tunnel that is present, bring down a physical interface that has no tunnels on it and that is on the same line card, wait a few seconds, and bring it back up. If the TE tunnel goes down and comes back up, the router will experience the same situation, and a physical interface that is not being used by the tunnel will need to be flapped again. For the cases where traffic is not sent out at all, there is no known workaround.
•CSCdv42325
On a Cisco 12000 series Internet router, switching from load balancing to a fast adjacency or from a fast adjacency to load balancing may result in traffic loss. There is no workaround.
•CSCdv46898
If Border Gateway Protocol (BGP) is configured to send IPv4 unicast and multicast routes to a peer group, there will be a 6-minute delay before any IPv4 unicast updates are sent. This situation does not occur with nonpeer groups and does not exist if only unicast or multicast routes are being sent. This situation occurs only when both unicast and multicast are sent to a peer group. There is no workaround.
•CSCuk26683
If IP is disabled (by entering the no ip address interface configuration command) on an interface while Cisco Express Forwarding (CEF) is globally disabled and then CEF is enabled, the interface may show inconsistencies when the show cef interface EXEC command is entered. In the case of distributed platforms, this sequence could result in inconsistencies between the line card and the Route Processor in which the network prefixes and the host prefix show up in the CEF table when IP is disabled on the interface. The sequence to reproduce this situation is as follows:
ip cef distributed
!
interface lo 2
ip address 1.0.0.1 255.255.255.0
!
no ip cef
interface lo 2
no ip address
shut
!
ip cef distributedWorkaround: Enable IP on the interface while CEF is enabled, and then disable the interface.
Resolved Caveats—Cisco IOS Release 12.0(18)S2
Cisco IOS Release 12.0(18)S2 is a rebuild of Cisco IOS Release 12.0(18)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(18)S2. This section describes only severity 1 and 2 caveats.
•CSCdu64069
IP coloring (IP marking) may fail to mark a packet if IP coloring is configured on an interface with an input Access Control List (ACL) or if any interface on a Cisco 12000 Internet router has an output that has an output ACL. ACLs will still function as normal. This condition occurs only if IP coloring is configured on an E2 line card. There is no workaround.
•CSCdu81007
The Cisco Express Forwarding (CEF) table is not updated properly when the IP address of an interface changes. The new IP address is added to the CEF table but the old one is not removed. If subinterfaces are used, the old ones remain in the CEF table even after the subinterfaces are removed.
Workaround: When you issue the shut command on the subinterface before changing the address, the IP address is correctly deleted from the CEF tables.
•CSCdv01853
A Cisco router that is running Cisco IOS Release 12.2(3.5) may experience a software-forced reload at ip_arp_refresh_adj after the no shutdown command is entered on a multipoint subinterface in LAN Emulation (LANE) testing. There is no workaround.
•CSCdv05120
A line card on a Cisco router that is running distributed Cisco Express Forwarding (dCEF) with Cisco IOS Release 12.0(19)S or later may be missing interfaces and interface-related configurations, such as access lists, after a boot or after enabling dCEF. There is no workaround.
•CSCdv47664
The online insertion and removal (OIR) of a Versatile Interface Processor (VIP) in a Cisco 7500 series router may cause Cisco Express Forwarding (CEF) to become disabled on VIP cards in other slots.
Workaround: Enter the microcode reload global configuration command after a failed OIR.
•CSCuk27669
Entering the show ip cef EXEC command may cause a Cisco router to reload if load-shared paths change while the command executes. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(18)S1
Cisco IOS Release 12.0(18)S1 is a rebuild of Cisco IOS Release 12.0(18)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(18)S1. This section describes only severity 1 and 2 caveats.
•CSCds20358
Under certain circumstances, numerous "ignore" messages might be displayed on a PA-A1 port adapter interface. The output of the show controllers cbus command and the show vip accu command are clean.
Workaround: Enter the shutdown command followed by the no shutdown command.
•CSCds41275
Upgrading a Cisco router to Cisco IOS Release 12.0(12.5)S may cause the "OSPF router" process to cause 99-percent CPU utilization and low memory problems.
Possible workaround: Remove and reconfigure Open Shortest Path First (OSPF).
•CSCdt33317
On a Cisco 7500/RSP series router, packets that are received on a Spatial Reuse Protocol (SRP) interface and switched on the Route Switch Processor (RSP) will fail to get Cisco Express Forwarding (CEF) or fast switched going into a tunnel interface and get dropped. This situation only occurs on the Cisco 7500/RSP routers with SRP interfaces.
Workaround: Disable CEF and fast switching on the tunnel interface.
•CSCdt63459
On a Cisco 7513 router that has a Route Switch Processor 4 (RSP4) that is configured with 128 MB DRAM and is carrying 11,000 routes, entering the clear cef linecard EXEC command may cause all available memory to be consumed.
Workaround: Enter the clear ip bgp {*} EXEC command before entering the clear ip cef EXEC command.
•CSCdt93586
The Open Shortest Path First (OSPF) database may not create the necessary entries to resubmit an OSPF interarea route.
Workaround: Clear the OSPF process.
•CSCdu05173
A Cisco 7500 series router may use invalid Cisco Express Forwarding (CEF) entries on Versatile Interface Processors (VIPs) to switch traffic when distributed Cisco Express Forwarding (dCEF) is disabled. The CEF entry on the Route Switch Processor (RSP) is valid while the entry on the VIP is invalid.
Workaround: Reboot the VIP and use the clear cef line slot command to clear the lines for each VIP until all the VIPs become visibly synchronized in the output when the show cef linecard command is entered.
•CSCdu15875
A Cisco 7500 series router, with a PA-MC-E1 or PA-MC-T1 port adapter with 128 channel-groups configured, may experience repeated Cbus-complex reloads when an online insertion and removal (OIR) operation is performed. There is no workaround.
•CSCdu16602
A Cisco router may reload when the show ip mroute group-address source-address EXEC command is entered.
Workaround: Avoid using the show ip mroute group-address source-address EXEC command when there are multicast routes that are rapidly changing.
•CSCdu27583
A 3-port Gigabit Ethernet line card may reload with a bus error exception. There is no workaround.
•CSCdu28251
When a Cisco router that is running Cisco IOS software based on Cisco IOS Release 12.0(15)S2 is upgraded to Cisco IOS Release 12.0(16.6)S3.0516, some line cards may experience problems booting. The following error messages may be displayed:
%MBUS-0-DOWNREV: MBUS agent in slot 1 running from ROM
%MBUS-2-DNLDFAIL: MBUS Agent RAM download to slot 1
After the line cards have not been up for 6 minutes, the line card may end up in an FIB disabled state (dCEF not running). The following error message may be displayed:
%FIB-3-FIBDISABLE: Fatal error, slot 7: No window message, LC to RP IPC is non-operational
Workaround: It has been observed that a microcode reload or complete software reload may resolve this problem.
•CSCdu35480
A Cisco 7500 series router might reload with a bus error when sending an Intermediate System-to-Intermediate System (IS-IS) complete sequence number PDU (CSNP) packet over an Ethernet interface. There is no workaround.
•CSCdu47902
Inserting a large number of Border Gateway Protocol (BGP) routes may cause memory to become fragmented and result in distributed Cisco Express Forwarding (dCEF) becoming disabled because of a low memory condition. There is no workaround.
•CSCdu50927
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(17)S might generate the following error message:
%GRP-3-ENCAP: Failure to allocate encap table entry, exceeded max number of entries, slot 3 (info 0x8000)
-Traceback= 602555E0 60255AC4 602560E0 600F783C 600F7914 600F71C4 600F7288 605690C4 6056C0DC 60569C74 605697A0 603544B4 603537A0 6035397C 60353AF0 6019254CThere is no workaround.
•CSCdu58406
Entering the no ip source-route global configuration command on a Gigabit Router Processor (GRP) does not stop the Cisco 12000 series Internet router from routing packets containing source-route information. There is no workaround.
•CSCdu65825
Under rare conditions, the route processor (RP) in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S3 may reload if a line card is attached. There is no workaround.
•CSCdu66206
Multicast Output interfaces (OIFs) are missing from certain groups causing multicast traffic to be affected. This condition normally occurs during startup because of the varying speeds in which the cards are turned on.
Workaround: Reload the microcode on the card that contains the missing OIFs.
Note Reloading the microcode may lead to issues that are related to caveat CSCuk22826.
•CSCdu72336
Multicast Distributed Fast Switching (MDFS) for IP Multicast on a Cisco 12000 series Internet router may fail to add a particular interface to the OIF list of certain multicast static routes (mroutes) on a linecard. If that linecard is the Reverse Path Forwarding (RPF) interface for that mroute, this situation will result in forwarding to that OIF interface to fail.
Diagnosis: If a Cisco 12000 Internet router is not correctly forwarding IP multicast traffic out a particular interface but the output of the show ip mroute EXEC command shows that interface in the OIF list of that route, verify that the interface also shows up in the OIF list on the linecard that has the incoming interface of the route. Enter the attach slot-number privileged EXEC command, where slot-number is the number of the line card and then enter the show ip mds forwarding EXEC command to determine the actual MDFS forwarding state of the mroute. If the outgoing interface in question does not show "ip" in this output then this caveat applies.
Workaround: Disable MDFS on the incoming interface by configuring no ip mroute-cache on the interface. Do not try to use this workaround if more than a very low amount of multicast traffic is arriving on that interface or else you will compromise the stability of the router because the workaround will make the packets switched through the Gigabit Route Processor instead of the switching fabric.
•CSCdu72555
Running Sampled NetFlow to collect the traffic from a 3-port Gigabit Ethernet line card on a Cisco 12016 Internet router may only collect traffic on the first Gigabit interface. There is no workaround.
•CSCdu74552
Field diagnostic tests might fail on a slave route processor (RP) with 512 MB. The following events have been observed when this failure occurs:
–Field diagnostic tests do not run and the "Timeout waiting for UUT..." error message is displayed.
–RP diagnostic tests pass without testing the memory.
There is no workaround.
•CSCdu82359
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0 (18)S may reload with a bus error when the ip multicast boundry command is entered. There is no workaround.
•CSCdu83386
The ip helper-address address interface configuration command does not function properly when configured on a Cisco 12000 Internet Router. There is no workaround.
•CSCdv10979
Shutting down and restarting a Clock Scheduler Card on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(17)S or 12.0(17)ST with the hw-module command might cause the router to appear to pause indefinitely.
•CSCdv11376
Multicast packets that are sent from an Engine 2 line card to a DPT 48 node in dense mode might not be switched for some groups. This condition occurs because of inconsistencies in the (*,G) and (S,G) tables on the Engine 2 line card. For some groups, the DPT48 node is in the (*,G) table and not in the (S,G) table. There is no workaround.
•CSCdv14967
OC-3 and SRP-12 line cards might show incorrect traffic output statistics when traffic travels through an OC-192 interface and exits through a non-OC-192 interface.
Correct traffic output statistics are displayed when the OC-3 line card is configured with Committed Access Rate (CAR).
Workaround: Configure the OC-3 line card with CAR.
Resolved Caveats—Cisco IOS Release 12.0(18)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(18)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdu14002
An ICMP response time value rounds off to zero when the response time is less than 1millisecond. There is no workaround.
Interfaces and Bridging
•CSCdt41215
A Cisco 7200 series router or Cisco 7500 series router that is running Cisco IOS Release 12.0(1)S3 with back-to-back ATM OC-3 connections may experience intermittent ATM link failures because OAM cells that maintain link connectivity are not sent.
Workaround: The link can be restored by entering the clear interface interface-number command.
•CSCdt88710
Enabling distributed Cisco Express Forwarding (dCEF) on a Cisco 7500 series router that is running Cisco IOS Release 12.0 ST with a Versatile Interface Processor 4-80 (VIP 4-80) line card and PA-A3 OC-12 port adapter with Virtual Private Network (VPN) routing and forwarding (VRF) configured on the port adapter will prevent traffic from being forwarded. This condition does not occur with a PA-A3 OC-3 line card or PA-A3 OC-12 port adapter when VRF is not enabled. There is no workaround.
•CSCdt90054
A Cisco 7500/RSP series router that is running Cisco IOS Release 12.0(15)S1 and that has a Versatile Interface Processor 2-50 (VIP2-50) and an ATM-PA-A3 port adapter might display the following error message on the Route Switch Processor (RSP) console if the VIP is running at 99 percent utilization:
%ATM-3-FAILCREATEVC: ATM failed to create VC(VCD=23, VPI=0, VCI=96) on Interface ATM4/1/0, (Cause of the failure: Failed to have the driver to accept the VC)
Possible Workarounds:
–Disable distributed Cisco Express Forwarding (dCEF).
–Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the ATM interface.
IP Routing Protocols
•CSCdt48480
A filter list may deny a path incorrectly.
Workaround: Restart the Border Gateway Protocol (BGP) process.
•CSCdt71785
A Cisco router that is redistributing routes into the Open Shortest Path First (OSPF) protocol may experience periods of high CPU utilization, and the console may become temporarily locked when the routing table becomes too large. There is no workaround.
•CSCdt88930
In rare cases, the Open Shortest Path First (OSPF) protocol may fail to install a default route. The route will automatically be installed during the next shortest path first (SPF) calculation.
Workaround: Add a static default route with a higher administrative distance than OSPF, and redistribute the static default route through OSPF. Or, add a fake loopback route to OSPF net statements, and flap the fake loopback route.
•CSCdu04678
A Cisco router may reload after the show ip igmp groups command is entered if the command is paused for long periods of time at the "More" prompt and restarted later. There is no workaround.
•CSCdu12698
A router that has the ip multicast boundary access-list-number interface configuration command configured on an interface may reload when the access list is defined. There is no workaround.
•CSCdu26591
When Border Gateway Protocol (BGP) routing is repeatedly enabled and disabled by entering the router bgp as-number and no router bgp as-number commands, the system may lose memory. This situation may result in memory corruption, and in some cases, the system may pause indefinitely.
Workaround: Do not toggle BGP routing dynamically. Once BGP routing is disabled, save the configuration and reload the system.
ISO CLNS
•CSCdt97590
If a Layer 2-only interface goes down on a Cisco router that is running the Intermediate System-to-Intermediate System (IS-IS) protocol, and if that router is using route leaking to redistribute the network on that interface into Layer 1, the network might not be removed from the Layer 1 link-state packet (LSP) on that router.
Workaround: Enter the clear ip route {*} EXEC command. The LSP should be properly regenerated.
•CSCdu16728
A Cisco router that is running the Intermediate System-to-Intermediate System (IS-IS) protocol may reload. This condition may occur with all software images. There is no workaround.
Miscellaneous
•CSCdm65973
A PA-A3 may report a higher number than expected CRC errors on an ATM interface for one or more virtual circuits (VCs). The root cause of the problem is that the affected versions of Cisco IOS software are counting packet bytes that were received with CRC errors, rather than counting errored packets. This condition makes the CRC error counter many more times higher than the actual value. The same behavior also occurs with the aborts and giants. Note that the firmware and not Cisco IOS detects the giants.
Workaround: Troubleshoot the cause of the CRC errors. see the CRC Troubleshooting Guide for ATM Interfaces on Cisco.com for assistance.
•CSCdr55864
The boot flash file system may be corrupted after a system reload. This situation occurs only after a reload file is written to boot flash. There is no workaround.
•CSCds22213
A Cisco 12000 series router with a Gigabit Ethernet/Fast Ethernet output interface may experience a tag fragmentation problem if the maximum transmission unit (MTU) size on the input interface is larger than the MTU on the output interface. This problem does not occur when the MTU sizes are the same on both the input and the output interfaces. There is no workaround.
•CSCdt01089
The following error message may be displayed during a Route Processor (RP) failover:
SEC 1:00:25:34: %IPCGRP-3-SEATERR: Can not find card by seat id (131178)
-Traceback= 601BCB0C 60299460 6017562C 60175618 00:25:34:
%IPCGRP-3-SEATERR: Can not find card by seat id (5)
-Traceback= 601BCB0C 60299460 601756nality of the router.There is no workaround.
•CSCdt38708
A 1500-byte IP packet with three Multiprotocol Label Switching (MPLS) labels cannot be received on a Fast Ethernet or Gigabit Ethernet interface because the packet will be counted as a giant and dropped. There is no workaround.
•CSCdt44794
The output of the show atm pvc command does not correlate with packet output drop values from the show interface command when permanent virtual circuit (PVC) queueing is configured on an ATM interface.
Workaround: Enter the show queueing interface atm command to display PVC drops in the matching Layer 3 queue.
•CSCdt51551
When a provider edge (PE) Cisco 12000 series Internet router is running Cisco IOS Release 12.0(11)ST1 and a customer edge Cisco 12000 series Internet router is running Cisco IOS Release 12.0(14)S, Frame Relay encapsulation does not work after the configuration of multiprotocol BGP (mBGP). The following occurs:
–You can configure Frame Relay encapsulation.
–You can create the permanent virtual circuit (PVC).
–The PVCs stay in the Inactive state.
The PVC is active before the configuration of mBGP. If the PVC is configured in address family Virtual Private Network version4 (VPNv4) configuration mode, the PVC passes to inactive status. There is no workaround.
•CSCdt54847
The Cisco Express Forwarding (CEF) table for a Cisco 12000 series Internet router line card might not synchronize with the Gigabit Route Processor (GRP) on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(13)S2.
This situation has been observed when a Packet-over-SONET (POS) line card did not have a /32 receive adjacency for a Gigabit Ethernet module on the same Cisco 12000 series Internet router. The output of the show cef interface gigabit 9/0 command revealed that IP processing was disabled on Gigabit interface 9/0 and that there were no /32 receive entries for the addresses assigned to that interface (primary or secondary). No problems were detected on the GRP, and there have been no records of interfaces being reset.
Workaround: Clear the IP CEF table.
•CSCdt64782
Alarm warnings have occurred on a Cisco 12012 Internet router that is running Cisco IOS Release 12.0(15.6)S. These warnings have been observed on the PSU and blower units, and on the critical, major, and minor LEDs on the alarm card. The alarm warnings clear after the Route Processor has completed booting (30 seconds to 5 minutes). Normal operations continue after the alarm warnings have cleared. These warnings have not been observed on the Cisco 12008 or 12016 routers. There is no workaround.
•CSCdt70875
An SRAM hardware failure on an Engine 2 OC-48 linecard on a Cisco 12000 series Internet router may cause the line card to reload with the following error message:
%LCPOS-3-SOP: RX:UnexpectedEop. Source=0x20 (Framer), halt_minor0=0x40
The error message is incorrect. The correct error message should report the SRAM failure.
Workaround: Replace the line card.
•CSCdt71057
A Cisco 12000 series Internet router with input PSA access control lists (ACLs) may deny IP protocol 94 traffic even though all IP traffic is permitted on the access list. This situation has been observed after the access list is between 45 and 50 line long.
Workaround: Explicitly permit IP protocol 94 traffic.
•CSCdt80914
Entering the show ip cef exact-route command at the head-end of a Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel may cause the Route Processor (RP) in a Cisco 12000 series Internet router to reload. There is no workaround.
•CSCdt84938
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S, the 2x32-bit Simple Network Management Protocol (SNMP) counters on the main interface may not function properly. The same counters for the subinterface are not affected. There is no workaround.
•CSCdt85730
When Multiprotocol Label Switching (MPLS) is configured on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S2 and the router is performing label imposition for flowing from an Engine 4 line card to an Engine 1 line card, the Engine 1 line card may reload. There is no workaround.
•CSCdt85936
Cisco 12000 series Internet router may, on rare occasions, issue environmental warnings for line cards or fabric modules that are within the appropriate values.
Workaround: Configure the router with the no environment-monitor command.
•CSCdt87752
When the CPU is busy and has no resources to process an Open Shortest Path First (OSPF) protocol message, the OSPF neighborhood may collapse. There is no workaround.
•CSCdt89162
Under some circumstances, certain 448-line access control lists (ACLs) may cause a Cisco router with an Engine 2 line card to reload. There is no workaround.
•CSCdt90083
When installing Engine 0-, Engine 1-, Engine 2-, or Engine 4-based line cards in a Cisco 12416 Internet router, ensure that the router is cold-booted. If the router is active when the line card is inserted, the line card will fail to boot correctly. If the router has been booted with the line card already installed, a successful online insertion and removal (OIR) can be performed, but if the line card is removed and reinserted into a different slot, the line card fails to complete the boot sequence and will constantly cycle through attempts to load and being reset. This situation does not occur with Cisco 12008, 12012 or 12016 Internet routers.
Workaround: Reboot the router once the line card has been installed.
•CSCdt90736
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S2 may display error messages after an online insertion and removal (OIR) of a 16xOC-192 Clock and Calendar Schedule Card (CSC) or after the hw-module {slot number} shutdown command is entered on the 16xOC-192 CSC. There is no workaround.
•CSCdt91433
A Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) provider edge (PE) router may reload under the following circumstances:
–MPLS IP is globally enabled on the router.
–There are multiple static routes to a prefix in the default routing table.
–At least one of the static routes is recursive.
–At least one of the static routes is nonrecursive.
–The static recursive route resolves to go over a nonpoint-to-point link (for example, Ethernet).
The reload typically shows a traceback similar to the following:
0x6060A8A0:idb_get_swsb(0x6060a86c)+0x34 0x60FCF53C:tagsw_get_tag_dist_method(0x60fcf4a0)+0x9c 0x60FF055C:tfib_request_outgoing_tag(0x60ff0480)+0xdc 0x60FF06A8:tfib_request_outgoing_recursive_tags(0x60ff061c)+0x8c 0x60FF3214:tfib_resolve_recursive(0x60ff30e8)+0x12c 0x60FF5710:tfib_resolve_tag_rewrite(0x60ff5590)+0x180 0x60F4AF58:path_resolved(0x60f4aa90)+0x4c8 0x60F4B84C:ip_fib_resolve_path(0x60f4b244)+0x608 0x60F4BA20:ip_fib_force_resolve_path(0x60f4b94c)+0xd4 0x60FF4940:tfib_route_tag_change(0x60ff44ec)+0x454 0x60FF07C8:tfib_setup_route_tag_change(0x60ff06d4)+0xf4 0x60FCBE34:tib_find_route_tags(0x60fcbc4c)+0x1e8 0x60FF05EC:tfib_request_outgoing_tag(0x60ff0480)+0x16c 0x60FF06A8:tfib_request_outgoing_recursive_tags(0x60ff061c)+0x8c 0x60FF3214:tfib_resolve_recursive(0x60ff30e8)+0x12c 0x60FF5710:tfib_resolve_tag_rewrite(0x60ff5590)+0x180
Workaround: Changing any of the circumstances listed will prevent this situation from occurring. It is recommended that this change be implemented in the startup configuration rather than waiting for the router to come up and then implementing the change.
•CSCdt92270
Committed access rate (CAR) may fail to function properly with multicast packets on a Cisco 7200 series router. This symptom does not affect unicast packets. There is no workaround.
•CSCdt92307
When a channel group is configured with 8, 11, 13, 14, 15, 19, 23, and 27 time slots, the corresponding interface experiences line protocol flapping. Other combinations do not cause this situation. There is no workaround.
•CSCdt93130
In a network with a provider edge (PE) router that is running Cisco IOS Release12.1(7.3) and Packet-over-SONET (POS) interface that is running Cisco IOS Release 12.0(15)S1, a problem may occur with Automatic Protection System (APS) switching from working to protected (and protected to working). A tag-switching Tag Distribution Protocol (TDP) neighbor is lost when Intermediate System-to-Intermediate System (IS-IS) switches over to an active POS interface. The show tag-switching interfaces indicates that the interface is operational.
Workaround: Enter the no tag-switching ip command and tag-switching ip command to restart the lost TDP neighbor. This command can be entered for the PE router or the POS interface.
•CSCdt93152
Multicast traffic does not switch from Engine 4 to Engine 0 and Engine 1 line cards. In this situation, the ingress Engine 4 to fab queues show a multicast queue build-up, but no packets are output by either the E0 or E1 line cards. Multicast traffic is still successfully switched from Engine 0 and Engine 1 to Engine 4 line cards. There is no workaround.
•CSCdt96796
A Cisco router that is running Cisco IOS Release 12.0(13)S2 may experience a memory leak in the IP Simple Network Management Protocol (SNMP) process. There is no workaround.
•CSCdu00753
In situations in which a secondary Gigabit Route Processor (GRP) has a faulty connection to the fabric, it is possible that configuration synchronization may not occur or that the configuration stamp may not be updated without an obvious error message. The faulty connection is usually detected through other indicators, such as a failure to get multiple acknowledgements for a configuration write or IPC timeout when accessing the secondary BOOTVAR. There is no workaround.
•CSCdu01075
The show ip accounting command will display large IP counts while Multiprotocol Label Switching (MPLS) traffic is sent. There is no workaround.
•CSCdu01110
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16.5)ST cannot be pinged through local OC-48 or OC-192 Packet-over-SONET (POS) interface addresses and a loopback address that is located more than one hop away. There is no workaround.
•CSCdu01147
When a Traffic Engineering (TE) tunnel is brought up on a Cisco router that is running Cisco IOS Release 12.0(16.6)S while IP traffic is switching, "PICANTE" errors are triggered, and all the traffic on that line card stops for a time. There is no workaround.
•CSCdu01876
On a Cisco 12000 series Internet router, the command line interface (CLI) and Simple Network Management Protocol (SNMP) MIB may show twice the expected value. This condition has been observed with both Engine 1 (Gigabit Ethernet) and Engine 2 (QOC-12). There is no workaround.
•CSCdu03539
When an output link is oversubscribed with lower priority traffic, the low latency queueing (LLQ) traffic over the link may be subjected to a larger amount of latency than usual (3-4 milliseconds).
Workaround: Avoid enabling the tx-cos name interface configuration command and oversubscribing the link.
•CSCdu04427
A Cisco 12000 series router with an enabled Ethernet interface on the route processor may not boot up properly when running Cisco IOS Release 12.0(16.6)S.
Workaround: Boot the router through the Ethernet 0 interface, and shut down the Ethernet 0 interface immediately after the router has completely booted up.
•CSCdu06930
A Cisco 7500 series router that is running Cisco IOS Release 12.0(16)S with distributed Multilink PPP (MLPPP) enabled may experience bounced traffic if the amount of traffic that is sent through the multilink interface is double the capacity of the interface. There is no workaround.
•CSCdu07275
Conform rates that are not set to be a multiple of 200,000 bps may not function properly. The discrete level of the conform rate for OC-192 or Quad OC-48 line cards should be set to a multiple of 200,000 bps. For example, a conform rate from between 300,000 bps and 500,000 bps should be set to an actual conform rate of 400,000 bps.
Workaround: Configure the conform rate to be a multiple of 200,000 bps.
•CSCdu07559
A gsr with a ATA disk (SAN DISK) in the first PCMCIA slot (disk0:) may crash (Software forced crash) when the latest conn_isp image 120(16.6)S is loaded.
•CSCdu07732
When a Packet-over-SONET (POS) line card is reinserted after it is replaced by another POS card, snmpwalk works on the ifTable for all interfaces but snmpget may fail on some POS interfaces. There is no workaround.
•CSCdu08444
Entering the show ip psa ip-address command on a router that is configured with per prefix accounting will cause an Engine-2 line card (for example, OC-48) to reload.
Workaround: Disable per prefix accounting.
•CSCdu09160
A Cisco 12000 series router that has Engine 4 line cards may not support ingress or receive Weighted Random Early Detection (WRED) for both multicast and unicast traffic. There is no workaround.
•CSCdu09725
It is not possible to write Crashinfo data to an ATA sandisk from a Cisco router that is running Cisco IOS Release 12.0 S or Cisco IOS Release 12.0 ST. This caveat is not present in other Cisco IOS releases. There is no workaround.
•CSCdu01019
On a Cisco 12400 Internet router that is running with tag switching enabled, the show interface accounting command may not register the transmitted tagged packets in Cisco IOS Release 12.0(16.5)S. There is no workaround.
•CSCdu10912
When an online insertion and removal (OIR) is performed on a primary clock switched card (CSC) fabric card after the hw-module slot_number shut command is entered, faulty OIR messages may be displayed. There is no workaround.
•CSCdu11279
A Cisco 7500 series router with a Multichannel T3 Port Adapter (PA-MC-2T3+) may report cyclic redundancy check (CRC) errors when it is configured with a CRC-32.
Workaround: Use the port adapter with CRC-16 instead.
•CSCdu11691
A Cisco 12000 series router with a single Route Processor (RP) that is running Cisco IOS Release 12.0(16)S or 12.0(16)S1 does not permit simultaneous configurations from multiple Telnet sessions. Only a single Telnet session is allowed to enter the configuration mode at any one time. This symptom does not occur on routers with dual route processors.
Workaround: Add an additional RP onto the system to permit simultaneous configurations from multiple Telnet sessions. The additional RP can be removed after it has booted as a secondary RP.
•CSCdu19182
The show aps command requires an argument of either a group number, a POS interface ID, or a SONET controller interface ID. The default form of the command with a defaulted argument is rejected. There is no workaround.
•CSCdu22137
An Engine 4 line card may display the following messages when it encounters certain non-IP packets.
SLOT 3:*May 10 10:46:59 UTC: BHdr->len-8 < IP->tot_len
Workaround: Reload the line card.
•CSCdu25293
A Cisco router with an Engine 4 line card that is running Cisco IOS Release 12.0(16.6)S3 may reload while running line rate traffic. There is no workaround.
•CSCdu38395
A Cisco router that is running Cisco IOS Release 12.0(17.1)S, 12.1(3.1), or 12.2(3.1) or later that is configured for Hot Standby Router Protocol (HSRP) on only certain Inter-Switch Link (ISL) subinterfaces may experience spurious memory access. This situation may occur when HSRP is not configured on all ISL subinterfaces.
Workaround: Configure HSRP on all ISL subinterfaces.
•CSCdu42275
Applying a large access-list (approximately 3,000 lines) to a Cisco 3-Port Gigabit Ethernet line card may cause the router to reload. There is no workaround.
•CSCdu50386
If a single-port OC-48 line card is configured as the tunnel server card while installed in slot 0 of a Cisco 12000 series Internet router, the output of the showing running-configuration command does not show the "hw-module slot0 mode server" line. In this situation, if the router is reloaded, the line card is not configured to act as the tunnel server and all Universal Transport Interface (UTI) tunnels that are present on the router fail.
Workaround: Manually configure the line card to act as the sever by entering the hw-module slot0 mode server command.
•CSCuk23290
The output of the show ip cef inconsistency record command may not include expected event log entries for the recorded inconsistency occurrences. There is no workaround.
•CSCuk23524
A Cisco 12000 series router may experience some missing prefixes in the Cisco Express Forwarding (CEF) tables on some line cards after the router is reloaded or when an online insertion and removal (OIR) is performed on a line card.
Workaround: Enter the clear cef linecard command on each slot after a reload or OIR to ensure that the CEF table is correctly downloaded.
Resolved Caveats—Cisco IOS Release 12.0(17)S7
Cisco IOS Release 12.0(17)S7 is a rebuild of Cisco IOS Release 12.0(17)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(17)S7. This section describes only severity 1 and 2 caveats.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Resolved Caveats—Cisco IOS Release 12.0(17)S6
Cisco IOS Release 12.0(17)S6 is a rebuild of Cisco IOS Release 12.0(17)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(17)S6. This section describes only severity 1 and 2 caveats.
•CSCdx06621
If multiple routers are advertising the same prefix in Type-5 or Type-7 link-state advertisements (LSAs), a router may reload with a bus error while the shortest path first (SPF) algorithm is computed. There is no workaround.
•CSCdx29393
If an Engine 2, 16-port OC3 line card is configured with 16 different input ACLs, Cisco Express Forwarding (CEF) may get disabled on the line card when about 100K Border Gateway Protocol (BGP) routes are present. There is no workaround.
•CSCdx32658
On a Cisco 12000 series Internet router, if you ping the loopback address from the west-end to the east-end router, datagrams are dropped. The first packet size ranges to fail are the packets between 77 and 80 and between 605 and 608. Only these packet ranges are being dropped; all other packets get through. There is no workaround.
•CSCdx65248
A memory leak on an OC3 (Eng0) line card may cause Cisco Express Forwarding (CEF) to be disabled. There is no workaround.
•CSCdx67418
When a router has a dual Route Processor (RP) configuration with 512MB in each Gigabit Route Processor (GRP), the router may not boot. There is no workaround.
•CSCdx69170
Enabling 448 lines of ingress ACL on E2 (QOC12 POS, 1xOC48 POS, and OC48 DPT) line cards, on a Cisco 12000 router that is running Cisco IOS Release 12.0(21.3)S2 may cause forwarding traffic to fail. There is no known workaround.
•CSCdx69852
On a Cisco 12416 router that is running Cisco IOS 12.0(17)S5.0522 with redundant Gigabit Route Processors (GRPs), one or more line cards may have Cisco Express Forwarding (CEF) disabled after a redundancy force-failover command is issued. There is no workaround.
•CSCuk34118
If a line card is online insertion and removal (OIR) out during the linecard Cisco Express Forwarding (CEF) table(s) download, all other line cards can get stuck in the "request-reload state" waiting for the OIR out linecard to finish its download.
Workaround: Reinstall the linecard into the OIR out slot.
•CSCuk34310
A Cisco 12000 series Internet router reloads unexpectedly after multiple Border Gateway Protocol (BGP) route state transitions (flaps) occur. This symptom is observed on a Cisco 12000 series Internet router that has Multiprotocol Label Switching (MPLS) enabled. There is no workaround.
•CSCdx45298
A Cisco Express Forwarding (CEF) inconsistency may occur between the Gigabit Route Processor (GRP) and the Engine 2 line card. This inconsistency causes flapping and has been observed when there are recursive prefixes and suboptimal line quality.
Workaround: Clear the CEF line card X.
Resolved Caveats—Cisco IOS Release 12.0(17)S5
Cisco IOS Release 12.0(17)S5 is a rebuild of Cisco IOS Release 12.0(17)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(17)S5. This section describes only severity 1 and 2 caveats.
•CSCdw09409
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(17)S, Release 12.0(18)S, Release 12.0(19)S, or a rebuilt release that is based on one of these three releases, and that is configured with one or more 3-port Gigabit Ethernet line cards may show the following two symptoms:
–The router may become totally inoperable and no longer forward traffic or respond to console commands. Restoring the affected router to normal operation requires either a manual power cycling or a break- in and soft reset using the console break sequence.
– The router may reload because of a software-forced reload. This occurs because the router goes into an infinite look, and the watchdog timer starts and reloads the router.
This situation is caused by a very rare event in the Address Resolution Protocol (ARP) code that may cause data structure corruption, which results in system instability. Because of the rare nature of this event, the affected router may experience intermittent hangs at intervals of hours up to several months. There is no workaround. (Upgrade a susceptible router to a Cisco IOS software release in which this caveat has been resolved.)
Note This caveat does not apply to a router that is configured with one or more single-port Gigabit Ethernet line cards.
•CSCdu29618
Under certain conditions on a Cisco 12000 series Internet router, Engine 4 line cards may update Cisco Express Forwarding (CEF) entries slower than Engine 2 line cards do. There is no workaround.
•CSCdu22137
An Engine 4 line card may display the following messages when it encounters certain non-IP packets.
SLOT 3:*May 10 10:46:59 UTC: BHdr->len-8 < IP->tot_len
Workaround: Reload the line card.
•CSCdw29949
If you enable tag-to-tag load balancing on a Cisco 12000 series Internet router with an Engine 4 line card that serves as an ingress line card, the router stops forwarding traffic.
Workaround: Enter the clear ip route * command.
•CSCdu64069
IP coloring (IP marking) may fail to mark a packet if IP coloring is configured on an interface with an input Access Control List (ACL), or if any interface on a Cisco 12000 Internet Router has an output that has an output ACL. ACL will still function as normal. This condition only occurs if IP coloring is configured on an E2 line card. There is no workaround.
•CSCdv01350
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0 S may see Internet Group Management Protocol (IGMP) mtrace response packets (protocol=2, IGMP type=0x1E) stay in an interface input hold queue indefinitely. These packets may eventually fill up the interface input hold queue and cause packet drops.
Workaround: Reload the router to clear the packets from the input hold queue, and increase the input hold queue depth using the hold-queue queue-length interface configuration command.
•CSCdx20954
A Cisco 12000 series OC-3 line card may reload unexpectedly and then recover. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(17)S4
Cisco IOS Release 12.0(17)S4 is a rebuild of Cisco IOS Release 12.0(17)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(17)S4. This section describes only severity 1 and 2 caveats.
•CSCdv04951
A Cisco 7200 series router may reload when it is passing heavy traffic of large packets through a PA-A1 port adapter. The reload does not occur under normal traffic conditions.
Possible workaround: Reduce the maximum transmission unit (MTU) size of the ATM interface so that the interface never has to pass a packet of more than 4500 bytes.
•CSCdv14760
On a Cisco 12000 series Internet router, the configuration of the ip route-cache cef command on the Ethernet 0 interface results in the following error message:
%CEF not supported for ARPA
Cisco Express Forwarding (CEF) cannot be enabled on the Ethernet 0 interface.
Note The Gigabit Route Processor (GRP) Ethernet port is designed for use as a management interface only. Cisco does not support either the use of Ethernet 0 as a traffic-switching port or the enabling of CEF on this port. Cisco will likely disable the ip route-cache cef for Ethernet 0 in future Cisco IOS releases. Cisco encourages customers to migrate from Ethernet 0 switching configurations. Ethernet line cards are available for the Cisco 12000 series Internet router for customers who require Ethernet interfaces.
•CSCdv42325
On a Cisco 12000 series Internet router, switching from load balancing to a fast adjacency or from a fast adjacency to load balancing may result in traffic loss. There is no workaround.
•CSCdv90792
A 3-port Gigabit Ethernet line card that is installed in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S or higher 12.0(16)S releases may reload intermittently with "PSAERRSS" errors and bus errors under the following conditions:
a. At least five output access control lists (ACLs) are configured on the router (the sixth output ACL is being handled by the CPU of the line card).
b. Ingress traffic that is destined for egress on the local line card is matching access control entries (ACEs) that are being executed on the ingress CPU.
c. A large volume of Border Gateway Protocol (BGP) routes are present.
d. The above-mentioned traffic scenario occurs during periods of heavy changes in the Forwarding Information Base (FIB).
"FIB-4-RADIX" insert messages may be displayed before the line card reloads.
This issue is resolved in Cisco IOS Release 12.0(16)S7 and higher releases. There is no workaround for the affected releases.
•CSCdw10748
A Cisco 12016 Internet router that is running Cisco IOS Release 12.0(15)S, Release 12.0(19)S, or any release in between these releases may not correctly switch over to the backup Clock Scheduler Card (CSC) in the event of a CSC failure because of a "grant parity" or "request parity" error. If one of these errors occurs, the following message may be seen in the output of the show log command:
Sep 22 03:00:56.674 JST: %FABRIC-3-PARITYERR: To Fabric parity error was detected. Grant parity error Data = 0x2.
SLOT 1:Sep 22 03:00:56.674 JST: %FABRIC-3-PARITYERR: To Fabric parity error was detected. Grant parity error Data = 0x1
The output of the show controller fia command may look as follows:
Fabric configuration: Full bandwidth redundant
Master Scheduler: Slot 16
From Fabric FIA Errors
------------------------
redund fifo parity 0 redund overflow 0 cell drops 116
crc32 lkup parity 0 cell parity 0 crc32 0
Switch cards present 0x001F Slots 16 17 18 19 20
Switch cards monitored 0x001F Slots 16 17 18 19 20
Slot: 16 17 18 19 20
Name: csc0 csc1 sfc0 sfc1 sfc2
-------- -------- -------- -------- -------- --------
los 0 1 0 0 0
state Off Off Off Off Off
crc16 1167 402 1167 1167 1167
To Fabric FIA Errors
----------------------
sca not pres 0 req error xx uni fifo overflow 0
grant parity xx multi req 0 uni fifo undrflow 0
cntrl parity 0 uni req 0 crc32 lkup parity 0
multi fifo 0 empty dst req 0 handshake error 0
cell parity 0
For further information, see the Fabric Parity Error on GSR CSC16 Card Field Notice at the following location: http://www.cisco.com/warp/public/770/fn16872.shtml.
There is no workaround.
• CSCdw17012
On a Cisco 12000 series Internet router that is configured with an Engine 4 line card that has 256 MB of CPU memory, the show processes memory command may show more than 4 GB of used memory. When the counter reaches 4.2 GB, it may reset to 0, which causes the line card to think it has run out of memory and to disable Cisco Express Forwarding (CEF). Issuing the clear cef linecard [slot-number] command will bring the line card back up. There is no workaround for the memory problem or to prevent the counter from resetting to 0.
•CSCdw24515
A Cisco 12000 series 10-port 1-Gigabit Ethernet line card may reload if you apply the same access control list (ACL) to two or more main interfaces and subsequently apply any ACL to a subinterface on one or more of the main interfaces. There is no workaround.
•CSCdw47388
If you configure an output access control list (ACL) with 448 lines on a Cisco 12000 series Internet router, and the ingress line card for the traffic that needs to be filtered is an 8-port or 16-port OC-3 Packet-over-SONET (POS) line card, the output ACL will not filter traffic.
Workaround: Do not configure an ACL with more than 128 lines on any interface of a Cisco 12000 series Internet router that is configured with an 8-port or 16-port OC-3 POS line card.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
•CSCuk30224
On platforms that support distributed Cisco Express Forwarding (dCEF), when CEF reloads the forwarding table on a line card, either at boot time or after an online insertion and removal (OIR) event, the Forwarding Information Base (FIB) of the line card may be missing one or more prefixes.
Workaround: Enter the clear cef linecard slot on the affected line card.
Resolved Caveats—Cisco IOS Release 12.0(17)S3
Cisco IOS Release 12.0(17)S3 is a rebuild of Cisco IOS Release 12.0(17)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(17)S3. This section describes only severity 1 and 2 caveats.
•CSCds37169
When IP Cisco Express Forwarding (CEF) is enabled on a Route Switch Module (RSM) and you reload the RSM, the interfaces show that the no ip route-cache cef interface configuration command is enabled, which causes the CPU to run at 99 percent.
Workaround: Manually change the configuration.
•CSCdt06162
On a Cisco 12000 series Internet router, the 1-minute input rate statistics in the output of the show interfaces privileged EXEC command may not accurately reflect the traffic load on the interface. There is no workaround.
•CSCdt96253 and CSCdu37371
Three different Cisco product lines are susceptible to multiple vulnerabilities in the Secure Shell (SSH) protocol. These issues are inherent to the SSH protocol version 1.5, which is implemented in several Cisco product lines.
By exploiting the weakness in the SSH protocol, it is possible to insert an arbitrary command into an established SSH session, collect information that may help in brute force key recovery, or brute force a session key.
The affected product lines are as follows:
–All devices, including routers and switches, running Cisco IOS software supporting SSH
–Catalyst 6000 switches running CatOS
–Cisco PIX Firewall
No other Cisco products are vulnerable.
It is possible to mitigate this vulnerability by preventing, or having a control over, interception of SSH traffic. see the advisory at the following URL:
http://www.cisco.com/warp/public/707/SSH-multiple-pub.html
•CSCdu05173
A Cisco 7500 series router may use invalid Cisco Express Forwarding (CEF) entries on Versatile Interface Processors (VIPs) to switch traffic when distributed Cisco Express Forwarding (dCEF) is disabled. The CEF entry on the Route Switch Processor (RSP) is valid while the entry on the VIP is invalid.
Workaround: Reboot the VIP and use the clear cef line slot command to clear the lines for each VIP until all the VIPs become visibly synchronized in the output when the show cef linecard command is entered.
•CSCdu35175 and CSCdu57417
Six vulnerabilities involving the access control list (ACL) have been discovered in multiple releases of Cisco IOS software for the Cisco 12000 series Internet router. Not all vulnerabilities are present in all Cisco IOS releases, and only line cards based on the Engine 2 are affected by them. No other Cisco product is vulnerable.
The workarounds are described in the "Workarounds" section of the advisory that is available at the following URL:
http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
Workaround: Use the shut command followed by the no shut command to flap the interface.
•CSCdu53584
The switching path changes from distributed Cisco Express Forwarding (dCEF) to Cisco Express Forwarding (CEF) after 40 online insertion and removal (OIR) events. This condition affects quality of services (QoS) functionality and the performance of the router, which requires a dCEF path. There is no workaround.
•CSCdu81007
The Cisco Express Forwarding (CEF) table is not updated properly when the IP address of an interface changes. The new IP address is added to the CEF table but the old one is not removed. If subinterfaces are used, the old ones remain in the CEF table even after the subinterfaces are removed.
Workaround: When you issue the shut command on the subinterface before changing the address, the IP address is correctly deleted from the CEF tables.
•CSCdu81936
If a router receives an Address Resolution Protocol (ARP) packet that has the router's own interface address but with a different MAC address, the ARP packet can overwrite the router's own MAC address in the ARP table, causing that interface to stop sending and receiving traffic. This attack is successful only against interfaces on the Ethernet segment that is local to the attacking host.
Workaround: Hard-code the interface's ARP table entry by using the arp ip-address hardware-address type [alias] command. This entry will remain in the ARP table until the clear arp command is issued. see the advisory at the following URL:
http://www.cisco.com/warp/public/707/IOS-arp-overwrite-vuln-pub.shtml
•CSCdu87946
On a Cisco 12000 series Internet router that has tag switching configured, an OC-192 line card may reload when the network mask is changed from /30 to /24. This condition has been observed in Cisco IOS Release 12.0(17)S, 12.0(18)S, and 12.0(19)S. There is no workaround.
•CSCdv01853
A Cisco router may experience a software-forced reload at ip_arp_refresh_adj after the no shutdown command is entered on a multipoint subinterface in LAN Emulation (LANE) testing. There is no workaround.
•CSCdv05120
A line card on a Cisco router that is running distributed Cisco Express Forwarding (dCEF) with Cisco IOS Release 12.0(19)S or later may be missing interfaces and interface-related configurations, such as access lists, after a boot or after enabling dCEF. There is no workaround.
•CSCdv24152
A Cisco router that is running Cisco IOS Release 12.0(17)S and later 12.0 S releases may reset if Frame Relay has been incorrectly configured. If you apply the same data link control (DLC) value on an interface and on its subinterface twice in a row, the router may reset. There is no workaround.
•CSCdv32536
When a Cisco 7200 series router that is configured with an ATM-PA-A3 port adapter receives packets with a multicast MAC address on a virtual circuit (VC) that has been configured for 1483-bridged mode, all packets with the multicast MAC address are dropped. There is no workaround.
•CSCdv33612
A Cisco 12000 series Internet router may exhibit any of the following symptoms:
–Packets that exit the router have a corrupted or invalid MAC header. A common example of this situation occurs when a single-hop Traffic Engineering (TE) tunnel is configured out of a given interface. In this case, IP packets that exit other interfaces on the same line card will have a Multiprotocol Label Switching (MPLS) process identification number (PID) field in the High-Level Data Link Control (HDLC)/PPP header.
–Traffic gets dropped in the incoming line card. This situation presents itself in the case of multicast traffic for which no matching (S,G) entry is found in the line card. In this situation, traffic gets sent to the Route Processor or dropped.
There might be other symptoms that have not been observed yet. The easiest way to determine the existence of this error condition is to enter the show gsr encapsulation command; if the output of the Output Info record is empty even though there are point-to-point interfaces in the system that are up and running, you have encountered this error condition.
Workaround: For the cases with invalid MAC headers due to of a single-hop TE tunnel that is present, bring down a physical interface that has no tunnels on it and that is on the same line card, wait a few seconds, and bring it back up. If the TE tunnel goes down and comes back up, the router will experience the same situation, and a physical interface that is not being used by the tunnel will need to be flapped again. For the cases where traffic is not sent out at all, there is no known workaround.
•CSCdv47664
The online insertion and removal (OIR) of a Versatile Interface Processor (VIP) in a Cisco 7500 series router may cause Cisco Express Forwarding (CEF) to become disabled on VIP cards in other slots.
Workaround: Enter the microcode reload global configuration command after a failed OIR.
•CSCdv51463
A Cisco router may experience problems with the Address Resolution Protocol (ARP) when Cisco Express Forwarding (CEF) is enabled.
Workaround: Disable CEF.
•CSCdv53894
A Cisco 12000 series Internet router may fail to correctly forward IP multicast packets out of an interface. When this condition occurs, the router generates the following error message:
%GRP-3-ENCAP: Failure to allocate encap table entry, exceeded max number of entries
On the outgoing line card, the "exec slot N show controller rewrite" message (in which "N" represents the line card) displays empty (0) adjacency information for the affected multicast routes:
(209.165.200.224, 255.255.255.224) In: POS3/0
SRP0/0 0x00000000 (0):
There is no workaround.
•CSCdv81133
On a Cisco 12000 series Internet router, when you connect and disconnect the Rx cable between Engine 4 Packet-over-SONET line cards and a Cisco ONS platform, continuous ping failures may occur, although the line cards are in an up/up state.
Workaround: Issue the hw-module slot x reload command on the line cards.
•CSCdv88646
A Cisco 12000 series Internet router that is configured with an Engine 4 plus card may generate tracebacks, causing Cisco Express Forwarding (CEF) to be disabled. There is no workaround.
•CSCdw03179
When you configure a Packet-over-SONET 8xOC-3 line card in a Cisco 12000 series Internet router as an Automatic Protection Switching (APS) working or protecting line card, the line card may accept input traffic even while it is deselected by APS. This condition causes duplicated packets.
Workaround: When the error condition occurs, enter the shut command followed by the no shut command on the line card that is deselected by APS.
•CSCuk27669
Entering the show ip cef EXEC command may cause a Cisco router to reload if load-shared paths change while the command executes. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(17)S2
Cisco IOS Release 12.0(17)S2 is a rebuild of Cisco IOS Release 12.0(17)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(17)S2. This section describes only severity 1 and 2 caveats.
•CSCds85383
For Cisco 12000 series Internet routers that have 6-port channelized T3 (CT3) line cards and that are running Cisco IOS Release 12.0(14)S to 12.0(17)S, the state of T3s or T1s may be reported incorrectly, and CT3 interfaces may remain down even though the corresponding T1s are up but reported as down. The output of the show ipc status EXEC commands on the router processor indicate that some interprocess communication (IPC) messages have timed out.
Workaround: Reset the line card.
•CSCdt63459
On a Cisco 7513 router that has a Route Switch Processor 4 (RSP4) that is configured with 128 MB DRAM and is carrying 11,000 routes, entering the clear cef linecard EXEC command may cause all available memory to be consumed.
Workaround: Enter the clear ip bgp {*} EXEC command before entering the clear ip cef EXEC command.
•CSCdu26757
A single-port Gigabit Ethernet line card may fail with Unicast timeouts. This situation occurs only if bad IP packets are received by the last hop of a Multiprotocol Label Switching (MPLS)-enabled network (for example, when the last tag is popped and the packet is sent out as an IP packet). There is no workaround.
•CSCdu27583
A 3-port Gigabit Ethernet line card may reload with a bus error exception. There is no workaround.
•CSCdu43315
In a configuration in with multiple T1 through T3 interfaces, it may not be possible to query for Simple Network Management Protocol (SNMP) statistics because the snmpwalk and snmpget functions do not display data for some interfaces. There is no workaround.
•CSCdu47902
Inserting a large number of Border Gateway Protocol (BGP) routes may cause memory to become fragmented and result in distributed Cisco Express Forwarding (dCEF) becoming disabled because of a low memory condition. There is no workaround.
•CSCdu50927
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(17)S might generate the following error message:
%GRP-3-ENCAP: Failure to allocate encap table entry, exceeded max number of entries, slot 3 (info 0x8000)
-Traceback= 602555E0 60255AC4 602560E0 600F783C 600F7914 600F71C4 600F7288 605690C4 6056C0DC 60569C74 605697A0 603544B4 603537A0 6035397C 60353AF0 6019254CThere is no workaround.
•CSCdu54878
On Engine 2 line cards on a Cisco 12000 series Internet router, when two PSA access control lists (ACLs) are configured and then removed, the correct feature microcode may not be loaded.
Workaround: Perform a microcode reload on the line card.
•CSCdu58406
Entering the no ip source-route global configuration command on a Gigabit Router Processor (GRP) does not stop the Cisco 12000 series Internet router from routing packets that contain source-route information. There is no workaround.
•CSCdu58623
If confederation information is not added by an external BGP (eBGP) neighbor, the connection is not dropped or updated.
Workaround: Configure an AS-PATH filter "\(*|)" with the eBGP.
•CSCdu60861
Engine 4 line cards in a Cisco 12000 series Internet router may reload while running IP Multicast when IP prefix counter memory is exhausted. There is no workaround.
•CSCdu66206
Multicast Output interfaces (OIFs) are missing from certain groups causing multicast traffic to be affected. This condition normally occurs during startup because of the varying speeds in which the cards are turned on.
Workaround: Reload the microcode on the card that contains the missing OIFs.
Note Reloading the microcode may lead to issues that are related to caveat CSCuk22826.
•CSCdu72555
Running Sampled NetFlow to collect the traffic from a 3-port Gigabit Ethernet line card on a Cisco 12016 Internet router may only collect traffic on the first Gigabit interface. There is no workaround.
•CSCdu83386
The ip helper-address address interface configuration command does not work when it is configured on a Cisco 12000 Internet Router. There is no workaround.
•CSCdu88600
Bridged-style permanent virtual circuits (BPVCs) half-bridging commands are not implemented with the new group of ATM commands. There is no workaround.
•CSCdv10979
Shutting down and restarting a Clock Scheduler Card on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(17)S or 12.0(17)ST with the hw-module command might cause the router to appear to pause indefinitely.
•CSCdv11376
Multicast packets that are sent from an Engine 2 line card to a DPT 48 node in dense mode might not be switched for some groups. This condition occurs because of inconsistencies in the (*,G) and (S,G) tables on the Engine 2 line card. For some groups, the DPT48 node is in the (*,G) table and not in the (S,G) table. There is no workaround.
•CSCdv14967
OC-3 and SRP-12 line cards might show incorrect traffic output statistics when traffic travels through an OC-192 interface and exits through a non-OC-192 interface.
Correct traffic output statistics are displayed when the OC-3 line card is configured with Committed Access Rate (CAR).
Workaround: Configure the OC-3 line card with CAR.
Resolved Caveats—Cisco IOS Release 12.0(17)S1
Cisco IOS Release 12.0(17)S1 is a rebuild of Cisco IOS Release 12.0(17)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(17)S1. This section describes only severity 1 and 2 caveats.
•CSCds23223
A configuration that involves an ingress access control list (ACL) on one Engine 2 line card, combined with an output ACL and output Committed Access Rate (CAR) on another Engine 0, line card, may result in a line card reload when traffic is passed through the Engine 0 line card path. There is no workaround.
•CSCds33282
On a Cisco router, a Simple Network Management Protocol (SNMP) agent does not allow the packet size to be greater than 2048 bytes, even though the configurable packet size is from 484 bytes to 17,940 bytes.
Workaround: If the SNMP GET request message is used with multiple variable BINDs, the request message size can be reduced by dividing the variable BINDs into more than one GET request message. If the SNMP GET-BULK request message is used, the non-repeats and max-repetitions can be adjusted to have a reply packet size of fewer than 2048 bytes.
•CSCds78877
A Cisco 12016 series Internet router with two clock switched cards (CSCs) may display the following error messaged during a cold boot (the second CSC is installed for redundancy):
MBUS-3-BADCLK: Slot 0 does not see fabric clock from CSC_0 Card will not operate on fabric using this clock
Possible workarounds: Perform one of the following actions:
–After the error message is displayed, reload the Cisco 12016 series Internet router with a warm boot, and verify that the redundant CSC has been accepted by the system with the show controllers clock EXEC command.
–Reseat the CSC that is specified by the error message.
•CSCds86023
A PA-E3 controller installed on a Cisco 7206VRX router that is running Cisco IOS Release 12.0(13)S, 12.0(14)S, or 12.1(5) may reset itself frequently. One carrier transition is registered for each interface reset. The output of the show controllers privileged EXEC command shows that the tx_fullring value increases in proportion to the interface resets. Under this condition, a memory leak in the I/O-2 pool reloads the router. There is no workaround.
•CSCdt19638
A Cisco router may not propagate an updated Border Gateway Protocol (BGP) best path to other BGP peer routers. This condition occurs under rare circumstances.
Workaround: Enter the clear ip bgp * out EXEC command to update BGP peer routers with the current best path attributes.
•CSCdt26263
A Cisco 12000 series Internet router can, when under heavy load conditions, with several thousands of BGP routes and line rate traffic, suffer from extended traffic disruption. This condition seems more likely to occur when the router contains hundreds of MPLS Traffic Engineering tunnel heads.
Workaround: If this condition surfaces, ease up incoming traffic into the router significantly. When traffic flow is reestablished, restart full traffic flow. It might be necessary in extreme cases, to reload a linecard with the microcode reload slot command.
•CSCdt42684
An Ethernet interface on a PA-8E port adapter may enter a down state and not respond to the configuration of the no shutdown command. There is no workaround.
•CSCdt67965
Under certain circumstances, Rivest, Shamir, and Adelman (RSA) keys generated in Cisco IOS software are not recognized when a Cisco router reloads. Error messages about Secure Shell (SSH) configuration commands, which rely on RSA keys to exist may occur. When the RSA keys are not read, the SSH configuration also cannot be read. Error messages about the SSH commands are displayed on the console after boot up. This situation is caused by a bad default value in the hardware clock of the router (the value appears as 1917).
Workaround: Set the value of the hardware clock to a reasonable value using the clock set EXEC command followed by the clock update-calendar EXEC command before regenerating the RSA keys.
•CSCdt68416
Firmware needs to be reset because of a firmware directory (FW) watchdog timeout when Frame Relay is configured. There is no workaround.
•CSCdt72474
A Cisco router reloads when you add the 25th subnet mask to a variably subnetted network.
Workaround: Do not add the 25th subnet mask to a variably subnetted network.
•CSCdt78876
A Cisco 12000 series Internet router that has multiple Engine 2 line cards installed may experience a situation whereby multiple line cards may run out of memory simultaneously. Cisco Express Forwarding (CEF) becomes disabled on the affected cards after the following error message is displayed:
%SYS-4-EXMALLOCFAIL: External memory allocation of 768000 bytes failed from EXMEM 1
There is no workaround.
•CSCdt81093
Committed Access Rate (CAR) limits will not function properly when Cisco Express Forwarding (CEF) is enabled on a router. When CEF is disabled on a router, CAR limits function properly. (This configuration is not supported.) This behavior has been observed on routers that use the same interface for input and output traffic. There is no workaround.
•CSCdt85356
A Versatile Interface Processor (VIP) may reload with distributed Cisco express forwarding (dCEF) and Multiprotocol Label Switching (MPLS) configured on a tunnel interface after the following sequence of commands:
no interface tunnel
x
interface tunnel
x
microcode type
sys slotThere is no workaround.
•CSCdt89344
Under some circumstances, inserting routes into a routing table may cause memory to become fragmented.
Temporary workaround: Configure the memory free-list 65488 command.
•CSCdt92114
Inconsistent behavior has been observed on a Cisco router when Cisco Express Forwarding (CEF) is configured with routing protocols that use holddown to protect against suboptimal routing. Process switching prevents packets from being forwarded when the route is in a holddown state. However, CEF removes the forwarding information from the Forwarding Information Base (FIB) when a route enters a holddown state. This configuration causes a condition in which CEF switching black holes traffic. This condition has been observed in routers that are configured with CEF and Route Information Protocol (RIP), RIP version 2, and Interior Gateway Routing Protocol (IGRP). There is no workaround.
•CSCdu00679
A Cisco router that is running Cisco IOS Software Release 12.0(13)S2 may reload because of a bus error when receiving a Border Gateway Protocol (BGP) update with an extended as_path length. There is no workaround.
•CSCdu02632
After you log in, log out, and log in again to a secondary Gigabit Route Processor, exec-timeout 15 0 is overwritten by exec-timeout 0 0 in the running-config.
Workaround: Log in by Telnet.
•CSCdu03734
A Cisco router may fail to forward generic routing encapsulation (GRE) and Cisco Express Forwarding (CEF) Address Resolution Protocol (ARP) requests.
Workaround: Disable CEF on the tunnel interface.
•CSCdu03885
When an egress port is oversubscribed with multicast traffic, Engine 4 (E4) line cards on the egress side may assert back pressure on ingress line cards before all available buffers are used. This causes multicast packets to be dropped on the ingress line cards. This symptom does not occur when unicast traffic is present.
Workaround: Configure Weighted Random Early Detection (WRED) or use the tx-queue-limit number interface configuration command on the egress ports.
•CSCdu07609
A Cisco 12000 series router that is running Cisco IOS Software Release 12.0(16)S with a Gigabit Ethernet adapter may occasionally fail to detect remote failure on a connected router. There is no workaround.
•CSCdu08280
A Packet-over-SONET (POS) OC-192 line card may reload when the configured output rate shaping rates are changed while multicast traffic is coming in from a POS OC-48 line card. There is no workaround.
•CSCdu10933
A Cisco 7500 series router or Cisco 12000 series Internet router may experience a memory leak under any of the following Conditions:
–A Cisco router is running a Cisco IOS software release that has the fix for CSCds91198.
–A Cisco router is running Label Distribution Protocol (LDP) or Tag Distribution Protocol (TDP).
–A Cisco router has static recursive routes in the global table.
–At least one prefix has two static recursive routes back to it.
–A Cisco router that is configured to use route aggregation is using Null0.
–At some point, the prefix is resolved to go over two paths. One path is over a physical interface, and the other path is to Null0. For example, ip route x/y next hop1 ip route x/y next hop2. The route to nexthop1 points to a physical interface, and the route to next hop 2 points (at any time) to Null0.
This condition can be detected by entering the entering the following show commands:
–The show ip cef linecard command will show a large number of messages in the LowQ. The large number of messages is a possible indication.
–The show memory command can help you to isolate the personal computer (PC) that is responsible for the memory leak.
Workaround: If any of the following actions are performed, the messages will eventually drain off (releasing memory):
–The static route that causes the path to go to Null0 is removed.
–- The recursive routes are changed to nonrecursive routes. (The next hop is configured as an interface, instead of an IP address.)
–The static route that is causing the path to go over the physical interface is removed (This action should be used if it does not disrupt connectivity for real traffic.)
Workaround: Performed these actions at startup.
•CSCdu12155
The redundancy prefer slot command may not work properly on a Cisco 12012 router with dual Gigabit Route Processors (GRPs).
Workaround: The redundancy prefer slot command may operate normally when GRPs that are of the same type (GRP-B and GRP-B or GRP-E and GRP-E) are used together.
•CSCdu13460
A Cisco 12000 series Internet router with an OC-192 Engine 4 line card may run out of memory when the router receives more than 200,000 Border Gateway Protocol (BGP) and 4,000 Intermediate System-to-Intermediate System (IS-IS) routes simultaneously.There is no workaround.
•CSCdu17109
A Cisco 7204 router with a Network Processing Engine (NPE-200) and a PA-A2-4E1XC-E3ATM ATM-Circuit Emulation Services (ATM-CES) port adapter that is running Cisco IOS Software Release 12.1(5) may display the following error message:
No space for tbdP1: mp->data_block
There is no workaround.
•CSCdu17940
After loading the gsr-p-mz.120-170ST.0504 image into a Cisco 12000 series Internet router, some Frame Relay commands will be automatically loaded to OC-48 line cards. This condition can be verified by entering the show running-config command or the show startup-config EXEC command for the affected OC-48 line card.
The following output is from the show running-config command:
interface POS1/0
no ip address
no ip directed-broadcast
encapsulation frame-relay
no ip mroute-cache
crc 32
pos threshold sf-ber 4
frame-relay lmi-type ansi
The following output is from the show startup-config command:
interface POS1/0
no ip address
no ip directed-broadcast
no ip route-cache
shutdown
crc 32
Workaround: Manually remove the Frame Relay commands after loading the gsr-p-mz.120-170ST.0504 image.
•CSCdu19229
A Cisco 7200 series Internet Router that is running Cisco IOS Software Release 12.1, 12.0S or 12.2(1) with a Dual-port Fast Ethernet 100BaseTX (PA-2FE-TX) or a Cisco 7200 Input/Output Controller with 2 10/100 Auto-sensing Fast Ethernet Ports (C7200-I/O-2FE/E) may experience link flaps (link line status goes up and down) when certain protocols are running on an interface. The known triggers for the link flaps are: IP address configurations/modifications, the addition of subinterfaces, the modification of line speeds and line states (duplex/half-duplex), and other protocol-dependent configurations. There is no workaround.
•CSCdu19503
When a line card experiences a high CPU processing load, some route processor to line card messages may be lost, causing interface flaps. When the CPU spike returns to normal, the situation should stabilize by itself. There is no workaround.
•CSCdu21809
If multiple Traffic Engineering (TE) tunnels are starting from the same router "R" and ending on the different routers that are all on the shortest path from "R" to the router that advertises the multicast source S, Reverse-Path Forwarding (RPF) check will fail on "R" and all multicast traffic from source S will be dropped on "R."
Workaround: Configure the static mroute command to the native interface.
•CSCdu21894
A Cisco router that resides on a network with Intermediate System-to- Intermediate System (IS-IS) and Open Shortest Path First (OSPF) running concurrently with default administrative distances configured may reload when the clear ip route * EXEC command or the router ospf process-id global configuration command is entered and when a subnet prefix is shared by both IS-IS and OSPF.
Workaround: Change the administrative distance under the router isis [tag] global configuration command.
•CSCdu22349
A Cisco 2600 series router configured with Service Assurance Agent (SAA) may display the following error message:
%SYS-2-MALLOCFAIL: Memory allocation of -2132490248 bytes failed from 0x8064BDBC, pool Processor, alignment
The memory allocation failure error message is generated when the system is repeatedly Simple Network Management Protocol (SNMP) polled for the rttMonJitterStats table. Because of the memory allocation error, SAA (Service Assurance Agent) data may also be unreliable. There is no workaround.
•CSCdu25763
A Cisco 12000 series Internet router that is running Cisco IOS Software Release 12.0(14)ST (or later releases of Cisco IOS 12.0 ST) may reload when a labeled packet enters into a Multiprotocol Label Switched (MPLS) enabled interface and exits through interface Ethernet 0. The following traceback may be displayed:
%SYS-2-BADSHARE: Bad refcount in pool_getbuffer, ptr=6352FA44, count=FFFFFD06 -Traceback= 6016AC20 6016C928 600EBD68 6077E3C4 6077EF2C 6077F4B0 6077F63C 6019A 6E4 6019A6D0
There is no workaround.
•CSCdu26591
When an administrator repeatedly enables and disables Border Gateway Protocol (BGP) routing processes on a router with the router bgp as-number router configuration command and the no router bgp as-number router configuration command, the system may lose memory and experience memory corruption. This condition may cause the system to halt.
Workaround: After disabling a BGP routing process, save the running configuration and reload the router.
•CSCdu27111
A Cisco 12000 series Internet router that is running Cisco IOS Software Release 12.0(14)S3 with Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) configured as a mid-point may detect that there is not enough bandwidth available for Resource Reservation Protocol (RSVP) interfaces. The system has incorrectly detected the lack of bandwidth. However, the bandwidth is still unusable by the system. There is no workaround.
•CSCdu27143
The following Cisco IOS software releases (and later releases) will cause a Cisco router to reload when the copy EXEC command is entered with a nonexistent ATA sandisk specified as the destination:
–Cisco IOS Software Release 12.0(16.05)S
–Cisco IOS Software Release 12.0(16.05)ST
–Cisco IOS Software Release 12.1(6.05)E1
–Cisco IOS Software Release 12.1(6.05)EC1
–Cisco IOS Software Release 12.1(8.01)
–Cisco IOS Software Release 12.2(0.18)
–Cisco IOS Software Release 12.2(0.18)S
–Cisco IOS Software Release 12.2(0.18)T
–Cisco IOS Software Release 12.2(0.19)PI
Workaround: Do not specify a nonexistent ATA sandisk destination when entering the copy EXEC command.
•CSCdu27273
When attempting to disable Cisco Express Forwarding (CEF) with the no ip route-cache cef interface configuration command on a Gigabit Route Processor (GRP) with CEF enabled on interface Ethernet 0, the following error message may be displayed:
%Disabling CEF not supported for Ethernet0
There is no workaround.
•CSCdu27930
On a Cisco 12000 series Internet router, a 12-E3 output byte counters may be incorrect when there is an output drop (similar to using a subrate) because an average packet size is used to calculate the output drops. The counters are correct when there is no output drop, and the input counters are not affected by this condition. This condition displays two incorrect output statistics:
–The output packet count does not show the dropped packets.
–The output byte count is incorrect.
Incorrect output rates have been observed during packet size testing. The rates are calculated by polling Simple Network Management Protocol (SNMP) octets. Under normal traffic conditions, the difference is minimal. There is no workaround.
•CSCdu29450
A Cisco 12410 series Internet router or a Cisco 12406 series Internet router may not report a five volt power supply alarm. There is no workaround.
•CSCdu31631
An ingress Engine 4 line card on a Cisco 12000 series Internet router does not switch multicast packets to an egress Engine 4 line card when the output list includes an Engine 0 or Engine 1 line card. There is no workaround.
•CSCdu32097
If the startup configuration is missing on a Cisco router that is running Cisco IOS Software Release 12.0(16)S or Cisco IOS Software Release 12.0(17)S, entering the redundancy force-failover command may change the host name from "Router" to "GRP-SlotX" (X is the slot number of the affected GRP). This condition has not been observed with Cisco IOS Software Release 12.0(14)S. There is no workaround.
•CSCdu32374
Disabling Cisco Express Forwarding (CEF) inconsistency checkers with the no ip cef table command may result in CEF being disabled. To reenable CEF, globally configure the ip cef command or ip cef distributed command. There is no workaround.
•CSCdu35337
It may not be possible to configure the speed of a PA-2FE-TX on a Cisco 7500 series router that is running Cisco IOS Software Release 12.0 S or 12.0 ST. There is no workaround.
•CSCdu33529
When a router interface is administratively shut down the switch or other connecting device will still show the router as connected when it is not. This problem exists only on certain port adapters (PA-2FE-TX, PA-2FE-FX, and PA-4E).
Workaround: Physically disconnect and reconnect the cable between the devices to force both sides of the link down.
•CSCdu36136
A Spacial Reuse Protocol (SRP) port adapter may not recover gracefully from a data parity error on the PCI bus. This condition may cause the SRP port adapter to remain unstable until an online insertion and removal (OIR) or a router reload is performed.
Workaround: Perform an OIR or reload the router.
•CSCdu40609
An output Access Control List (ACL) that is configured on an Engine 2 line card will not filter traffic for ACL lines that specify a protocol other than TCP, User Data Protocol (UDP), Internet Control Message Protocol (ICMP), Internet Group Management Protocol (IGMP), or IP. There is no workaround.
•CSCdu41117
A Cisco 12000 series Internet router with an Engine 4 line card may stop forwarding traffic and reload under certain circumstances. There is no workaround.
•CSCdu43315
In a configuration in with multiple T1 through T3 interfaces, it may not be possible to query for Simple Network Management Protocol (SNMP) statistics because the snmpwalk and snmpget functions do not display data for some interfaces. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(17)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(17)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdm71776
If the slave auto-sync config global configuration command is enabled on a High System Availability (HSA) system and you enter the config-register global configuration command followed by the write memory command, the master system configuration register will be set to change on the next reboot, but the slave configuration register will not be set to change.
Workaround: Enter the slave sync config privileged EXEC command, which will update the slave configuration register for the next reboot.
•CSCdp03448
When ISDN calls are brought up on a Cisco router that has ISDN traps configured, memory leaks will occur in the Simple Network Management Protocol (SNMP) trap process. In addition, some ISDN traps will be lost because of the invalid variable bindings (varBinds) that cause the leaks.
Workaround: Remove all snmp-server enable traps [isdn] global configuration commands from the router.
•CSCdr16320
High capacity counters in the IF-MIB ifXTable display 0 for all interfaces that do not support them. There is no workaround.
Interfaces and Bridging
•CSCdt19788
A Cisco 7206VXR router with an NPE-300 Network Processing Engine, an enhanced ATM PA-OC-3 port adapter, and some ATM subinterfaces may intermittently experience a situation in which the ATM permanent virtual circuit (PVC) at one subinterface starts dropping the packets from the output queue. Cisco Express Forwarding (CEF) and fast switching are not being used in this situation. The PVC stays up and transmits the traffic originated by the Cisco 7206VXR that is not experiencing this situation.
Workaround: Re-enter the atm pvc interface configuration command on the ATM subinterfaces.
•CSCdt48514
A Cisco router may fail to execute Serial Line Address Resolution Protocol (SLARP) when a new router is connected to an existing router through a serial port adapter. There is no workaround
•CSCdt89527
After a router is reloaded, there may not be any connectivity between the serial interfaces that have channel-groups configured.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration commands to restore connectivity between the serial interfaces.
IP Routing Protocols
•CSCdt43936
When a Cisco router is redistributing Enhanced Interior Gateway Routing Protocol (EIGRP) into OSPF, and EIGRP has more than one successor, it is possible that a change in the feasible successor (EIGRP) does not generate the OSPF external link-state advertisement (LSA).
Workaround: Enter the clear ip ospf redistribution EXEC command.
•CSCdt48480
A filter list may deny a path incorrectly.
Workaround: Restart the Border Gateway Protocol (BGP) process.
•CSCdt59583
When multicast video traffic is coming in through the Frame Relay interface on the router and going out of the ATM LANE interface at approximately 600 kbps, the router may reload after approximately 18 hours because of no memory. This situation has been observed where there is no ATM address configured on the interface. The incomplete configuration causes a memory leak.
Workaround: Remove IP PIM configurations under the ATM LANE interface.
•CSCdt66933
OSPF summary redistribution may not function properly. After the clear ip ospf redistribution EXEC command and the show ip ospf database external EXEC command have been entered, the link-state age reaches "MAXAGE" and does not come up again. This condition has been observed only when the router is configured with the summary-address number command under OSPF and is also configured to have a static route that matches the same summary address. There is no workaround.
•CSCdt90054
A Cisco 7500/RSP series router that is running Cisco IOS Release 12.0(15)S1 and that has a Versatile Interface Processor 2-50 (VIP2-50) and an ATM-PA-A3 port adapter might display the following error message on the Route Switch Processor (RSP) console if the VIP is running at 99 percent utilization:
%ATM-3-FAILCREATEVC: ATM failed to create VC(VCD=23, VPI=0, VCI=96) on Interface ATM4/1/0, (Cause of the failure: Failed to have the driver to accept the VC)
Possible Workarounds:
–Disable distributed Cisco Express Forwarding (dCEF).
–Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the ATM interface.
•CSCdu12698
A router that has the ip multicast boundary access-list-number interface configuration command configured on an interface may reload when the access list is defined. There is no workaround.
ISO CLNS
•CSCdt97590
If a Layer 2-only interface goes down on a Cisco router that is running the Intermediate System-to-Intermediate System (IS-IS) protocol, and if that router is using route leaking to redistribute the network on that interface into Layer 1, the network might not be removed from the Layer 1 link-state packet (LSP) on that router.
Workaround: Enter the clear ip route {*} EXEC command. The LSP should be properly regenerated.
Miscellaneous
•CSCdr46528
A Cisco 12000 series Internet router with a significant number of packets that are destined for a "Null0" route may experience poor forwarding performance. This is not a common configuration. There is no workaround.
•CSCds05414
On a Cisco 7513 router, packet drops have occurred on all PRI interfaces that are PA-MC-4C T1 interfaces. The rate of the drop is one packet for every two packets. There is no workaround.
•CSCds15443
When a Cisco router acts as a tag switching edge router, the router will sometimes stop running Tag Distribution Protocol (TDP) after a reboot.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command. If this action does not resolve the issue, then reboot the router again.
•CSCds22213
A Cisco 12000 series router with a Gigabit Ethernet/Fast Ethernet output interface may experience a tag fragmentation problem if the maximum transmission unit (MTU) size on the input interface is larger than the MTU on the output interface. This problem does not occur when the MTU sizes are the same on both the input and the output interfaces. There is no workaround.
•CSCds35017
A Cisco 12000 series Internet router might reload when a map list entry that was just configured is reconfigured. There is no workaround.
•CSCds56409
When packets are forwarded over a generic routing encapsulation (GRE) tunnel with Cisco Express Forwarding (CEF) and NetFlow enabled, NetFlow egress records are not created. This situation does not match fast switching behavior. There is no workaround.
•CSCds71124
When a Cisco router has IP tunnels configured, it is possible for a series of the tunnels to form a loop as follows:
This situation will cause an infinite stack recursion when a packet gets switched because of the recursive route lookups. Eventually this situation will cause the stack to overflow and the router to reload.
Workaround: Configure static routes for the tunnel destinations.
•CSCdt01089
The following error message may be displayed during a Route Processor (RP) failover:
SEC 1:00:25:34: %IPCGRP-3-SEATERR: Can not find card by seat id (131178)
-Traceback= 601BCB0C 60299460 6017562C 60175618 00:25:34:
%IPCGRP-3-SEATERR: Can not find card by seat id (5)
-Traceback= 601BCB0C 60299460 601756.There is no workaround.
•CSCdt01239
Under certain conditions, a Cisco 12000 series Internet router may experience the following line card error messages:
FIB-4-FIBXDRINV: Invalid format. NDB has bogus routecount FIB-4-FIBXDRINV: Invalid format. RDB length wrong
The following factors make the problem occur more frequently:
–IP fragmentation.
–Output Committed Access Rate (CAR).
–Frequent routing flaps.
There is no workaround.
•CSCdt01950
A Cisco 12008 router may display the following error message:
00:04:54.619 JST: %SYS-2-LINKED: Bad enqueue of 61BA5BA0 in queue 623E1F04 -Process= "MBUS System", ipl= 6, pid= 8 -Traceback= 6019C628 6019A368 601EB8A0 601FB178 6021CA5C 60186414 60186400 022121: Dec 7 00:04:54.635 JST: %SYS-2-LINKED: Bad enqueue of 61BA5BA0 in queue 623E1F04 -Process= "MBUS System", ipl= 6, pid= 8 -Traceback= 6019C628 6019A368 601EB8A0 601FB178 6021CA5C 60186414 60186400
There is no workaround.
•CSCdt05020
A Versatile Interface Processor 2-50 (VIP2-50) with two PA-2CT1/PRI channelized port adapters may reload when the rsp-a3jsv-mz.122-0.2 image is loaded. There is no workaround.
•CSCdt08679
Changing the policy map configuration during high traffic may cause an "output stuck" error. In this situation, the Versatile Interface Processor (VIP) may stop forwarding packets until it is reset automatically. This condition is specific to Frame Relay configurations in which there are permanent virtual connections (PVCs) that are shaped using distributed Traffic Shaping (dTS), and it has been observed when all the PVCs are congested and a change is made to the policy map.
Possible workaround: Shut down the physical interface before changing the policy map, and then reenable the interface.
•CSCdt09061
When multicast is configured on a Cisco 12000 series Internet router Gigabit Ethernet (GE) line card, the following error message might be displayed:
%LC-3-BMACMDRPLY:Problem in BMA reply to command type 128 FrFab BMA sequence no=18
There is no workaround.
•CSCdt27923
Reloading a Cisco 12000 series Internet router after a Cisco IOS software upgrade may cause some line cards to not boot correctly when the upgrade all slot slot-number command is entered, and "MBus agent downloading" errors are received. There is no workaround.
•CSCdt28356
Forced drops on the egress interface of an oversubscribed OC-192 or Quad OC-48 line card may not be counted as drops, and forced drops on an oversubscribed tofaq queue on an OC-192 or Quad OC-48 line card may not be counted as ignored. There is no workaround.
•CSCdt32871
A router that is configured for Layer 2 Tunneling Protocol (L2TP) may experience an excessive level of CPU utilization. There is no workaround.
•CSCdt34404
A Cisco 12000 series Internet router that is running policy-based routing may experience spurious interrupts. Policy-based routing may also cause the line card to reload.
Workaround: Remove policy-based routing from all interfaces.
•CSCdt36867
An OC-192 or Quad OC-48 line card may reload if an error interrupt is received from custom application-specific integrated circuits (ASICs). There is no workaround.
•CSCdt42256
A Cisco router that is running Distributed Multilink PPP (DML-PPP) may experience approximately 13 percent packet drops with Internet Mix (IMIX) traffic when traffic is moving at the line rate. There is no workaround.
•CSCdt45094
A Cisco Gigabit Route Processor (GRP) may reload in a loop after failover because of memory corruption. This situation occurs when there are two GRPs. There is no workaround.
•CSCdt45363
In a Multiprotocol Label Switching (MPLS) environment, Engine 2 performance Packet-over-SONET (POS) line cards for the Cisco 12000 series Internet router may not accurately update a Command Line Interface (CLI) change in the maximum transmission unit (MTU). This condition may result in fragmentation test failures.
Workaround: Perform a microcode reload on the line card.
•CSCdt47217
A Cisco 12012 Internet router that is running Cisco IOS Release 12.0(7.3)S and has an OC-48/STM 16 line card may experience a situation where signal degrade (SD) alarms on the working and/or protect APS interfaces never clear. In this situation, traffic is switched to the other interface of the APS pair, and line protocol remains down on the interface showing the SD alarm. This is a very rare error.
Workarounds:
1. Deconfigure APS from the interface showing the false SD.
2. Shut down the protect interface
Note Under the first two workarounds, no APS protection will be available
3. Reboot the router containing the interface showing the false SD.
4. Pull and replace the fiber from the interface showing the false SD.
•CSCdt51427
When a 3-Port Gigabit Ethernet line card on a Cisco 12000 series Internet router is configured for Hot Standby Router Protocol (HSRP) and the Internet router takes over as the active router, the HSRP address may not be pingable but the interface address will be pingable.
Workaround: Enter the standby group-number use bia command.
•CSCdt51748
A Packet-over-SONET (POS) interface in a Cisco 12000 router may experience B3 alarms but will remain in a link-up state even when path triggers are enabled. There is no workaround.
•CSCdt51864
OC-192 Packet-over-SONET (POS) and Quad OC-48 POS line cards can only support 200,000 Border Gateway Protocol (BGP) routes, 4,000 Interior Gateway Protocol (IGP) routes (such as Intermediate System-to-Intermediate System [IS-IS]), and a maximum of 2,000 adjacencies. There is no workaround.
•CSCdt53611
A Cisco 12000 series router may toggle repeatedly between Redundant and non Redundant modes when there is a faulty clock switch card (CSC) in the fabric clock. There is no workaround.
•CSCdt56314
A Cisco 12000 series router with Engine 2 line cards may exhibit high line card CPU utilization for the Cisco Express Forwarding (CEF) CEF Interprocess Communication (IPC) Background process when there is a large number of load sharing entities on the Cisco Express Forwarding (CEF) table. The process CEF IPC Background may run continuously attempting to drain the large queue created.
Workaround: Disable the Border Gateway Protocol (BGP) multipath and the Interior Gateway Protocol (IGP) multipath.
•CSCdt56915
A Cisco 3620 router that is running Cisco IOS Release 12.1(5.3)T may reload because of a bus error after it runs out of memory because of a memory leak that occurs when it is accessing the following MIB counters:
–cbQosMarkingFeature
–cbQosPolicyMapName
–cbQosPolicyMapDesc
–cbQosCMName
–cbQosCMDesc
–cbQosMatchStmtName
There is no workaround.
•CSCdt58055
A 3 Gigabit Ethernet line card on a Cisco 12000 series router that is running Cisco IOS Release 12.0(15)S1 may experience a loss of connectivity. The interfaces will remain in an up/up state. Packets continue to be received and the counters continue to be incremented even though they are not processed.
The following messages are displayed when the line card is inserted:
%GENERAL-3-EREVENT1: PSA pipeline stuck, status 0x812490 -Traceback= ... %LC-3-PSAERRS: PSA PSA_CPU_IF_INT error 100
%LC-3-PSAERR: PSA error: if_err 100 adr FC00002C cmd 5 data 0 pipe 0,fs 0,prep 0 (pc D5),pop 0 (pc 1E8),plu 0,tlu 0,plu sdram 0 adr 0 synd 0 check 3400,tlu sdram 0 adr 0 synd 0 check B700,ssdram 0 adr 0,gather 0,pl 2812490,plmuxcnts 66,pludsr 0
%GSR-3-INTPROC: Process Traceback= ... SLOT 3:Feb 27 18:01:32.662:
%LC-3-BMAERRS: ToFab BMA BMA error status error 1 SLOT 3:Feb 27 18:01:32.662: %LC-3-BMAERRS: ToFab BMA PLIM error 2000
Primary Workaround: Enter the no access-list hardware command followed by the access-list hardware psa command. After these two commands are entered, the Engine 2 line cards will reload. You can rely on this workaround if you do not encounter any packet loss after the entering the first command. Use the second workaround instead if you encounter any packet loss after entering the first command.
Secondary Workaround: Run Cisco IOS Release 12.0(14)S.
•CSCdt59721
A Cisco 7513 router may fail to recognize more than 13 Inverse Multiplexing over ATM (IMA) port adapters (IMA-PAs). This problem occurs when attempts are made to install a fourteenth IMA-PA on the router. There is no workaround.
•CSCdt61322
When multiple multilink Point to Point Protocol (PPP) bundles are configured with Class-Based Weighted Fair Queueing (CBWFQ), all PPP bundles except for the first one, are dropped. This symptom occurs even when light to moderate loads are handled. There is no workaround.
•CSCdt62624
A Cisco 7500 series router that is running Cisco IOS Release 12.0(14)S1 with a BLIZZARD channelized T3 port adapter card (CT3) may stop forwarding traffic on individual T1 channels. This symptom is only seen when the T1 channel is connected to an Fast Serial Interface Processor (FSIP) adapter. There is no workaround.
•CSCdt64782
After the power-on sequence on a Cisco 12012 series Internet router, alarms may be seen on the power supply unit (PSU) and blower units, and Critical, Major, and Minor LEDs may be seen on the alarm card. These conditions typically clear between 30 seconds and 5 minutes after the Route Processor (RP) has completed booting. Normal operation continues after the alarms have been cleared. This situation has not been seen on Cisco 12008 or 12016 Internet routers. There is no workaround.
•CSCdt65101
On a Cisco 12000 series Internet router, when both the pos scramble-atm interface configuration command and the pos flag c2 207 interface configuration command are configured on a Packet-over-SONET (POS) interface, the pos flag c2 207 command does not appear in the configuration. The pos c2 flag reverts to 22 (0xCF) when the router is reloaded. There is no workaround.
•CSCdt70225
When OC-192 or Quad OC-48 line cards are connected back-to-back, Frame Relay subinterface encapsulation does not function properly with Intermediate System-to-Intermediate System (IS-IS). IS-IS cannot exchange routes across the link. This situation does not occur with OSPF. There is no workaround.
•CSCdt70242
Engine 2 and Engine 4 line cards that are configured with multiple interfaces running multicast may experience performance problems.
Workaround: Remove output Access Control Lists (ACLs) on interfaces which have multicast enabled.
•CSCdt70875
On a Cisco 12000 series Internet router, an Engine 2 OC-48 line card may reload with the following error message:
%LCPOS-3-SOP: RX:UnexpectedEop. Source=0x20 (Framer), halt_minor0=0x40
There is no workaround.
•CSCdt70960
A Cisco 7206 VXR router that is equipped with a Cisco 7200 Input/Output Controller with two Fast Ethernet Ports (C7200-I/O-2FE/E) or one Gigabit Ethernet and one Ethernet Port (C7200-I/O-GE+E) or a 2-Port Fast Ethernet Port Adapter (PA-2FE-TX, PA-2FE-FX) may experience traffic shaping problems with Fast Ethernet Ports.
Workaround: Check to make sure that the Committed Access Rate (CAR) is sufficient.
•CSCdt71222
Applying a committed access rate (CAR) rule to a Quad OC-48 Packet-over-SONET (POS) interface may cause the rate-limit counters to increment without sending traffic.
Workaround: Clear the counters after configuring the CAR rules. Note, however, that this action also clears previous rate-limit statistics.
•CSCdt76725
A router may stop forwarding traffic larger than the configured maximum transmission unit (MTU) size after the MTU size for the OC-12c Dynamic Packet Transport Port Adapter is altered. There is no workaround.
•CSCdt77617
On a Cisco 12000 series Internet router with a 6-port channelized T3 (6CT3-SMB) line card, a new channel group may assume the tx-cos configuration left behind by a previously configured channel group when the channel group that was previously configured with the tx-cos name interface configuration command is deleted and another channel group is created.
Workaround: Be sure to check the running configuration after an interface is added and remove the tx-cos assignment by entering the no tx-cos cos-queue-group name interface configuration command.
•CSCdt77864
A Cisco 12000 series router that has a 6-port channelized T3 (6CT3-SMB) line card interface may experience a memory leak when the user attempts to install and uninstall a transmit buffer memory (Frfab) Weighted Random Early Detection (WRED) on the interface. There is no workaround.
•CSCdt80914
Entering the show ip cef exact-route command at the head-end of a Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel may cause the Route Processor (RP) in a Cisco 12000 series Internet router or a Cisco 7500/RSP series router to reload. This situation occurs when the destination prefix is recursive, and the router is load sharing to the next hop. There is no workaround.
•CSCdt84938
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S, the 2x32-bit Simple Network Management Protocol (SNMP) counters on the main interface may not function properly. The same counters for the subinterface are not affected. There is no workaround.
•CSCdt85730
When Multiprotocol Label Switching (MPLS) is configured on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S2 and the router is performing label imposition for flowing from an Engine 4 line card to an Engine 1 line card, the Engine 1 line card may reload. There is no workaround.
•CSCdt87752
When the CPU is busy and has no resources to process an Open Shortest Path First (OSPF) protocol message, the OSPF neighborhood may collapse. There is no workaround.
•CSCdt88568
A Versatile Interface Processor (VIP) may reload when a service policy is attached to an interface while traffic is flowing through the interface.
Workaround: Stop all background traffic before attempting to update the service policy.
•CSCdt90006
On a Cisco 7500/RSP series router that is running Cisco IOS Release 12.0(S), deleting a subinterface of a Channelized STM-1 PA removes all the subinterfaces.
Workaround: Shut down subinterfaces instead of deleting them.
•CSCdt90083
When installing Engine 0-, Engine 1-, Engine 2-, or Engine 4-based line cards in a Cisco 12416 Internet router, ensure that the router is cold-booted. If the router is active when the line card is inserted, the line card will fail to boot correctly. If the router has been booted with the line card already installed, a successful online insertion and removal (OIR) can be performed, but if the line card is removed and reinserted into a different slot, the line card fails to complete the boot sequence and will constantly cycle through attempts to load and being reset.
This situation does not occur with Cisco 12008, 12012, or 12016 Internet routers.
Workaround: Reboot the router once the line card has been installed.
•CSCdt90736
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S2 may display error messages after an online insertion and removal (OIR) of a 16xOC-192 Clock and Calendar Schedule Card (CSC) or after the hw-module {slot number} shutdown command is entered on the 16xOC-192 CSC. There is no workaround.
•CSCdt91433
A Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) Provider Edge (PE) router may reload under the following circumstances:
–MPLS IP is globally enabled on the router.
–There are multiple static routes to a prefix in the default routing table.
–At least one of the static routes is recursive.
–At least one of the static routes is nonrecursive.
–The static recursive route resolves to go over a non-point-to-point link (for example, Ethernet).
The reload typically shows a traceback similar to the following:
0x6060A8A0:idb_get_swsb(0x6060a86c)+0x34 0x60FCF53C:tagsw_get_tag_dist_method(0x60fcf4a0)+0x9c 0x60FF055C:tfib_request_outgoing_tag(0x60ff0480)+0xdc 0x60FF06A8:tfib_request_outgoing_recursive_tags(0x60ff061c)+0x8c 0x60FF3214:tfib_resolve_recursive(0x60ff30e8)+0x12c 0x60FF5710:tfib_resolve_tag_rewrite(0x60ff5590)+0x180 0x60F4AF58:path_resolved(0x60f4aa90)+0x4c8 0x60F4B84C:ip_fib_resolve_path(0x60f4b244)+0x608 0x60F4BA20:ip_fib_force_resolve_path(0x60f4b94c)+0xd4 0x60FF4940:tfib_route_tag_change(0x60ff44ec)+0x454 0x60FF07C8:tfib_setup_route_tag_change(0x60ff06d4)+0xf4 0x60FCBE34:tib_find_route_tags(0x60fcbc4c)+0x1e8 0x60FF05EC:tfib_request_outgoing_tag(0x60ff0480)+0x16c 0x60FF06A8:tfib_request_outgoing_recursive_tags(0x60ff061c)+0x8c 0x60FF3214:tfib_resolve_recursive(0x60ff30e8)+0x12c 0x60FF5710:tfib_resolve_tag_rewrite(0x60ff5590)+0x180
Workaround: Changing any of the circumstances listed will prevent this situation from occurring. It is recommended that this change be implemented in the startup configuration rather than waiting for the router to come up and then implementing the change.
•CSCdt92236
When the logging source-interface command is copied from a Cisco IOS Release 12.2(0.16)T+ image and used to boot a 12.1 or 12.2(0.11)T image, the router may reload continuously. The 12.2(0.16)T+ image boots without any problems when it is used alone. There is no workaround.
•CSCdt92270
Committed access rate (CAR) may fail to function properly with multicast packets on a Cisco 7200 series router. This symptom does not affect unicast packets. There is no workaround.
•CSCdt92307
When a channel group is configured with 8, 11, 13, 14, 15, 19, 23, and 27 time slots, the corresponding interface experiences line protocol flapping. Other combinations do not cause this situation. There is no workaround.
•CSCdu00753
In situations in which a secondary Gigabit Route Processor (GRP) has a faulty connection to the fabric, it is possible that configuration synchronization may not occur or that the configuration stamp may not be updated without an obvious error message. The faulty connection is usually detected through other indicators, such as a failure to get multiple acknowledgements for a configuration write or IPC timeout when accessing the secondary BOOTVAR. There is no workaround.
•CSCdu01110
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16.5)ST cannot be pinged through local OC-48 or OC-192 Packet-over-SONET (POS) interface addresses and a loopback address that is located more than one hop away. There is no workaround.
•CSCdu01147
When a Traffic Engineering (TE) tunnel is brought up on a Cisco router that is running Cisco IOS Release 12.0(16.6)S while IP traffic is switching, "PICANTE" errors are triggered, and all the traffic on that line card stops for a time. There is no workaround.
•CSCdu03539
When an output link is oversubscribed with lower priority traffic, the Low latency queueing (LLQ) traffic over the link may be subjected to a larger amount of latency than usual (3-4 milliseconds).
Workaround: Avoid enabling the tx-cos name interface configuration command and oversubscribing the link.
•CSCdu04427
A Cisco 12000 series router with an enabled Ethernet interface on the route processor may not boot up properly when running Cisco IOS Release 12.0(16.6)S.
Workaround: Boot the router through the Ethernet 0 interface, and shut down the Ethernet 0 interface immediately after the router has completely booted up.
•CSCdu06736
Incorrect parameters may be displayed when the show controllers tofab car rule # command is entered. The conform rate shown in the command output may not be exactly equal to the conform rate that a user specifies with the rate-limit {input | output} [access-group [rate-limit] acl-index] bps burst-normal burst-max conform-action action exceed-action action interface configuration command. There is no workaround.
•CSCdu06930
A Cisco 7500 series router that is running Cisco IOS Release 12.0(16)S with distributed Multilink PPP (MLPPP) enabled may experience bounced traffic if the amount of traffic that is sent through the multilink interface is double the capacity of the interface. There is no workaround.
•CSCdu07732
When a Packet-over-SONET (POS) line card is reinserted after it is replaced by another POS card, snmpwalk works on the ifTable for all interfaces but snmpget may fail on some POS interfaces. There is no workaround.
•CSCdu09160
A Cisco 12000 series router that has Engine 4 line cards may not support ingress or receive Weighted Random Early Detection (WRED) for both multicast and unicast traffic. There is no workaround.
•CSCdu10912
When an online insertion and removal (OIR) is performed on a primary clock switched card (CSC) fabric card after the hw-module slot_number shut command is entered, faulty OIR messages may be displayed. There is no workaround.
•CSCdu11279
A Cisco 7500 series router with a Multichannel T3 Port Adapter (PA-MC-2T3+) may report cyclic redundancy check (CRC) errors when it is configured with a CRC-32.
Workaround: Use the port adapter with CRC-16 instead.
•CSCdu11691
A Cisco 12000 series router with a single Route Processor (RP) that is running Cisco IOS Release 12.0(16)S or 12.0(16)S1 does not permit simultaneous configurations from multiple Telnet sessions. Only a single Telnet session is allowed to enter the configuration mode at any one time. This symptom does not occur on routers with dual route processors.
Workaround: Add an additional RP onto the system to permit simultaneous configurations from multiple Telnet sessions. The additional RP can be removed after it has booted as a secondary RP.
•CSCuk22093
The type of service (ToS) byte of an IP packet is not preserved when it enters an IP tunnel in Cisco IOS Release 12.0S. This symptom affects packets that are fast-switched or process switched.
Workaround: Enable Cisco Express Forwarding (CEF).
•CSCuk23290
The output of the show ip cef inconsistency record command may not include expected event log entries for the recorded inconsistency occurrences. There is no workaround.
•CSCuk23524
A Cisco 12000 series router may experience some missing prefixes in the Cisco Express Forwarding (CEF) tables on some line cards after the router is reloaded or when an online insertion and removal (OIR) is performed on a line card.
Workaround: Enter the clear cef linecard command on each slot after a reload or OIR to ensure that the CEF table is correctly downloaded.
Wide-Area Networking
•CSCdt12187
When the no tx-ring-limit ring-limit configuration command is entered, the ring-limit value associated with the command may fail to revert back to its default value. There is no workaround.
•CSCuk22151
It may not be possible to set the Maximum Transmission Unit (MTU) value on serial interfaces that are installed on a Cisco 7200 and a 7500 series router. There is no workaround.
•CSCuk23524
A few prefixes may be missing from the Cisco Express Forwarding (CEF) tables on some line cards after a Cisco 12000 series router is rebooted.
Workaround: Enter the clear cef linecard command to each slot after a reboot or online insertion and removal (OIR) to ensure that the CEF table is correctly downloaded.
Resolved Caveats—Cisco IOS Release 12.0(16)S10
Cisco IOS Release 12.0(16)S10 is a rebuild release for Cisco IOS Release 12.0(16)S. The caveats in this section are resolved in Cisco IOS Release 12.0(16)S10 but may be open in previous Cisco IOS releases.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Resolved Caveats—Cisco IOS Release 12.0(16)S9
Cisco IOS Release 12.0(16)S9 is a rebuild release for Cisco IOS Release 12.0(16)S. The caveats in this section are resolved in Cisco IOS Release 12.0(16)S9 but may be open in previous Cisco IOS releases.
The following information is provided for each caveat:
Symptoms—A description of what is observed when the caveat occurs.
Conditions—The conditions under which the caveat has been known to occur.
Workaround—Solutions, if available, to counteract the caveat.
•CSCdt72474
Symptoms A software-forced reload may occur on a router.
Conditions This symptom is observed on a Cisco router when it receives and installs routes that have 25 different subnet masks within the same network into the routing table. The different masks within a network can be displayed by entering the show ip route EXEC command.
Workaround Filter routes that have subnet masks of 31 or 32 by using a prefix list to prevent those routes from being added to the routing table by limiting the number of possible distinct subnet masks to 24.
•CSCdt92236
Symptoms A router may reload continuously.
Conditions This symptom is observed on a Cisco router when it is booted up with Cisco IOS Release 12.1 or Release 12.2(0.11)T and the logging source-interface global configuration command is copied from Cisco IOS Release 12.2(0.16)T or a later release.
Workaround There is no workaround.
•CSCdw41164
Symptoms A Versatile Interface Processor (VIP) may reload because of an error at the ct3sw_check_tx process.
Conditions This symptom is observed on a Cisco 7000 series VIP that is running Cisco IOS Release 12.0(16)S4.
Workaround There is no workaround.
•CSCdx49370
Symptoms When weighted fair queueing (WFQ) is configured on a serial interface, a link may start flapping.
Conditions This symptom is observed on a Cisco 7500 series router.
Workaround Perform a microcode reload.
Resolved Caveats—Cisco IOS Release 12.0(16)S8
Cisco IOS Release 12.0(16)S8 is a rebuild of Cisco IOS Release 12.0(16)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(16)S8. This section describes only severity 1 and 2 caveats.
•CSCdu05173
A Cisco 7500 series router may use invalid Cisco Express Forwarding (CEF) entries on Versatile Interface Processors (VIPs) to switch traffic when distributed Cisco Express Forwarding (dCEF) is disabled. The CEF entry on the Route Switch Processor (RSP) is valid while the entry on the VIP is invalid.
Workaround: Reboot the VIP and use the clear cef line slot command to clear the lines for each VIP until all the VIPs become visibly synchronized in the output when the show cef linecard command is entered.
•CSCdv34579
Under heavy traffic conditions, a Versatile Interface Processor (VIP), Gigabit Ethernet Interface Processor (GEIP), GEIP+, or Packet OC-3 Interface Processor (POSIP) that is installed in a Cisco 7500 series router may reload. The VIP reload information contains the following error message:
%DMA-1-DRQ_STALLED: DRQ stalled. Dumping DRQ.
There is no workaround.
•CSCdw17012
On a Cisco 12000 series Internet router that is configured with an Engine 4 line card that has 256 MB of CPU memory, the show processes memory command may show more than 4 GB of used memory. When the counter reaches 4.2 GB, it may reset to 0, which causes the line card to think it has run out of memory and to disable Cisco Express Forwarding (CEF). Issuing the clear cef linecard [slot-number] command will bring the line card back up. There is no workaround for the memory problem or to prevent the counter from resetting to 0.
•CSCdw47388
If you configure an output access control list (ACL) with 448 lines on a Cisco 12000 series Internet router, and the ingress line card for the traffic that needs to be filtered is an 8-port or 16-port OC-3 Packet-over-SONET (POS) line card, the output ACL will not filter traffic.
Workaround: Do not configure an ACL with more than 128 lines on any interface of a Cisco 12000 series Internet router that is configured with an 8-port or 16-port OC-3 POS line card.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(16)S3
Cisco IOS Release 12.0(16)S2 is a rebuild of Cisco IOS Release 12.0(16)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(16)S3. This section describes only severity 1 and 2 caveats.
•CSCdj70854
In some Hot Standby Router Protocol (HSRP) over Token Ring environments (specifically Source-Route Bridging environments), unwanted events may occur when functional addresses are used. In this situation, every packet sent to a functional address is treated as an all-routes explorer packet, which can congest the network.
Workaround: Use the HSRP command use-bia. In previous releases, this command limited the number of HSRP groups that could be configured to one, which is a limitation in larger Token Ring environments. In Cisco IOS Release 12.0(16)S3 and later releases, the use-bia command allows multiple HSRP (MHSRP) groups to be configured when the use-bia command is configured. There are, however, the following disadvantages to using the use-bia command.
–When a router becomes active, the virtual IP address is moved to a different MAC address. the newly active router sends a gratuitous Address Resolution Protocol (ARP) response, but not all host implementations handle the gratuitous ARP correction.
–Proxy ARP breaks when use-bia is configured. A standby router cannot cover for the lost proxy ARP database of a failed router.
•CSCdr94333
Hot Standby Router Protocol (HSRP) does not work with distributed Cisco Express Forwarding (CEF). There is a 50 percent ping rate for the HSRP virtual IP address, and the following message occurs on the versatile interface processor (VIP) when you enter the ip cef distributed global configuration command:
VIP-Slot1# 20:45:17: %FIB-4-FIBXDRINV: Invalid format. virtual prefix with invalid if_number
Workaround: Upgrade to Cisco IOS Release 12.1(4) or Release 12.1(4)T.
•CSCdt89344
Under some circumstances, inserting routes into a routing table may cause memory to become fragmented.
Temporary workaround: Configure the memory free-list 65488 command.
•CSCdt93586
The Open Shortest Path First (OSPF) database may not create the necessary entries to resubmit an OSPF interarea route.
Workaround: Clear the OSPF process.
•CSCdu08332
On a Cisco 12008 Internet router with dual Gigabit Route Processors (GRPs), both GRPs may contend for primary status, which results in the router entering a reboot cycle.
Workaround: Remove one of the GRPs. Once the GRP that is still inserted comes up as primary, the second GRP can be reinserted and will come up as secondary.
•CSCdu10933
A Cisco 7500 series router or Cisco 12000 series Internet router may experience a memory leak under any of the following conditions:
–A Cisco router is running a Cisco IOS software release that has the fix for CSCds91198.
–A Cisco router is running Label Distribution Protocol (LDP) or Tag Distribution Protocol (TDP).
–A Cisco router has static recursive routes in the global table.
–At least one prefix has two static recursive routes back to it.
–A Cisco router that is configured to use route aggregation is using Null0.
–At some point, the prefix is resolved to go over two paths. One path is over a physical interface, and the other path is to Null0. For example, ip route x/y next hop1 ip route x/y next hop2. The route to nexthop1 points to a physical interface, and the route to next hop 2 points (at any time) to Null0.
This condition can be detected by entering the entering the following show commands:
–The show ip cef linecard command will show a large number of messages in the LowQ. The large number of messages is a possible indication.
–The show memory command can help you to isolate the personal computer (PC) that is responsible for the memory leak.
Workaround: If any of the following actions are performed, the messages will eventually drain off (releasing memory):
–The static route that causes the path to go to Null0 is removed.
–The recursive routes are changed to nonrecursive routes. (The next hop is configured as an interface, instead of an IP address.)
–The static route that is causing the path to go over the physical interface is removed (This action should be used if it does not disrupt connectivity for real traffic.)
Workaround: Performed these actions at startup.
•CSCdu26757
A single-port Gigabit Ethernet line card may fail with Unicast timeouts. This situation occurs only if bad IP packets are received by the last hop of a Multiprotocol Label Switching (MPLS)-enabled network (for example, when the last tag is popped and the packet is sent out as an IP packet). There is no workaround.
•CSCdu27111
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(14)S3 with Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) configured as a midpoint may detect that not enough bandwidth is available for Resource Reservation Protocol (RSVP) interfaces. The system has incorrectly detected the lack of bandwidth. However, the bandwidth is still unusable by the system. There is no workaround.
•CSCdu41117
A Cisco 12000 series Internet router with an Engine 4 line card may stop forwarding traffic and reload under certain circumstances. There is no workaround.
•CSCdu54878
On Engine 2 line cards on a Cisco 12000 series Internet router, when two PSA access control lists (ACLs) are configured and then removed, the correct feature microcode may not be loaded.
Workaround: Perform a microcode reload on the line card.
•CSCdu60861
Engine 4 line cards in a Cisco 12000 series Internet router may reload while running IP Multicast when IP prefix counter memory is exhausted. There is no workaround.
•CSCdu72336
Multicast Distributed Fast Switching (MDFS) for IP Multicast on a Cisco 12000 series Internet router may fail to add a particular interface to the OIF list of certain multicast static routes (mroutes) on a linecard. If that linecard is the Reverse Path Forwarding (RPF) interface for that mroute, this situation will result in forwarding to that OIF interface to fail.
Diagnosis: If a Cisco 12000 Internet router is not correctly forwarding IP multicast traffic out a particular interface but the output of the show ip mroute EXEC command shows that interface in the OIF list of that route, verify that the interface also shows up in the OIF list on the linecard that has the incoming interface of the route. Enter the attach slot-number privileged EXEC command, where slot-number is the number of the line card and then enter the show ip mds forwarding EXEC command to determine the actual MDFS forwarding state of the mroute. If the outgoing interface in question does not show "ip" in this output then this caveat applies.
Workaround: Disable MDFS on the incoming interface by configuring no ip mroute-cache on the interface. Do not try to use this workaround if more than a very low amount of multicast traffic is arriving on that interface or else you will compromise the stability of the router because the workaround will make the packets switched through the Gigabit Route Processor instead of the switching fabric.
•CSCdu72555
Running Sampled NetFlow to collect the traffic from a 3-port Gigabit Ethernet line card on a Cisco 12016 Internet router may only collect traffic on the first Gigabit interface. There is no workaround.
•CSCdu79744
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S2, QOC-48 Packet-over-SONET (POS) line cards may fail to forward traffic. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(16)S2
Cisco IOS Release 12.0(16)S2 is a rebuild of Cisco IOS Release 12.0(16)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(16)S2. This section describes only severity 1 and 2 caveats.
•CSCds33282
On a Cisco router, a Simple Network Management Protocol (SNMP) agent does not allow the packet size to be greater than 2048 bytes, even though the configurable packet size is from 484 bytes to 17940 bytes.
Workaround: If the SNMP GET request message is used with multiple variable BINDs, the request message size can be reduced by dividing the variable BINDs in to more than one GET request message. If the SNMP GET-BULK request message is used, the non-repeats and max-repetitions can be adjusted to have a reply packet size of less than 2048 bytes.
•CSCdt19638
A Cisco router may not propagate an updated Border Gateway Protocol (BGP) best path to other BGP peer routers. This condition occurs under rare circumstances. There is no workaround.
•CSCdt34404
A Cisco 12000 series Internet router that is running policy-based routing may experience spurious interrupts. Policy-based routing may also cause the line card to reload.
Workaround: Remove policy-based routing from all interfaces.
•CSCdt48480
A filter list configured under Border Gateway Protocol (BGP) may incorrectly deny a path.
Workaround: Restart the BGP process.
•CSCdt54847
The Cisco Express Forwarding (CEF) table for a Cisco 12000 series Internet router line card might not synchronize with the Gigabit Route Processor (GRP) on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(13)S2.
This situation has been observed when a Packet-over-SONET (POS) line card did not have a /32 receive adjacency for a Gigabit Ethernet module on the same Cisco 12000 series Internet router. The output of the show cef interface gigabit 9/0 command revealed that IP processing was disabled on gigabit interface 9/0 and that there were no /32 receive entries for the addresses assigned to that interface (primary or secondary). No problems were detected on the GRP, and there have been no records of interfaces being reset.
Workaround: Clear the IP CEF table.
•CSCdt64782
Alarm warnings have occurred on a Cisco 12000 series Internet router with a 12012 chassis that is running Cisco IOS Release 12.0(15.6)S. These warnings have been observed on the PSU and blower units, as well as the critical, major, and minor LEDs on the alarm card. The alarm warnings clear after the route processor has completed booting (between 30 seconds and 5 minutes). Normal operations continue after the alarm warnings have cleared. These warnings have not been observed on the 12008 or 12016 chassis. There is no workaround.
•CSCdt67986
When an online insertion and removal (OIR) is performed on a Versatile Interface Processor 4 (VIP-4), an administratively downed loopback interface is brought up. There is no workaround.
•CSCdt90736
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S2 may display errors after an online insertion and removal (OIR) of a 16xOC-192 line card is performed or after the hw-module slot x command is entered for a 16xOC-192 line card.
The errors seen in the logs will be similar to the following sample log:
Router(config)# hw-module slot 17
Apr 3 15:49:47.692: %FABRIC-3-PARITYERR: To Fabric parity error was detected.
Grant parity error Data = 0x3.
SLOT 13:Apr 3 15:49:47.692: %LC-3-ERR_INTR: Error interrupt occurred
-Traceback= 400AE934 400C4B30
CONTEXT:
$0: FFFFFFFF, AT: 40CF0000, v0: 00000000, v1: 151E5B12
a0: A000D638, a1: 151E5B04, a2: 00000000, a3: 00000000
t0: 0000000F, t1: 41C26CE0, t2: 00000001, t3: FFFF00FF
t4: 400BF020, t5: 00000000, t6: 00000000, t7: 00000000
s0: FFFFFFFF, s1: FFFFFFFF, s2: FFFFFFFF, s3: FFFFFFFF
s4: FFFFFFFF, s5: FFFFFFFF, s6: FFFFFFFF, s7: FFFFFFFF
t8: 40CF6668, t9: 40CF6620, k0: 41107700, k1: 400C0FA8
gp: FFFFFFFF, sp: A000D5B8, s8: FFFFFFFF, ra: 400C4B30
EPC: 400AE930, SREG: 3400BF03, Cause: FFFFFFFF
Error EPC: FFFFFFFF, BadVaddr: FFFFFFFF
SLOT 0:Apr 3 15:49:47.692: %FABRIC-3-PARITYERR: To Fabric parity error was detected.
Grant parity error Data = 0x3.
SLOT 11:Apr 3 15:49:47.688: %FABRIC-3-PARITYERR: To Fabric parity error was detected.
Grant parity error Data = 0x3.
SLOT 6:Apr 3 15:49:47.692: %FABRIC-3-PARITYERR: To Fabric parity error was detected.
Grant parity error Data = 0x3.
SLOT 8:Apr 3 15:49:47.692: %FABRIC-3-PARITYERR: To Fabric parity error was detected.
Grant parity error Data = 0x3.
SLOT 12:Apr 3 15:49:47.692: %FABRIC-3-PARITYERR: To Fabric parity error was detected.
Grant parity error Data = 0x3.
SLOT 3:Apr 3 15:49:47.692: %FABRIC-3-PARITYERR: To Fabric parity error was detected.
Grant parity error Data = 0x3.
Unicast FIFO Underflow, Data = 0x8000.
SLOT 13:Apr 3 15:49:48.464: %FABRIC-3-PAKERR: To Fabric packet error was detected.
Packet End Error Data = 0xA.
Apr 3 15:49:49.224: %MBUS-6-FABCONFIG: Switch Cards 0x1D (bitmask)
Primary Clock is CSC_0
Fabric Clock is Non Redundant
Bandwidth Mode : Full BandwidthProgrammin
core02.dev01(config)#g XBAR_SEL_IDLE reg 2400E with FE
Programming XBAR_SEL_IDLE reg 2400F with EF
Programming XBAR_SEL_IDLE reg 24011 with EE
Programming XBAR_SEL_IDLE reg 24011 with EE
Programming XBAR_SEL_IDLE reg 24012 with FE
Programming XBAR_SEL_IDLE reg 24013 with EF
Programming XBAR_SEL_IDLE reg 24014 with E
LC Slot 13 is OC192
Programming XBAR_SEL_IDLE reg 24014 with E
Programming XBAR_SEL_IDLE reg 24015 with EF
Apr 3 15:49:49.804: Programming the lc_priority
Apr 3 15:49:49.944: %MBUS-6-FIA_CONFIG: Switch Cards 0x1D (bit mask); Primary Clock CSC_0
SLOT 15:Apr 3 15:50:00.032: %QM-4-STUCK: Port 0 Queue mask 0x1
SLOT 11:Apr 3 15:50:01.552: %QM-4-STUCK: Port 0 Queue mask 0x1
SLOT 11:Apr 3 15:50:09.404: %QM-4-STUCK: Port 0 Queue mask 0x1
There is no workaround.
•CSCdu00753
A configuration synchronization may not occur or a configuration stamp may not update without an error message on a Gigabit Route Processor (GRP) with a faulty connection to the fabric. The faulty connection to the fabric is normally detected by other indicators: for example, a failure to get multiple OK acknowledgements for a configuration write or an Inter Process Communication (IPC) timeout when accessing a secondary BOOTVAR. There is no workaround.
•CSCdu08280
A Packet-over-SONET (POS) OC-192 line card may reload when the configured output rate shaping rates are changed while multicast traffic is coming in from a POS OC-48 line card. There is no workaround.
•CSCdu10912
When an online insertion and removal (OIR) is performed on a primary clock switched card (CSC) fabric card using the hw-module slot slot-number command, faulty OIR messages may be displayed. There is no workaround.
•CSCdu11691
A Cisco 12000 series router with a single Route Processor (RP) that is running Cisco IOS Release 12.0(16)S or 12.0(16)S1 does not permit simultaneous configurations from multiple Telnet sessions. Only a single Telnet session is allowed to enter the configuration mode at any one time. This symptom does not occur on routers with dual route processors.
Workaround: Add an additional RP onto the system to permit simultaneous configurations from multiple Telnet sessions. The additional RP can be removed after it has booted as a secondary RP.
•CSCdu31631
An ingress Engine 4 line card on a Cisco 12000 series Internet router does not switch multicast packets to an egress Engine 4 line card when the output list includes an Engine 0 or Engine 1 line card. There is no workaround.
•CSCdu32374
Disabling Cisco Express Forwarding (CEF) inconsistency checkers with the no ip cef table command may result in CEF being disabled. To reenable CEF, globally configure the ip cef command or ip cef distributed command. There is no workaround.
•CSCuk23290
The output of the show ip cef inconsistency record command may not include expected event log entries for the recorded inconsistency occurrences.
Workaround: Enter the no ip cef table consistency-check command or the no ip cef table consistency-check type lc-detect command.
•CSCuk23524
A Cisco 12000 series router may experience some missing prefixes in the Cisco Express Forwarding (CEF) tables on some line cards after the router is reloaded or when an online insertion and removal (OIR) is performed on a line card.
Workaround: Enter the clear cef linecard command on each slot after a reload or OIR to ensure that the CEF table is correctly downloaded.
Resolved Caveats—Cisco IOS Release 12.0(16)S1
Cisco IOS Release 12.0(16)S1 is a rebuild of Cisco IOS Release 12.0(16)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(16)S1. This section describes only severity 1 and 2 caveats.
•CSCdr46528
A Cisco 12000 series Internet router with a significant number of packets that are destined for a "Null0" route may experience poor forwarding performance. This is not a common configuration. There is no workaround.
•CSCdr58946
Entries in the interfaces MIB ifTable for Traffic Engineering (TE) tunnels do not report an ifType = mpls tunnel (155). Instead, the entries return ifType = 0 (unknown). This situation occurs for any Simple Network Management Protocol (SNMP) operation on the interfaces table when entries that represent TE tunnels are queried. This situation does not affect Cisco IOS Release 12.0(14)ST or later releases.
Workaround: Query the ifName and ifDescr fields as well in Cisco IOS releases prior to Release 12.0(14)ST.
•CSCdt19788
A Cisco 7206VXR router with an NPE-300 Network Processing Engine, an enhanced ATM PA-OC-3 port adapter, and some ATM subinterfaces may intermittently experience a situation in which the ATM permanent virtual circuit (PVC) at one subinterface starts dropping the packets from the output queue. Cisco Express Forwarding (CEF) and fast switching are not being used in this situation. The PVC stays up and transmits the traffic originated by the Cisco 7206VXR that is not experiencing this situation.
Workaround: Re-enter the atm pvc interface configuration command on the ATM subinterfaces.
•CSCdt39722
A Cisco 7513 router that is running Cisco IOS Release 12.0(14)S1 may reload because of a bus error while changing the number of time slots on a T1 interface. There is no workaround.
•CSCdt56571
On a Cisco 12000 series Internet router, the output of the show interfaces [accounting] privileged EXEC command may be incorrect for tag-switched packets. There is no workaround.
•CSCdt59583
When multicast video traffic is coming in through the Frame Relay interface on the router and going out of the ATM LANE interface at approximately 600 kbps, the router may reload after approximately 18 hours because of no memory. This situation has been observed where there is no ATM address configured on the interface. The incomplete configuration causes a memory leak.
Workaround: Remove IP PIM configurations under the ATM LANE interface.
•CSCdt59641
A Cisco router may experience a condition where the traffic flow repeats a pattern of flowing for almost 30 seconds and then stopping for two seconds. This situation has been observed when all line cards along the link are OC-48c line cards. Traffic is sent at 900 kpps, and the receiving side can see traffic flowing at 824 kpps. When the show access-lists privileged EXEC command is entered, a match may not be found.
When the access list is removed from the interface and then added back to the interface, the following error message is displayed:
SLOT 2:20:05:34: -Traceback= 4022D3AC 401EBBA8 401F1924 401F4034 401F5838 401F5A9C 401F6858 4009E97C 4009E968
SLOT 2:20:05:34: Assertion "(addr->flag & PSA_ADDR_NO_FIB) || (addr->flag & PSA_ADDR_FIB_ACL)" failed: file "../src-bflc1/bflc_psa_acl.c", line 2823There is no workaround.
•CSCdt66063
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S1 might consistently experience higher than normal CPU utilization by the line card adjacency update process. This problem has not been linked to any service or performance-impacting issues. There is no workaround.
•CSCdt66560
When the ip route prefix mask null0 global configuration command is entered on a Cisco 12000 series Internet router, any traffic that matches that route will be sent by the CPU of the ingress line card to the Gigabit Route Processor (GRP), which adversely affects the line card CPU.
Workaround: Remove any routes to Null0.
•CSCdt67623
When configuring an Multiprotocol Label Switching (MPLS) tunnel interface with the no tunnel mpls traffic-eng autoroute announce command in interface configuration mode, the tunnel interface is taken out of the routing table.
Workaround: Clear the routes that go through the tunnel (for example, by using the clear ip route {network} EXEC command.
•CSCdt71057
A Cisco 12000 series Internet router with input PSA access control lists (ACLs) may deny IP protocol 94 traffic even though all IP traffic is permitted on the access list. This situation has been observed after the access list is 45 to 50 lines long.
Workaround: Explicitly permit IP protocol 94 traffic.
•CSCdt71518
The output of the show tag-switching tdp binding privileged EXEC command or the show mpls ip binding command may show "(no route)" for prefixes corresponding to connected routes, including the Tag Distribution Protocol (TDP)/Label Distribution Protocol (TDP) router ID. After approximately 5 minutes, the local labels for the connected routes are withdrawn from all TDP/LDP neighbors, removed from the TFIB, and deallocated, which results in loss of MPLS connectivity. This situation may occur on a Cisco router running OSPF that is configured to use TDP or LDP for label distribution when the OSPF configuration is removed with the no router ospf n global configuration command.
Workaround: Execute the shutdown command followed by the no shutdown command on every (up) interface.
•CSCdt74249
On a Cisco10000 series Edge Service Router (ESR) that is running Cisco IOS Release 12.0(15.6)ST in a production network, running PIM Sparse mode on 448 interfaces where there is 31 (*,G) entries in the mroute table may cause the router to reload if traffic was sent to even 15 of those groups. There is no workaround.
•CSCdt74307
Reloading a Cisco router that has Cisco Express Forwarding (CEF) disabled with no ip cef in the configuration may result in the router displaying a "SYS-3-MGDTIMER: Uninitialized timer" error message. In this situation, packet forwarding is not affected. There is no workaround.
•CSCdt77226
A Cisco Internet router displays a "%MBUS-6-OIR" error in slot 16 and 17 of the Clock Scheduler Cards (CSCs) after you enter the upgrade all command. This situation occurs with both the upgrade all all and the upgrade all slot16 commands, even if you do not perform an online insertion and removal (OIR) or any other procedure. There is no workaround.
•CSCdt78950
When Per Interface Rate Control (PIRC) and Distributed Traffic Shaping (DTS) are configured concurrently on Engine 2 line cards and PIRC is removed while DTS is still enabled, DTS stops functioning. DTS may also stop functioning if DTS is running and then PIRC is configured. There is no workaround.
•CSCdt79947
BGP configuration with route-map configured is susceptible to memory corruption.
•CSCdt80914
Entering the show ip cef exact-route command at the headend of a Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel may cause the Route Processor (RP) in a Cisco 12000 series Internet router to reload. There is no workaround.
•CSCdt84938
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(16)S, the 2x32-bit Simple Network Management Protocol (SNMP) counters on the main interface may not function properly. The same counters for the subinterface are not affected. There is no workaround.
•CSCdt85730
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S2, an Engine 1 line card may reload when Multiprotocol Label Switching (MPLS) is configured and the router is performing label imposition for flowing from an Engine 4 line card to the Engine 1 line card. There is no workaround.
•CSCdt85936
A Cisco 12000 series Internet router may, on rare occasions, issue environmental warnings for line cards or fabric modules that are within the appropriate values.
Workaround: Configure the router with the no environment-monitor command.
•CSCdt89162
Under some circumstances, certain 448-line access control lists (ACLs) may cause a Cisco router with an Engine 2 line card to reload. There is no workaround.
•CSCdt90083
When installing Engine 0-, Engine 1-, Engine 2-, or Engine 4-based line cards in a Cisco 12416 Internet router, ensure that the router is cold-booted. If the router is active when the line card is inserted, the line card will fail to boot correctly. If the router has been booted with the line card already installed, a successful online insertion and removal (OIR) can be performed, but if the line card is removed and reinserted into a different slot, the line card fails to complete the boot sequence and will constantly cycle through attempts to load and be reset. This situation does not occur with Cisco 12008, 12012 or 12016 Internet routers.
Workaround: Reboot the router once the line card has been installed.
•CSCdt90513
When using Class of Service (CoS) on a 3-Port Gigabit Ethernet Line Card on a Cisco 12000 series Internet router, performing an online insertion and removal (OIR) on multiple line cards will cause the router to reload with the following stack trace:
-Traceback= 601EB038 601EB47C 601EF92C 601EFAFC 601EFFC0 601F165C 601903E4 601903D0
There is no workaround.
•CSCdt93152
Multicast traffic does not switch from Engine 4 to Engine 0 and Engine 1 line cards. In this situation, the ingress Engine 4 to fab queues show a multicast queue build up, but no packets are output by either the E0 or E1 line cards. Multicast traffic is still successfully switched from Engine 0 and Engine 1 to Engine 4 line cards. There is no workaround.
•CSCdt96796
A Cisco router that is running Cisco IOS Release 12.0(13)S2 may experience a memory leak in the IP Simple Network Management Protocol (SNMP) process. There is no workaround.
•CSCdu01876
On a Cisco 12000 series Internet router, the command line interface (CLI) and Simple Network Management Protocol (SNMP) MIB may show twice the expected value. This condition has been observed with both Engine 1 (Gigabit Ethernet) and Engine 2 (QOC-12). There is no workaround.
•CSCdu03118
Configuring 128-line and 448-line output ACLs on different line cards the same Cisco 12000 series Internet router may cause unexpected microcode reloads, which can cause the affected line cards to stop forwarding traffic. There is no workaround.
•CSCdu04678
A Cisco router may reload after the show ip igmp groups command is entered if the command is paused for long periods of time at the "More" prompt and restarted later. There is no workaround.
•CSCdu06942
On a Provider Edge router where the Interior Gateway Protocol (IGP) tag is popped, the egress interface is an Engine 2 line card, and the encapsulation is High-Level Data Link Control (HDLC), packets may not forward correctly. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(16)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(16)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdr16320
High capacity counters in the IF-MIB ifXTable display 0 for all interfaces that do not support them. There is no workaround.
•CSCdr78008
A Cisco 7200 series router with hardware compression enabled on BRI interfaces might pause indefinitely, and console access will be lost.
Workaround: Disable the hardware compression on the affected interfaces, or use software compression.
Interfaces and Bridging
•CSCds20358
Under certain circumstances, numerous "ignore" messages might be displayed on a PA-A1 port adapter interface. The output of the show controllers cbus command and the show vip accu command are clean.
Workaround: Enter the shutdown command followed by the no shutdown command.
•CSCds40737
SONET MIBs for Packet-over-SONET (POS) port adapters are not updated on Cisco 7500/RSP series routers. There is no workaround.
•CSCds48844
Enabling Multilink PPP on some interfaces on a PA-MC-2T3 card together with distributed Cisco Express Forwarding (dCEF) may cause tracebacks. There is no workaround.
•CSCds72438
When a Cisco 7200 series router with a Packet-over-SONET (POS) port adapter is reloaded, the POS subinterfaces may not come up in an enabled state.
Workaround: Manually reenable the POS interface by entering the following series of commands:
Router(config)# interface pos3/0
Router(config-if)# shutdown
Router(config-if)# no shutdown•CSCds79548
On a Cisco 7000 series router, if the fiber has been detached and you remove keepalives from the Packet-over-SONET (POS) interface by entering the no keepalive interface configuration command, the link will be up infinitely after the patchcord is removed. With keepalives set to 1 second, the following messages are displayed:
00:30:06:%SONET-4-ALARM:POS1/0/0:SLOS
00:30:10:%LINEPROTO-5-UPDOWN:Line protocol on Interface POS1/0/0, changed state to down
00:30:10:%OSPF-5-ADJCHG:Process 1, Nbr 10.0.2.4 on POS1/0/0 from FULL to DOWN, Neighbor Down:Interface down or detached
00:30:10:%LINK-3-UPDOWN:Interface POS1/0/0, changed state to downThe line protocol goes down only after three missed keepalives after the loss of signal (SLOS) have been detected. There is no workaround.
•CSCdt24582
A Cisco 7500 series router with a Route Switch Processor 8 (RSP8), a Versatile Interface Processor 4-80 (VIP4-80), and a PA-A3-OC-12 port adapter may experience output drops that can severely impact effective throughput because of insufficient per-vc credits. There is no workaround.
•CSCdt39126
This situation has been observed on a Cisco router that is running Cisco IOS Release 12.0(14)S2 or earlier releases. If Automatic Protection Switching (APS) is configured, the protect interface is configured to use PPP encapsulation, and the protect interface is in inactive state, the following conditions may occur:
–The protect interface will continue to send out PPP link control protocol (LCP) requests.
–After the protect interface times out, it winks alarm indication signal (AIS) and continues to send out LCP requests.
–AIS confuses the provider.
Workaround: Use High-Level Data Link Control (HDLC) encapsulation.
•CSCdt41427
A Cisco router may reload with the following error:
ALIGN-1-FATAL: Illegal access to a low address addr=0x13C, pc=0x6056C83C, ra=0x603E8D4C, sp=0x62177800
There is no workaround.
•CSCdt53995
On Cisco 7500/RSP series routers and Cisco 7200 series routers, bridged permanent virtual connections (PVCs) may not function properly with PA-A3 ATM port adapters. There is no workaround.
IP Routing Protocols
•CSCdt04176
If one of the links in a network goes down, OSPF summary routes that are related to the failed link are deleted from the routing table even though the network can be reached by another link. After 5 seconds, the routes are restored automatically. There is no workaround.
•CSCdt11250
A Cisco 12000 series Internet router that is configured for IP multicast switching may reload with a "sig=10" bus error under specific conditions. This situation does not occur if you disable multicast. There is no workaround.
•CSCdt41203
A Cisco router reloads when a dot1q or Inter-Switch Link (ISL) subinterface is being deleted if multicast is configured. The following sequence of commands causes the reload:
mini# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
mini(config)# interface gigabitEthernet 5/0.1
mini(config-subif)# encapsulation dot1Q 1
mini(config-subif)# ip add 10.9.9.2 255.255.255.0
mini(config-subif)# ip sdr listen
mini(config-subif)# ip pim sparse-dense-mode
mini(config-subif)# ^Z
mini#
mini# configure
%SYS-5-CONFIG_I: Configured from console by consolet
Enter configuration commands, one per line. End with CNTL/Z.
mini(config)# no interface gigabitethernet 5/0.1Workaround: Remove the multicast commands from the subinterface before deleting the subinterface.
The following sequence of commands will not cause the reload:
mini# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
mini(config)#
%SYS-5-CONFIG_I: Configured from console by consoleint gi
mini(config)# interface gigabitEthernet 5/0.1
mini(config-subif)# no ip sdr listen
mini(config-subif)# no ip pim sparse-dense-mode
mini(config-subif)# exit
mini(config)# no interface gigabitethernet 5/0.1
% Not all config may be removed and may reappear after reactivating the sub-interface
mini(config)#•CSCdt43936
When a Cisco router is redistributing Enhanced Interior Gateway Routing Protocol (EIGRP) into OSPF, and EIGRP has more than one successor, it is possible that a change in the feasible successor (EIGRP) does not generate the OSPF external link-state advertisement (LSA).
Workaround: Enter the clear ip ospf redistribution EXEC command.
Miscellaneous
•CSCdm59494
A Cisco router that is running Hot Standby Router Protocol (HSRP) may reload if subinterfaces are being deleted and then recreated. There is no workaround.
•CSCdr47479
A Cisco 7500/RSP series router with an inverse multiplexing over ATM (IMA) port adapter may not recognize a Versatile Interface Processor 4 (VIP4). There is no workaround.
•CSCdr74195
When polling Cisco 2600 series routers in the network for Hot Standby Router Protocol (HSRP) statistics, the routers reloads.
Workaround: Disable Simple Network Management Protocol (SNMP).
•CSCds05414
On a Cisco 7513 router, packet drops have occurred on all PRI interfaces that are PA-MC-4C T1 interfaces. The rate of the drop is one packet for every two packets. There is no workaround.
•CSCds15443
When a Cisco router acts as a tag switching edge router, the router will sometimes stop running Tag Distribution Protocol (TDP) after a reboot.
Workaround: Enter the no tag-switching interface command followed by the tag-switching command. If this does not resolve the situation, enter the shutdown interface configuration command followed by the no shutdown interface configuration command.
•CSCds36857
A Cisco Express Forwarding (CEF) entry for a directly connected route and host on a directly connected interface may point to the wrong next hop. The CEF entry points to an IP address that has been configured as a default gateway.
Workaround: Create the static routes for that host.
•CSCds39099
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(13)S and that has an OC-192 line card may experience a problem when a OC-192 Engine 2 Packet-over-SONET (POS) interface is brought to a down/down state because of a "pos ais-shut" message that is received in the SONET frame from a remote neighbor. The interface that goes to a down/down state does not clear its active defects even when the link on the remote side is restored. The only way to recover from this condition is to reload the Internet router.
Workaround: Do not enter the pos ais-shut interface command on directly connected OC-192 line card links. Provision "keepalives" on the links instead.
•CSCds42128
Any operation that may change the state of a file (for example, writing, deleting, or renaming) may be performed simultaneously on the file when the file is already opened in read mode but not when the file is opened in write mode. There is no workaround.
•CSCds53044
When a 16xOC-3 Packet-over-SONET (POS) line card is configured for a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) at the imposition side, line cards may reload under certain conditions (for example, when a heavy load of traffic is sent at small packet sizes or when physical interfaces are flapping under traffic).
Workaround: Rate limit incoming traffic to the provider edge (PE) router and turn off keepalives.
•CSCds53782
A Versatile Interface Processor 2-50 (VIP2-50) that is running Cisco IOS Release 12.1(1a) may experience a memory leak when the "CEF LC Stats" process holds too much memory. The VIP exhibits the following error messages:
%FIB-4-FIBXDRINV: Invalid format. RDB length wrong
%IPC-5-SLAVELOG: VIP-SLOT1:
%SYS-2-MALLOCFAIL: Memory allocation of 65524 by alignment 32 -Process= "CEF LC Stats", ipl= 0, pid= 25There is no workaround.
•CSCds68004
Configuring Cisco Multipath Channel (CMPC) on a Cisco router with a Channel Port Adapter (XCPA) or ESCON Channel Port Adapter Version 4 (ECPA4) may cause read failures on the Flash disk.
Workaround: Use a Flash card rather than a Flash disk.
•CSCds75405
When Cisco Express Forwarding (CEF) is configured, the Forwarding Information Base (FIB) table may conflict with static host routes that are specified in terms of an output interface and Layer 2 address resolution protocols (ARP, map lists, etc.). The Layer 2 address resolution protocol adds adjacencies to CEF, which in turn creates a corresponding host route entry in the FIB table. This entry is called an adjacency prefix. If these adjacency prefix entries are also configured by a static host route, a conflict occurs.
In Cisco IOS Release 12.0 and 12.0 S, the static host route is overwritten by the adjacency prefix. When the adjacency is removed, the static host route is not readded to the FIB table.
Workaround: Clear the routing table using the clear ip route {*} EXEC command to restore the static host routes.
In Cisco IOS Release 12.1, the static host route is not overwritten by the adjacency prefix. This situation breaks the operation of Layer 2 address resolution protocols such as map lists. There is no workaround.
•CSCds76314
A permanent virtual connection (PVC) may go from active status to inactive status and display "%ATMCES-1-ERRCREATEVC" error messages if the following actions occur:
–The following sequence of commands is entered on a subinterface:
(config-subif)# shut
(config-subif)# shutdown
(config-subif)# no shut
(config-subif)# no shutdown–PVC configuration mode is entered and then exited by entering the end command.
Workaround: Reconfigure the PVC or reload the router.
•CSCds86592
A Cisco 12000 series Internet router with Quad OC-12 Packet-over-SONET (POS) line cards may experience line card reloads because of process traceback. This situation has been observed in a network with Multiprotocol Label Switching (MPLS) configured on all nodes except for the node that is generating the traffic, which is an IP router. There is no workaround.
•CSCds86521
A Cisco 7000 series router reloads if you configure more than 128 channel groups on a PA-MC-8E1 port adapter. The limit of configurable channel groups on this type of port adapter is 128. There is no workaround.
•CSCds90917
Under some circumstances, a Cisco 7500/RSP series router with distributed Cisco Express Forwarding (dCEF) and Web Cache Communication Protocol (WCCP) enabled and a Fast Ethernet interface attached to a cache engine may experience a condition in which the line card attached to the cache engine exhibits high CPU utilization for no apparent reason. In this situation, the cache engine in unable to reach many addresses beyond the interface to which it is attached, and web pages become inaccessible to users. This situation can be avoided by disabling dCEF on the interface attached to the cache engine, but this action will adversely affect the performance of WCCP. There is no workaround.
•CSCdt00507
A Cisco 12012 Internet router line card may reload because of the following error:
IPCLC-3-EVENTSYS: Event (16) system call ipc_send_message_blocked error (cause: timeout)
There is no workaround.
•CSCdt02459
An Engine 2 Packet-over-SONET (POS) line card on a Cisco 12000 series Internet router may experience traffic disruption under heavy load conditions when there are several thousand Border Gateway Protocol (BGP) and Interior Gateway Protocol (IGP) routes configured and traffic is moving at the line rate. This condition is more likely to occur when hundreds of Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel headpoints are configured on the router. There is no workaround.
•CSCdt04289
On a Cisco 12000 series Internet router, if a Packet-over-SONET (POS) interface on a Quad OC-3 POS line card is administratively down and the Internet router reboots, high CPU utilization may be experienced by neighboring Cisco 7200 series and Cisco 7500/RSP series routers. In the case of the Cisco 7500/RSP series routers, the CPU utilization is high on the VIP2 Versatile Interface Processor.
Workaround: Enter the no shutdown interface configuration command on the POS interface on the Internet router or on the neighboring router.
•CSCdt05020
A Versatile Interface Processor 2-50 (VIP2-50) with two PA-2CT1/PRI channelized port adapters may reload when the rsp-a3jsv-mz.122-0.2 image is loaded. There is no workaround.
•CSCdt05398
A Secure Shell (SSH) session on a Cisco 12000 series Internet router may pause indefinitely if the show tech-support EXEC command or the configure network EXEC command is entered on the router. There is no workaround.
•CSCdt08542
When an ATM permanent virtual connection (PVC) is configured on an interface through certain commands introduced before Cisco IOS Release 12.0, the traffic is not shaped. For example, a PVC that is created with the atm pvc vcd vpi vci aal-encap [peak average [burst]] [oam [seconds]] command will not shape traffic per the peak, average, and burst arguments, but will instead allow all traffic up to the physical limitation of the interface to pass.
Workaround: Configure the PVC with commands introduced in Cisco IOS Release 12.0 and later releases in order to shape traffic properly. The following are examples of some of these commands:
–pvc vpi/vci
–vbr-nrt output-pcr output-scr output-mbs
–encapsulation aal-encap
–oam-pvc frequency
Please consult Cisco documentation for additional information and full explanations of these commands.
•CSCdt08679
Changing the policy map configuration during high traffic may cause an "output stuck" error. In this situation, the Versatile Interface Processor (VIP) may stop forwarding packets until it is reset automatically. This condition is specific to Frame Relay configurations in which there are permanent virtual connections (PVCs) that are shaped using distributed Traffic Shaping (dTS), and it has been observed when all the PVCs are congested and a change is made to the policy map.
Possible workaround: Shut down the physical interface before changing the policy map, and then reenable the interface.
•CSCdt10027
When Distributed Multilink PPP is enabled on a Cisco router, the Multilink PPP link may fail upon link control protocol (LCP) negotiation with a PA-MC-E3 port adapter. This condition also brings down other serial links of the port adapter that are not members of the multilink bundle. There is no workaround.
•CSCdt10624
A Cisco 12000 series Internet router may reload unexpectedly if all Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnels are removed. This situation has been observed under heavy load conditions (for example, if several thousand routes and several hundred TE tunnels are removed).
Workaround: Allow a few seconds delay between successive tunnel removals rather than removing all tunnels at the same time.
•CSCdt11020
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0 S, the Flash disks on the secondary Route Processor (RP) may not be accessible from the primary RP. There is no workaround.
•CSCdt11190
A memory leak may occur in the Quality of Service (QoS) history even if this feature is not enabled. This situation has been observed when service policies are attached to many subinterfaces on a large configuration. The leak is caused by changing the policy map and/or attaching and detaching the service policy. When the allocated amount of memory for the QoS history is used, the router may reload. There is no workaround.
•CSCdt11656
The fair-queue [queue-limit queue-value] command may not function properly and create a situation in which the per-flow queue limit values cannot be changed from the default values. There is no workaround.
•CSCdt14805
A Cisco 3640 router that is running Cisco IOS Release 12.1(3.0.3)PI2 or later release may enter into a loop after a reload if the exception logging size is not configured.
Workaround: Configure the exception logging size by entering the logging exception size command.
•CSCdt19562
The High-Level Data Link Control (HDLC) header may become corrupted after a microcode reload or an online insertion and removal (OIR) of a line card on a Cisco 12000 series Internet router. This situation occurs only with Multiprotocol Label Switching (MPLS) packets. There is no workaround.
•CSCdt21758
A Cisco 7500 series router that is configured for Cisco Express Forwarding (CEF) and Multiprotocol Label Switching (MPLS) may stop receiving MPLS packets on Versatile Interface Processor 2 (VIP2) modules after and online insertion and removal (OIR) event. In this situation, the MPLS packets are dropped silently, and counters do not increase. Enabling distributed CEF restores the connectivity.
Workaround: Use dCEF globally, and disable it on a per interface basis, if needed.
•CSCdt29214
A Cisco 12000 series Internet router that is running the gsr-p-mz.120-12.S2.1227 image and has a line card that is configured with an extremely long access control list (ACL) may experience a line card reload during a reload or a change of the ACL. There is no workaround.
•CSCdt30100
A line card may reload on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(13)S. There is no workaround.
•CSCdt31092
A Cisco 7507 router may reload after the access-list compiled global configuration command is entered. There is no workaround.
•CSCdt31256
A secondary console will not be accessible in a dual-Route Processor (RP) system. There is no workaround.
•CSCdt31521
A Multiprotocol Label Switching (MPLS) router with a large number of Border Gateway Protocol (BGP) routes (VPNv4 or IPv4) may experience a memory leak if the route to the BGP neighbor flaps. The memory leak is approximately 100 bytes per BGP route for each route flap. The leak can be detected by unusually large memory consumption by Tag Forwarding Information Base (TFIB) tag rewrites as seen in the output of the show memory [summary] | include TFIB command. There is no workaround.
•CSCdt32774
The line cards on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(14.6)S1 and that has Multiprotocol Label Switching (MPLS) enabled may reload under certain conditions. In this situation, when one line card with an interface configured with MPLS is reloaded manually, other line cards may experience the following bus error:
%LCINFO-3-CRASH: Line card in slot 0 crashed
This situation has been observed where there is double recursion (for example, a Border Gateway Protocol [BGP] recursive route over a static recursive route).
Workaround: Avoid the use of static recursive routes to BGP peers.
•CSCdt34120
A Cisco 12000 series Internet router that is running the gsr-p-mz.120-15.S.bin image may experience a situation where interface counters are reporting incorrect values. In this situation, the interface rates are sometimes showing rates greater than the link maximum rate, and Simple Network Management Protocol (SNMP) polls are also reporting incorrect values. This condition has been observed with 4-Port OC-3 Packet-over-SONET (POS) Engine 0 line cards and 4-Port OC-3 ATM Engine 0 line cards. There is no workaround.
•CSCdt36418
This situation occurs with a very specific type of service policy. The policy must have priority enabled in the first class, and the kbps assigned to the priority class must be exactly equal to the interface or PVC rate. In such cases, this policy should be denied as an invalid policy. Instead, the policy is accepted, and if subsequent classes try to allocate bandwidth by entering the bandwidth interface configuration command, the Route Switch Processor (RSP) reloads. Attaching a policy of this type should be avoided. There is no workaround.
•CSCdt36569
When a multilink bundle is flapped under heavy traffic, there may be "output stuck" conditions on some of the member links of the bundle. There is no workaround.
•CSCdt37135
Under very high traffic conditions, the Gigabit interface on a Cisco 7200 series router may stop transmitting packets, and the output queue remains stuck at 40/40.
Workaround: Enter the clear interface gigabit x/0 command or the shutdown command followed by the no shutdown command.
•CSCdt37629
A Cisco Versatile Interface Processor 2-50 (VIP2-50) or VIP4-80 may reload under the following conditions:
–There is an MC-T3 or MC-2T3+ port adapter in one slot of the VIP.
–Traffic is sent through the port adapter at close to the line rate.
There is no workaround.
•CSCdt38104
Removing side A of a DPT48 node removes the whole node from the Dynamic Packet Transport (DPT) ring. The normal behavior should be that the DPT node should be able to work in wrap mode with just one card. This functionality functions properly when the side B card of a DPT48 node is removed, and the side A functions by itself. However, if the side B card is not taken out of the backplane and the card A is removed, the DPT node no longer functions properly and cannot continue its functionality in a wrapped state. There is no workaround.
•CSCdt39968
A Cisco router may reload with a bus error after the snmp-server enable traps atm pvc global configuration command is entered. There is no workaround.
•CSCdt40483
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(13)S or 12.0(14)S with Engine 0 line cards, Simple Network Management Protocol (SNMP) counters (for example, ifOutOctets/ifHCOutOctets) may actually decrement. The counters usually decrement for no longer than 10 seconds. This situation may cause difficulties in polling these SNMP counters more frequently.
Workaround: Extend the polling period for SNMP counters.
•CSCdt44367
When output Per Interface Rate Control (PIRC) is configured on a 3-Port Gigabit Ethernet line card, multicast traffic that is going out this line card does not get rate limited. There is no workaround.
•CSCdt45094
A Cisco Gigabit Route Processor (GRP) may reload in a loop after failover because of memory corruption. This situation occurs when there are two GRPs. There is no workaround.
•CSCdt46380
A Versatile Interface Processor (VIP) on a Cisco 7500/RSP series router that is running Cisco IOS Release 12.1(5a)E4 may reload with the following error message:
%ALIGN-1-FATAL: Illegal access to a low address
This situation has only been observed on Frame Relay interfaces with distributed Quality of Service (QoS) enabled. There is no workaround.
•CSCdt51427
When a 3-Port Gigabit Ethernet line card on a Cisco 12000 series Internet router is configured for Hot Standby Router Protocol (HSRP) and the Internet router takes over as the active router, the HSRP address may not be pingable but the interface address will be pingable.
Workaround: Enter the standby group-number use bia command.
•CSCdt51864
OC-192 Packet-over-SONET (POS) and Quad OC-48 POS line cards can only support 200,000 Border Gateway Protocol (BGP) routes, 4,000 Interior Gateway Protocol (IGP) routes (such as Intermediate System-to-Intermediate System [IS-IS]), and a maximum of 2,000 adjacencies. There is no workaround.
•CSCdt52678
If two routers are connected back-to-back with one router running Distributed Multilink PPP (DML-PPP) and the other running Multilink PPP (distributed switching off), the VIP on the router running DML-PPP may reload if fragmentation is enabled on the router running Multilink PPP.
Workaround: Disable fragmentation on the far-end router.
•CSCdt61400
Configuring an OC-192 or Quad OC-48 line card with the following configuration may cause the line card to reload when high rates of traffic are sent to the egress port if the precedence 4 random-detect-label 4 entry is not included:
cos-queue-group traff4
precedence 4 queue 4
precedence 4 random-detect-label 4
traffic-shape queue 4 250000 84792There is no workaround.
•CSCdt70225
When OC-192 or Quad OC-48 line cards are connected back-to-back, Frame Relay subinterface encapsulation does not function properly with Intermediate System-to-Intermediate System (IS-IS). IS-IS cannot exchange routes across the link. This situation does not occur with OSPF. There is no workaround.
•CSCdt71647
Applying Modified Deficit Round Robin (MDRR) on one port disrupts ORS on all the other ports of a Quad OC-48 line card. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(15)S7
Cisco IOS Release 12.0(15)S7 is a rebuild of Cisco IOS Release 12.0(15)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(15)S7. This section describes only severity 1 and 2 caveats.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Resolved Caveats—Cisco IOS Release 12.0(15)S6
Cisco IOS Release 12.0(15)S6 is a rebuild of Cisco IOS Release 12.0(15)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(15)S6. This section describes only severity 1 and 2 caveats.
•CSCdr46528
The performance of Cisco 12000 series routers can be degraded when they have to send a large number of ICMP unreachable packets. This situation usually can occur during heavy network scanning. This vulnerability is tracked by three different bug IDs: CSCdr46528, CSCdt66560, CSCds36541. Each bug ID is assigned to a different Engine the line card is based upon.
The rest of the Cisco routers and switches are not affected by this vulnerability. It is specific for Cisco 12000 Series. No other Cisco product is vulnerable.
The workaround is to either prevent the router from sending unreachable Internet Control Message Protocol (ICMPs) at all or to rate limit them.
This advisory is available at
http://www.cisco.com/warp/public/707/GSR-unreachables-pub.html
•CSCdt00507
A line card in a Cisco 12012 Internet router might reload and display the following error message:
GSR 12012 linecard crashes due to IPCLC-3-EVENTSYS: Event (16) system call ipc_send_message_blocked error (cause: timeout)
This error might occur if a hardware failure causes CRC error to be received from the fabric. There is no workaround.
•CSCdt21749
A channelized T3 card in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(14)S, 12.0(14)S1, 12.0(14)S2, 12.0(14)S3, 12.0(15)S, or 12.0(15)S1 may reload when creating a channel group after a channel group has been deleted. The line card will recover and operate normally after the router is reloaded. There is no workaround.
•CSCdt27923
A line card on a Cisco 12000 series Internet router might not boot correctly after reloading when the upgrade all slot x command is entered. The following error message has been observed in the traceback:
MBUS agent downloading:
There is no workaround.
•CSCdt33317
On a Cisco 7500/RSP series router, packets that are received on a Spatial Reuse Protocol (SRP) interface and switched on the Route Switch Processor (RSP) will fail to get Cisco Express Forwarding (CEF) or fast-switched going into a tunnel interface and get dropped. This situation occurs only on the Cisco 7500/RSP routers that have SRP interfaces.
Workaround: Disable CEF and fast switching on the tunnel interface.
•CSCdt66560
The performance of Cisco 12000 series Internet routers can be degraded when they have to send a large number of ICMP unreachable packets. This situation usually can occur during heavy network scanning. This vulnerability is tracked by three different bug IDs: CSCdr46528, CSCdt66560, CSCds36541. Each bug ID is assigned to a different Engine the line card is based upon.
The rest of the Cisco routers and switches are not affected by this vulnerability. It is specific for Cisco 12000 Series.
No other Cisco product is vulnerable.
The workaround is to either prevent the router from sending unreachable Internet Control Message Protocol (ICMPs) at all or to rate limit them.
This advisory is available at
http://www.cisco.com/warp/public/707/GSR-unreachables-pub.html
•CSCdt69741
Six vulnerabilities involving Access Control List (ACL) has been discovered in multiple releases of Cisco IOS® Software Release for Cisco 12000 Series Internet Routers. Not all vulnerabilities are present in all IOS releases and only line cards based on the Engine 2 are affected by them. No other Cisco product is vulnerable.
The workarounds are described in the Workarounds section.
This advisory is available at
http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
•CSCdt89344
Under some circumstances, inserting routes into a routing table may cause the memory to become fragmented.
Workaround: Configure the memory free-list 65488 command.
•CSCdt96370
Six vulnerabilities involving Access Control List (ACL) has been discovered in multiple releases of Cisco IOS® Software Release for Cisco 12000 Series Internet Routers. Not all vulnerabilities are present in all IOS releases and only line cards based on the Engine 2 are affected by them.
No other Cisco product is vulnerable.
The workarounds are described in the Workarounds section.
This advisory is available at
http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
•CSCdu07732
When a POS card is replaced by another POS card and again replaced with the initial POS card, snmpwalk works fine on ifTable for all interfaces, but snmpgetone fails for some POS interfaces on the replaced card.
Workaround: Move the POS card into another slot which was previously empty or not occupied by any POS card.
•CSCdu16602
A Cisco router may reload when the show ip mroute group-address source-address EXEC command is entered.
Workaround: Avoid using the show ip mroute group-address source-address EXEC command when there are multicast routes that are rapidly changing.
•CSCdu43315
In a configuration in with multiple T1 through T3 interfaces, it may not be possible to query for Simple Network Management Protocol (SNMP) statistics because the snmpwalk and snmpget functions do not display data for some interfaces. There is no workaround.
•CSCdu50927
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(17)S might generate the following error message:
%GRP-3-ENCAP: Failure to allocate encap table entry, exceeded max number of
entries, slot 3 (info 0x8000)
-Traceback= 602555E0 60255AC4 602560E0 600F783C 600F7914 600F71C4 600F7288
605690C4 6056C0DC 60569C74 605697A0 603544B4 603537A0 6035397C 60353AF0
6019254C
There is no workaround.
•CSCdu58406
Entering the no ip source-route global configuration command on a Gigabit Router Processor (GRP) does not stop the Cisco 12000 series Internet router from routing packets that contain source-route information. There is no workaround.
•CSCdu65825
Under rare conditions, the route processor (RP) in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S3 may reload if a line card is attached. There is no workaround.
•CSCdu66206
Multicast Output interfaces (OIFs) are missing from certain groups causing multicast traffic to be affected. This condition normally occurs during startup because of the varying speeds in which the cards are turned on.
Workaround: Reload the microcode on the card that contains the missing OIFs.
Note Reloading the microcode may lead to issues that are related to caveat CSCuk22826.
•CSCdu70243
A PSA Access Control List (ACL) that is configured on an Engine 2 line card in a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S5 might cause Engine 2 line cards to fail on the router.
Workaround: Do not configure an ACL on an Engine 2 interface.
•CSCdu72336
Multicast Distributed Fast Switching (MDFS) for IP Multicast on a Cisco 12000 series Internet router may fail to add a particular interface to the OIF list of certain multicast static routes (mroutes) on a linecard. If that linecard is the Reverse Path Forwarding (RPF) interface for that mroute, this situation will cause forwarding to that OIF interface to fail.
Diagnosis: If a Cisco 12000 Internet router is not correctly forwarding IP multicast traffic out a particular interface, but the output of the show ip mroute EXEC command shows that interface in the OIF list of that route, verify that the interface also shows up in the OIF list on the linecard that has the incoming interface of the route. Enter the attach slot-number privileged EXEC command, where slot-number is the number of the line card and then enter the show ip mds forwarding EXEC command to determine the actual MDFS forwarding state of the mroute. If the outgoing interface in question does not show "ip" in this output then this caveat applies.
Workaround: Disable MDFS on the incoming interface by configuring no ip mroute-cache on the interface. Do not try to use this workaround if more than a very low amount of multicast traffic is arriving on that interface or else you will compromise the stability of the router because the workaround will make the packets switched through the Gigabit Route Processor (GRP) instead of the switching fabric.
•CSCdu76426
A 4 port Engine 2 OC-12 ATM line card on a Cisco router can reload if one of the ATM interfaces receives a packet that is not destined for a local interface. There is no workaround.
•CSCdu81007
The Cisco Express Forwarding (CEF) table is not updated properly when the IP address of an interface changes. The new IP address is added to the CEF table but the old one is not removed. If subinterfaces are used, the old ones remain in the CEF table even after the subinterfaces are removed.
Workaround: When you issue the shut command on the subinterface before changing the address, the IP address is correctly deleted from the CEF tables.
•CSCdu83386
The ip helper-address address interface configuration command does not function properly when configured on a Cisco 12000 series Internet router. There is no workaround.
•CSCdu83877
Cisco Express Forwarding (CEF) per packet load balancing and access control lists (ACLs) cannot co-exist on an Engine 2 line card. The parser should issue a warning to turn off the existing (conflicting) feature if you attempt to configure both. There is no workaround.
•CSCdv14967
OC-3 and SRP-12 line cards might show incorrect traffic output statistics when traffic travels through an OC-192 interface and exits through a non-OC-192 interface. Correct traffic output statistics are displayed when the OC-3 line card is configured with Committed Access Rate (CAR).
Workaround: Configure the OC-3 line card with CAR.
•CSCdv53894
A Cisco 12000 series Internet router may fail to correctly forward IP multicast packets out of an interface. When this condition occurs, the router generates the following error message:
%GRP-3-ENCAP: Failure to allocate encap table entry, exceeded max number of entries
On the outgoing line card, the exec slot N show controller rewrite command (N represents the line card) will display the empty (0) adjacency information for the affected multicast routes. See the following sample output:
(209.165.200.224, 255.255.255.224) In: POS3/0 SRP0/0 0x00000000 (0):
There is no workaround.
•CSCdv81133
On a Cisco 12000 series Internet router, when you connect and disconnect the Rx cable between Engine 4 Packet-over-SONET (POS) line cards and a Cisco ONS platform, continuous ping failures may occur, although the line cards are in an up/up state.
Workaround: Issue the hw-module slot x reload command on the POS line cards.
•CSCdv88646
A Cisco 12000 series Internet router that is configured with an Engine-4 plus line card may generate tracebacks that can cause Cisco Express Forwarding (CEF) to be disabled. There is no workaround.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(15)S3
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(15)S3. This section describes only severity 1 and 2 caveats.
•CSCdp89061
Simple Network Management Protocol (SNMP) warm start trap is not supported in the Cisco IOS agent code. There is no workaround.
•CSCdr16320
High capacity counters in the IF-MIB ifXTable display 0 for all interfaces do not support them. There is no workaround.
•CSCdr58946
Entries in the interfaces MIB ifTable for Traffic Engineering (TE) tunnels do not report an ifType = mpls tunnel (155). Instead, the entries return ifType = 0 (unknown). This situation occurs for any Simple Network Management Protocol (SNMP) operation on the interfaces table when entries that represent TE tunnels are queried. This situation does not affect Cisco IOS Release 12.0(14)ST or later releases.
Workaround: Query the ifName and ifDescr fields as well in Cisco IOS releases prior to Release 12.0(14)ST.
•CSCdr92960
Syslog traps are sent only for link-up and link-down. Information regarding cold start, warm start, and authentication failure is not sent. There is no workaround.
•CSCds05414
Packets are dropped on all PRI interfaces that are PA-MC-4CT1 port adapters in a Cisco 7513 router. The drop rate is regularly one packet for every two packets. There is no workaround.
•CSCds11299
On a Cisco 12000 series Internet router, the following message may appear in the output of show version EXEC command even after the line card has been upgraded:
WARNING: Old Fabric Downloader in slot 1 Use "upgrade fabric-downloader" command to update the image
This message persists until the router is reloaded.
Workaround: Enter the microcode reload slot-number global configuration command after entering the upgrade fabric-downloader command to load the upgraded microcode and remove the warning.
•CSCds15443
When a router acts as a tag switching edge router, it may stop running Tag Distribution Protocol (TDP) after a reboot.
Workaround: Enter the shutdown command followed by the no shutdown command on the interface. If this workaround does not resolve the issue, reboot the router again.
•CSCds36857
A Cisco Express Forwarding (CEF) entry for a directly connected route and host on a directly connected interface points to the wrong next hop. The CEF entry points to an IP address that has been configured as a default gateway.
Workaround: Create the static route for that host.
•CSCds47960
When you have two external or summary routes with the same network number but a different mask in the Open Shortest Path First (OSPF) database, and the most specific route is removed from the routing table, these two routes are still visible in the OSPF database. The route that was removed from the routing table should also be removed from the database.
Workaround: Remove the OSPF configuration, and then put it back in again.
•CSCds54855
A Cisco router that is connected to a stubby area does not advertise the default route into that area. The database on the router shows that the link-state advertisement (LSA) for the default route is MAXAGE and that the LSA is not purged until the Open Shortest Path First (OSPF) process is reset. There is no workaround.
•CSCds75405
When Cisco Express Forwarding (CEF) is configured, the Forwarding Information Base (FIB) table may conflict with static host routes that are specified in terms of an output interface and Layer 2 address resolution protocols (ARP, map lists, etc.). The Layer 2 address resolution protocol adds adjacencies to CEF, which in turn creates a corresponding host route entry in the FIB table. This entry is called an adjacency prefix. If these adjacency prefix entries are also configured by a static host route, a conflict occurs.
In Cisco IOS Release 12.0 and 12.0 S, the static host route is overwritten by the adjacency prefix. When the adjacency is removed, the static host route is not readded to the FIB table.
Workaround: Clear the routing table using the clear ip route {*} EXEC command to restore the static host routes.
In Cisco IOS Release 12.1, the static host route is not overwritten by the adjacency prefix. This situation breaks the operation of Layer 2 address resolution protocols such as map lists. There is no workaround.
•CSCds89515
On a Cisco 12000 series Internet router, distributed Cisco Express Forwarding (dCEF) may be disabled because of a low-memory condition during a large routing update (for example, while booting up).
Workaround: Reduce the maximum path in Border Gateway Protocol (BGP) to reduce amount of information CEF propagates to the line cards, or reduce TCP window size to reduce the speed of incoming BGP updates.
Fix: Enter the ip cef linecard ipc memory ? 0-128000 interface configuration command. Kilobytes of line card memory are limited to 50 percent of the total memory. This command allows you to allocate a larger amount of line card memory to the queuing for CEF routing to update messages; it allows the route processor to free memory by releasing CEF updates more quickly; and it prevents the low-memory condition from occurring on the route processor.
•CSCdt14653
A Cisco 7500 series router that is running Cisco IOS Release 12.0(15) may reload with Simple Network Management Protocol (SNMP) if you insert the ATM card online. There is no workaround.
•CSCdt34374
Engine 2 line cards on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(13.5)S or a later release may not operate correctly with very large routing tables. The router displays the following error message:
SLOT X:000003: %SYS-4-EXMALLOCFAIL: External memory allocation of 1536000 bytes failed from EXMEM 1
Recent enhancements to the Access Control List (ACL) software have increased the memory required to store the forwarding table on Engine 2 line cards. The extent of the limitation depends on which ACL configuration is used. If ACL packet filters are not configured on an interface, the input ACL limitation applies.
The 4-port OC12 Packet-over-SONET (POS), 1-port OC48 POS, and 3-port Gigabit Ethernet line cards can support up to 448 lines of ACLs in hardware. The configuration of an input ACL on these cards results in a limitation of 171,000 routes. The configuration of an output ACL on any interface in the router results in a limitation of 110,000 routes for these cards.
The 16-port OC3 POS and 4-port OC12 ATM line cards can support up to 128 lines of ACLs in hardware. The configuration of an input ACL on these cards results in a limitation of 205,000 routes. The configuration of an output ACL on any interface in the router results in a limitation of 190,000 routes for these cards.
Workaround: Disable hardware ACL support by entering the no access-list hardware {psa} global configuration command if ACLs are not used for packet filtering.
Alternate workaround: Configure ACLs inbound instead of outbound to avoid the lower limit for outbound ACLs.
•CSCdt39968
A Cisco router reloads with a bus error when you use the snmp-server enable traps atm pvc global configuration command. There is no workaround.
•CSCdt46056
Cisco Express Forwarding (CEF) may incorrectly delete "is subnetted" prefixes, if deleted by the routing process and if there is a matching subnetted prefix in the forwarding table. There is no workaround.
•CSCdt42256
With Internet Mix (IMIX) traffic on distributed Multilink PPP (DMLPPP), a packet drop of 13 percent occurs when traffic is sent at the line rate. This situation causes performance degradation. There is no workaround.
•CSCdt10216
A Cisco 7200 series router that has an M2T-T3 port adapter may display the following message:
%MUESLIX-1-HALT
There is no workaround.
•CSCdt56796
On some interfaces such as T1, E1, T3, and E3, the command-line interface (CLI) and the Simple Network Management Protocol (SNMP) MIB may add 2 extra bytes per packet. There is no workaround.
•CSCdt58029
The high capacity (HC) counters within the MIB interfaces do not support 64 bits for tunnel interfaces (including generic routing encapsulation (GRE) and Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnels). The HC counters are always zero for tunnel interfaces. This situation does not occur on a Internet router. All other platforms and versions of the ifMIB are affected.
Workaround: Increment the high 32 bits each time the counter wraps back to zero. The 32-bit counters included in the ifMIB can be polled.
•CSCdt61400
If you use the cos-queue-group traff4 precedence 4 queue 4 precedence 4 random-detect-label 4 traffic-shape queue 4 250000 84792 configuration without the precedence 4 random-detect-label 4 configuration on an OC192 or Quad OC48 line card, the line card may reload when high rates of traffic are sent to the egress port. There is no workaround.
•CSCdt65101
On a Cisco 12000 series Internet router, when both the pos scramble-atm interface configuration command and the pos flag c2 207 interface configuration command are configured on a Packet-over-SONET (POS) interface, the pos flag c2 207 command does not appear in the configuration. The pos c2 flag reverts to 22 (0xCF) when the router is reloaded. There is no workaround.
•CSCdt66063
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(15)S1 may experience consistently higher than normal CPU usage by the line card adjacency update process. There is no workaround.
•CSCdt69682
Under heavy traffic through a distributed Multilink PPP (distributed MLP) bundle on a Cisco 7500 series router (even with 100 percent line rate), memory allocation failure may occur on the Versatile Interface Processor (VIP). The traffic does not pass through distributed MLP, including other port adapters (PAs) of the VIP. There is no workaround.
•CSCdt70972
When you configure distributed Multilink PPP (DMLPPP) on the serial links of a CH-STM-I PA port adapter, a Cisco router may reload because fragmentation is enabled on the multilink interface, which is not supported for DMLPPP. There is no workaround.
•CSCdt71323
Command-line interface (CLI) output counters give incorrect values and prepolice values when you configure committed access rate (CAR). This situation occurs only if CAR and high oversubscription causes a similar or higher number of packet to be dropped compared to the transmitted packets.
Workaround: Do not use CAR.
•CSCdt76670
If you configure output committed access rate (CAR) on a Frame Relay (FR) interface, the FR MIB {frCircuitSentFrames, frCircuitSentOctets} objects and IF MIB {ifOutUcastPkts, ifOutOctets} objects with ifIndex referring to the FR subinterface still show the prepoliced values.
Workaround: see the output queuing drop counts shown through the show interface command and through CISCO-CAR-MIB.
•CSCdt77226
A Cisco Internet router displays a "%MBUS-6-OIR" error in slot 16 and 17 of the Clock Scheduler Cards (CSCs) after you enter the upgrade all command. This situation occurs with both the upgrade all all and the upgrade all slot16 commands, even if you do not perform an online insertion and removal (OIR) or any other procedure. There is no workaround.
•CSCdt79947
BGP configuration with route-map configured is susceptible to memory corruption.
•CSCdt85430
The show ip mpacket quality EXEC command may show a negative value for lost Real-Time Transport Protocol (RTP) packets. When this situation occurs, the loss percentage and average loss gap are computed incorrectly. This situation may occur if there are more misordered and duplicate packets than lost packets. There is no workaround.
•CSCdt68858
This caveat fixes the problem of frequent MBUS undervoltage warnings close to 5000 mV on a Cisco 12016, 12410, or 12416 Internet router with Engine 4 line cards.
Resolved Caveats—Cisco IOS Release 12.0(15)S1
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(15)S1. This section describes only severity 1 and 2 caveats.
•CSCdr64558
If a redundant power supply on a Cisco 12012 Internet router is disabled and later reenabled, the Internet router might report alarms relating to fan speed. There is no workaround.
•CSCds21955
This fix provides a means (the show context summary command) to track down the line card resets by the Route Processor (RP) for fabric ping failures. Previously, those resets could not be recorded.
•CSCds23164
A Cisco 7500 series router with a Spatial Reuse Protocol (SRP) interface running distributed Cisco Express Forwarding (dCEF) might not correctly process the Access Control Lists (ACLs) that are applied to the SRP interface.
Workaround: Disable dCEF on the SRP interface by entering the no ip route-cache distributed interface configuration command or run centralized CEF by using the ip cef global configuration command.
•CSCds41196
A Cisco 12000 series Internet router may exhibit spurious memory access errors after a Packet-over-SONET (POS) interface goes down. There is no workaround.
•CSCdt15476
With packets that are larger than 1000 bytes, an Enhanced Gigabit Ethernet Interface Processor (GEIP+) may transmit the packets in the wrong format, which results in cyclic redundancy check (CRC) errors on the other end. The GEIP+ also retransmits the packet.
Workaround: Upgrade to Cisco IOS Release 12.0(15)S1.
•CSCdt20528
A Cisco 12000 series router that is running Cisco IOS 12.0(14)S may reload by bus error. There is no workaround.
•CSCdt29214
A Cisco Internet router line card that is configured with an extremely long access control list (ACL) may fail during a reload or a change in the ACL. This situation has occurred when the Internet router is running the 12.0(12)S2.1227 image. There is no workaround.
•CSCdt31026
After booting up a router with Cisco IOS Release 12.0(14.6)S3 or 12.0(15)S, Multicast Source Discovery Protocol (MSDP) peers that belong to a mesh group may get a SA limit of 0 associated with them. In this situation, SA messages cannot be received or cached from MSDP peers, and source discovery between peers will not take place. This condition will be indicated with the following message:
%MSDP-4-SA_LIMIT: SA from peer peer-addr RP rp-addr for (src-addr, group-addr) exceeded sa-limit of 0
Workaround: Either set or negate the MSDP SA limit after each reload for each peer that belongs to a mesh group as follows:
ip msdp sa-limit A.B.C.D
number
no ip msdp sa-limit A.B.C.D
After each reload, the above action must be repeated because the MSDP mesh-group commands always follow the MSDP SA-limit commands in the startup configuration.
•CSCdt33223
On a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(13) with Engine 0 line cards, Simple Network Management Protocol (SNMP) 64-bit HC packet/byte counters may report very high numbers. There is no workaround.
•CSCdt35866
In Cisco IOS Release 12.0(15)S, the Cisco Express Forwarding (CEF) consistency checker may report spurious inconsistency during large routing updates as exhibited by the following messages:
00:43:42: %FIB-4-RPPREFIXINCONST1: RP missing prefix for 192.168.0.1/16 (present on slot 2)
00:43:47: %FIB-4-LCPREFIXINCONST2: Slot 2 missing prefix entry for 192.168.0.2/19
Workaround: Turn off the consistency checkers using the no ip cef table consistency-check global configuration command.
•CSCdt41203
A Cisco router may reload when you are deleting a dot1q or Inter-Switch Link (ISL) subinterface where multicast is configured. The following sequence of commands will cause this situation to occur:
mini#conf t
Enter configuration commands, one per line. End with CNTL/Z.
mini(config)#int gi 5/0.1
mini(config-subif)#encapsulation dot1Q 1
mini(config-subif)#ip add 9.9.9.2 255.255.255.0
mini(config-subif)#ip sdr listen
mini(config-subif)#ip pim sparse-dense-mode
mini(config-subif)#^Z
mini#
mini#conf
%SYS-5-CONFIG_I: Configured from console by consolet
Enter configuration commands, one per line. End with CNTL/Z.
mini(config)#no int gigabitEthernet 5/0.1Workaround: Remove the multicast commands from the subinterface before deleting the subinterface by entering the following commands:
mini#conf t
Enter configuration commands, one per line. End with CNTL/Z.
mini(config)#
%SYS-5-CONFIG_I: Configured from console by consoleint gi
mini(config)#int gigabitEthernet 5/0.1
mini(config-subif)#no ip sdr listen
mini(config-subif)#no ip pim sparse-dense-mode
mini(config-subif)#exi
mini(config)#no int gigabitEthernet 5/0.1
% Not all config may be removed and may reappear after reactivating the sub-interface
mini(config)#The router will not reload with this sequence of commands.
Resolved Caveats—Cisco IOS Release 12.0(15)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(15)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdm18492
A Cisco router might experience high CPU utilization at the interrupt level with flow switching because of spurious accesses by flow switching code.
Workaround: Turn flow switching off by entering the no ip route-cache flow interface configuration command.
•CSCdr53369
The write memory command on a system that has High System Availability (HSA) (two Route Switch Processors (RSPs) in a Cisco 7500 series router) and the service sync configuration or the slave sync configuration privileged EXEC commands configured on the same system cause the master RSP to run at 100 percent CPU utilization for a variable amount of time depending on the size of the configuration. There is no workaround.
•CSCdr50596
The Expression MIB does not support delta, wildcarding, delta wildcarding, and aggregation. There is no workaround.
•CSCds41795
A Cisco AS5800 series universal access server may experience a bus error at les_ipfib_flow_switch along with spurious interrupts at the same process.
Workaround: Disable flow switching by entering the no ip route-cache flow interface configuration command.
•CSCds58988
A Cisco 7507 or 7513 router with dual Route Switch Processor 2s (RSP2s), RSP4s, RSP4+s or RSP8s, that is running any version of Cisco IOS between Cisco IOS Release 12.0(12.6)S and Cisco IOS Release 12.0(13.6)S1 inclusive, might reload repeatedly during bootup and fail to boot. In this situation, messages similar to the following are displayed:
SLOT 7 RSP is system master SLOT 6 RSP is system slave RSP4 platform with 131072 Kbytes of main memory
Self decompressing the image : ################################################# ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ###################################### [OK]
Nested r4k_return_to_monitor call (2 times)
-Traceback= 0 60255640 60253FCC 6023D8D0 602D42F8 602D3A58 602E1C0C 602E0EBC 602D6360
Nested r4k_return_to_monitor call (3 times)
-Traceback= 0 602D43EC 602D3A58 602E1C0C 602E0EBC 602E1B3C 602E0EBC 602D6360
*** System received a Bus Error exception *** signal= 0xa, code= 0x8, context= 0x612b6780 PC = 0x602dab18, Cause = 0x20, Status Reg = 0x34008002 DCL Masked Interrupt Register = 0x000000ff DCL Interrupt Value Register = 0x00000000 MEMD Int 6 Status Register = 0x00000000
SLOT 6 RSP is system master SLOT 7 RSP is system slave RSP4 platform with 131072 Kbytes of main memory
Found bootloader image - slot0:rsp-boot-mz_120-13_3_S.bin
Self decompressing the image : ################################################# ################################################################################ ################################################################################ ################################################################################ ################## [OK]
Nested r4k_return_to_monitor call (2 times)
-Traceback= 0 60162EB8 60161844 6014B148 601E1B78 601E12D8 601EF48C 601EE73C 601E3BE0
Nested r4k_return_to_monitor call (3 times)
-Traceback= 0 601E1C6C 601E12D8 601EF48C 601EE73C 601EF3BC 601EE73C 601E3BE0
*** System received a Bus Error exception *** signal= 0xa, code= 0x8, context= 0x609fdbb0 PC = 0x601e8398, Cause = 0x20, Status Reg = 0x34008002 DCL Masked Interrupt Register = 0x000000ff DCL Interrupt Value Register = 0x00000000 MEMD Int 6 Status Register = 0x00000020
SLOT 6 RSP is system master SLOT 7 RSP is system slave RSP4 platform with 131072 Kbytes of main memory
(repeats)
Workaround: Pull out the slave RSP to allow the router to boot only the master RSP. Reverting to a version of Cisco IOS earlier than Release 12.0(12.6)S will also alleviate this condition.
Interfaces and Bridging
•CSCdt04234
Cisco-BGP-Policy-Accounting MIB statistics are not available for Inter-Switch Link (ISL) and dot1Q subinterfaces. There is no workaround.
IP Routing Protocols
•CSCdr49641
A Cisco router that is running Cisco IOS Release 12.0(10)S and that receives a large packet that was fragmented before receipt may display the following error message at the rendezvous point of a Multicast network that is running Protocol Independent Multicast (PIM) sparse mode:
%PIM-5-REG_ENCAP_INVALID: Bad register from <IP-address> for (<IP-address>, <Class-D-IP-address>). Trace = ....
Workaround: Send a mix of large and small packets from the source so that the source tree is set up correctly by the small packets between the first hop and the Route Processor (RP). If the Multicast data is forwarded correctly, then this situation may not cause any real harm.
Alternate workaround: Reduce the packet size from the source so that fragmentation does not occur between the first hop and the RP.
•CSCds53104
A Cisco router may reload while changing an interface IP address if overlapping network statements exist in the Open Shortest Path First (OSPF) configuration that match this IP address.
Workaround: Remove extra network statements that match the old IP address.
•CSCdt03333
A Cisco 12000 series Internet router that is configured for IP multicast switching may reload with a "sig=10" bus error under specific conditions. Disabling multicast avoids this condition. There is no workaround.
Miscellaneous
•CSCdm22863
An OC-48 line card may reload after a series of "%FIB-3-FIBSEQ: Out of sequence" messages.
Workaround: Upgrade to Cisco IOS Release 12.0(14.1)S or Cisco IOS Release 12.0(13.6)S2, or reload the microcode on the line card when this situation occurs.
•CSCdr35034
Cisco 12000 series Internet router do not support non-Multiprotocol Label Switching (MPLS) tunnels, and non-MPLS tunnels should not be configured even though these tunnels are configurable using the command-line interface. There is no workaround.
•CSCdr42215
The 1OC-12/STM-4 SRP line card on a Cisco 12000 series Internet router needs to use the latest fabric loader, but the fabric loader is not automatically downloaded to the line card.
Workaround: Enter the service download-fl command.
•CSCdr76940
A Cisco 12000 series Internet router may display the following error message:
%LC-3-PSALOADSHARE MPLS loadsharing inconsistency for 0.0.0.0/0
No other problems have been proven to be related to this message. If any Multiprotocol Label Switching (MPLS) load-sharing forwarding problem occurs near the time the error message is displayed, contact the Cisco Technical Assistance Center. There is no workaround.
•CSCdr96702
A Cisco 7500/RSP series router that is running Cisco IOS Release 12.0(11)S3 may continually display the following error messages:
%SYS-3-INVMEMINT: Invalid memory action (malloc) at interrupt level -Traceback= 6026E448 60600878 605F73A4 605F6F24 605F70B0 605F5A04 605F5E98 605F64D8 605F6630 60251FE4 60249398 6015A3D4 6015A5D0 6015B2D8 6015BD00 6015C830
%SYS-2-MALLOCFAIL: Memory allocation of 120 bytes failed from 0x60600870, pool Processor, alignment 0 -Process= "<interrupt level>", ipl= 2
-Traceback= 6026CC0C 6026E6B8 60600878 605F73A4 605F6F24 605F70B0 605F5A04 605F5E98 605F64D8 605F6630 60251FE4 60249398 6015A3D4 6015A5D0 6015B2D8 6015BD00
%SYS-3-INVMEMINT: Invalid memory action (malloc) at interrupt level -Traceback= 6026E448 60600878 605F73A4 60602210 605F713C 605F5A04 605F5E98 605F64D8 605F6630 60251FE4 60249398 6015A3D4 6015A5D0 6015B2D8 6015BD00 6015C830
%SYS-3-INVMEMINT: Invalid memory action (malloc) at interrupt level -Traceback= 6026E448 60600878 605F73A4 60602210 605F713C 605F5A04 605F5E98 605F64D8 605F6630 60251FE4 60249398 6015A3D4 6015A5D0 6015B2D8 6015BD00 6015C830
%SYS-3-INVMEMINT: Invalid memory action (malloc) at intThere is no workaround.
•CSCds02864
The flapping of LANE interfaces with Cisco Express Forwarding (CEF) switching may cause the Cisco router to reload.
Workaround: Disable CEF on those interfaces.
•CSCds12065
A Cisco 12008 Internet router that is running the gsr-k4p-mz image in Cisco IOS Release 12.0(11)S may display the following error message without any debug enabled:
%GRP-3-IFCON: TOO MANY QUEUED MESSAGES
There is no workaround.
•CSCds29905
A PA-MC2E1/120 controller on a Cisco 7200 series router with High-Level Data Link Control (HDLC) interfaces configured may experience flapping serial interfaces for channel groups when no keepalive messages are received.
Workaround: Disable keepalive on each interface.
•CSCds36261
When a previously deleted Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel interface is recreated on a Cisco 12000 series Internet router with a Gigabit Ethernet line card, traffic flow through the tunnel is interrupted. This situation occurs when the previously deleted tunnel is reconfigured by entering the no interface tunnel number command (where number is the tunnel interface number).
Workaround: To disable the tunnel interface, shut down the interface instead of deleting it. If the interface has already been deleted, perform the following steps:
1. Create the interface again.
2. Wait until the tunnel comes up.
3. Re-enter the path-option description for the tunnel (for example, for dynamic TE tunnels, enter the tunnel mpls traffic-eng path-option number dynamic command again).
Alternative workaround: Create the tunnel using a different name.
•CSCds37837
Rate-based distributed QoS features such as traffic-shaping, LLQ, and police do not report actually traffic rate after CRTP has compressed the packets. This could lead to premature packet drops.
For example, if the compression efficiency is 2:1, and a given QoS feature has enough tokens for 2 compressed packets. Instead of being able to send a burst of 2 voice packets, the feature may drop the 2nd packet because it does not debit the tokens using the compressed size.
There is no workaround.
•CSCds39722
A system that has Cisco Express Forwarding (CEF) enabled may reload when sending NetFlow export packets. There is no workaround.
•CSCds43008
On a Cisco 7200 series router, some classes in a policy map may disappear, and the following error messages are displayed:
class d1
^
% Invalid input detected at '^' marker.
class q1
^
% Invalid input detected at '^' marker.This condition occurs when a policy map is configured with multiple classes, attached to an interface, and saved in NVRAM, and then the router is reloaded.
Workaround: After the router is reloaded, reconfigure the policy map.
•CSCds49790
On a Cisco 7500 series router, if you configure a static IP route to point to a Multilink-group interface, IP traffic does not route through that interface, and the following type of configuration fails:
ip route x.x.x.x y.y.y.y Multilink1
Workaround: Use a static route that points at the next-hop address. For example:
ip route x.x.x.x y.y.y.y z.z.z.z
where z.z.z.z is the IP address of the peer router.
•CSCds58464
A Cisco 12000 series Internet router may experience extended traffic disruption under heavy load conditions with several thousand of Border Gateway Protocol (BGP) routes and line rate traffic. This situation is more likely to occur when the router contains hundreds of Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel heads.
Workaround: Significantly reduce incoming traffic to the router. When the traffic flow is re-established, restart full traffic flow. In extreme cases, reload a line card by entering the microcode reload [slot-number] global configuration command.
•CSCds58727
On a Cisco 7513 router, pings may fail through Multiprotocol Label Switching Traffic Engineering (MPLS TE) unidirectional tunnels when Cisco Express Forwarding (CEF) is configured. There is no workaround.
•CSCds61573
When an OC-3 ATM line card is configured with the egress committed access rate (CAR) and the Rx line card is a 3-Port Gigabit Ethernet line card, traffic may not be forwarded. There is no workaround.
•CSCds66103
On an 8-port OC-3 Packet-over-SONET (POS) line card, running traffic through an interface that is configured with Tag Switching and Per Interface Rate Control (PIRC) may result in the line card reloading. There is no workaround.
•CSCds73241
When the queueing strategy on an output non-Versatile Interface Processor (VIP) interface is changed from fair queue to FIFO, Label Forwarding Information Base (LFIB) entries for all prefixes that are switched out that interface are not automatically installed in the VIPs on the system. This situation causes packets to those prefixes to be punted to the Route Switch Processor (RSP), which causes the packets to bypass distributed switching.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command.
•CSCds75303
An OC-48 line card may receive multicast packets that are less than 176 bytes but drop multicast packets that are larger than 176 bytes. This situation occurs when distributed multicast switching is enabled on input and output interfaces, and it has been observed when there is a Fast Ethernet or non-Engine 2 Gigabit Ethernet card on the input side and an Engine 2 card on the output side.
Workaround: Disable distributed multicast switching by entering the no ip mroute-cache interface configuration command.
•CSCds78695
When two routers are using Distributed Multilink PPP to connect to each other, a mismatch sequence number may be displayed if the show ppp multilink EXEC command is entered on both routers. In this situation, the controller should be up, and interfaces are up, but packets cannot get through the multilink interfaces.
Workaround: Disable PPP multilink.
•CSCds81427
On a Cisco 7200 or Cisco 7500/RSP series router that is running Cisco IOS Release 12.0 S, deleting a subinterface of a MC-T3, MC-2T3, or MC-2T3+ port adapter removes all subinterfaces.
Workaround: Shut down the subinterface instead of deleting it.
•CSCds87131
When "priority" is configured in a class that matches on an access list and the priority kbps parameter is greater than one-half of the interface bandwidth, Low Latency Queueing (LLQ) does not function properly after the router reloads. A "bandwidth of <x> kbps is not available (y)" error message is displayed.
Workaround: Remove and reattach the service policy.
•CSCds90758
A Cisco PA-A3-xx port adapter may not be able to provide correct traffic shaping if a combination of peak cell rate (PCR), sustainable cell rate (SCR), and maximum burst size (MBS) for variable bit rate (VBR) virtual circuits (VCs) is used in such a way that the "limit" calculated according to the Generic Cell-Rate Algorithm (GCRA) (as specified in ATM Forum TM4.0) comes out to be greater than 0xFFFFFF (Hex) or 16777215 (decimal). There is no workaround.
•CSCds90978
If the service upgrade [all] command is in the starting configuration of a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(14.3)S, the interfaces stay in "down/down" state and display the following error message:
Auto upgrade is not supported right now
Workaround: Remove the service upgrade [all] command from the startup configuration by entering the no service upgrade [all] command.
•CSCds92817
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(14.3)S or a later release cannot switch multicast packets over ATM interfaces. Attempts to switch multicast packets over an ATM interface result in memory allocation failures and, eventually, a reload. There is no workaround.
•CSCdt02190
Committed access rate (CAR) with an access control list (ACL) does not function on a Gigabit Inter-Switch Link (ISL) subinterface for output.
Workaround: Use CAR for all traffic.
•CSCdt18447
During a large routing table update (for example, when the clear ip bgp * EXEC command is entered), the CPU utilization can increase dramatically because of a Cisco Express Forwarding (CEF) event logger feature.
Workaround: Turn off part of the feature using the following configuration command:
ip cef table event-log traceback depth 0
•CSCdt31026
After booting up a Cisco router with Cisco IOS Release 12.0(14.6)S3 or 12.0(15)S image, MSDP peers that belong to a mesh group may get a SA limit of 0 associated with them. In this situation, SA messages cannot be received or cached from such MSDP peers, and source discovery between the peers will not take place. This condition is indicated with a syslog message like the following:
%MSDP-4-SA_LIMIT: SA from peer peer-addr RP rp-addr for (src-addr, group-addr) exceeded sa-limit of 0
Workaround: Either set the MSDP SA limit, or negate the msdp sa-limit command after each reload for each peer that belongs to a mesh group, as in the following example:
ip msdp sa-limit A.B.C.D [number]
no ip msdp sa-limit A.B.C.DThis sequence of command must be repeated after each reload because the MSDP mesh group commands always come after the MSDP SA limit commands in the startup configuration.
Wide-Area Networking
•CSCds85331
A Versatile Interface Processor (VIP) on a Cisco 7500/RSP series router that is running Cisco IOS Release 12.0(13.5)S may reload at fec_get_hwidb if distributed Cisco Express Forwarding (dCEF) and forward error correction (FEC) are configured. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(14)S8
Cisco IOS Release 12.0(14)S8 is a rebuild of Cisco IOS Release 12.0(14)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(14)S8. This section describes only severity 1 and 2 caveats.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Resolved Caveats—Cisco IOS Release 12.0(14)S7
Cisco IOS Release 12.0(14)S7 is a rebuild of Cisco IOS Release 12.0(14)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(14)S7. This section describes only severity 1 and 2 caveats.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(14)S3
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(14)S3. This section describes only severity 1 and 2 caveats.
•CSCds70691
On a Cisco Route Switch Processor 8 (RSP8), if packets are received in a PA-A3-8T1/E1 interface, the interface type will not be recognized. There is no workaround.
•CSCdt16292
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(14)S1, Release 12.0(14)S2, Release 12.0(13.6)ST1, or Release 12.0(14.3)S might reload with one of the following error messages:
Error: primary data cache, fields: data, SysAD virtual addr 0x2809100E, physical addr(21:3) 0x091008, vAddr(14:12) 0x1000 virtual address corresponds to unknown, cache word 1 Address: 0x28091000 not in L1 Cache Address: 0x2809100E Can not be loaded into L1 Cache
Bus errors at various addresses
Signal = 10, Code = 0x10
%GRP-3-ADDRERROR: Bad access to fabric-buffers : invalid address
%SYS-2-BADSHARE: Bad refcount in pool_getbuffer, ptr=A49E78F8, count=FFFFA51C
%IPC-5-NULL: Recd. msg Dest Port=0x8
%ALIGN-1-FATAL: Illegal access to a low address
Workaround: Upgrade to Cisco IOS Release 12.0(15)S, Release 12.0(14)S3, or Release 12.0(14)ST.
Resolved Caveats—Cisco IOS Release 12.0(14)S1
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(14)S1. This section describes only severity 1 and 2 caveats.
•CSCdr93446
SA-caching is disabled by default. This condition may cause the propagation of SA storms throughout the global MSDP topology. There is no workaround.
•CSCds29058
A Cisco 12000 series Internet router might reload unexpectedly if all Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnels are removed. This situation occurs under heavy load conditions (for example, when several thousand routes and several hundred TE tunnels are removed).
Workaround: Allow a delay of a couple of seconds between tunnel removals.
•CSCds45328
A small amount of memory will be allocated and not freed when the configuration is written to non-volatile memory. There is no workaround.
•CSCds50802
A Cisco 7500/RSP series router with a dual-port single-wide Fast Ethernet Port Adapter (PA-2FE) that is configured for distributed Cisco Express Forwarding (dCEF) and rate-limit might frequently display the following error message:
CLNS-3-BADPACKET: ISIS: LAN L2 hello, packet (1497) or wire (581) length invalid from 0010.f6fb.0128 (FastEthernet9/1/0)
Workaround: Use a Fast Ethernet port adapter (PA-FE), or disable dCEF and do not use rate-limit on the PA-2FEISL port adapter.
•CSCds53432
On a Cisco 12000 series router that is running Cisco IOS Release 12.0(13) with a 6-port channelized T3 (6CT3-SMB) line card, the following command breaks the input i/f counters, and the input counters are not incremented:
no t1 1 ch 0 tim 1-24
t1 1 ch 0 tim 1-24
Workaround: Save the configuration, and reboot the router.
•CSCds56601
If a Cisco 12000 series Internet router is configured with multicast access control lists (ACLs) and these ACLs are applied on a line card interface, multicast traffic that is destined for the router will be dropped. There is no workaround.
•CSCds63514
A Cisco router that is running Cisco IOS release 12.0(12.3)S may experience problems passing non-Gigabit Route Processor (GRP)-sourced traffic out Packet-over-SONET (POS) line cards. When this situation occurs, all traffic from external sources passing through the line card that is experiencing this condition will be dropped with no indications of the drop in the counters or any other indication of failure. Traffic that is generated by the GRP for the router (for example, Internet Control Message Protocol (ICMP) packets or Border Gateway Protocol (BGP)/Open Shortest Path First (OSPF) protocol traffic) will pass under these circumstances.
Workaround: Shut down all POS interfaces that do not have an IP address set. If this situation has already occurred, reload the line card.
•CSCds64135
A Cisco router may display a "Bad template info in PATH" message when the router receives a Resource Reservation Protocol (RSVP) message from a third party router. This message does not affect how the router functions. There is no workaround.
•CSCds67987
A Cisco router that is configured with Multicast Source Discovery Protocol (MSDP) and has a locally joined Internet Group Management Protocol (IGMP) member (for example, LOCAL_FLAG, aka L flag) may leak buffers. This situation may happen when an MSDP SA message with encapsulated data is received but a Reverse Path Forwarding (RPF) interface lookup for the packet does not result in a valid interface (for example, ip_rpf_lookup() returns NULL).
Workaround: Eliminate the locally joined IGMP member (for example, by entering the no ip igmp join group-address command).
•CSCds72436
A Cisco router may experience a software-forced reload when using Simple Network Management Protocol (SNMP) to copy a configuration. In this situation, the router is trying to free already freed memory.
Workaround: Use new SNMP commands.
•CSCds72867
On a Cisco 7200 series router, the interface may stop receiving traffic under extreme loads on C7200-I/O-GE+E or C7200-I/O-2FE/E input/output controllers and on PA-2FE-TX or PA-2FE-FX port adapters. There is no workaround.
•CSCds73364
On a Cisco 12000 series router that is running Cisco IOS Release 12.0(14)S or earlier with a 6-port channelized T3 (6CT3-SMB) line card with Multilink interface(s) configured may exhibit the following conditions:
–Routing protocols are not sending updates across some Multilink interfaces, and pings do not work across these Multilink interfaces. In this condition, the IP address of a Multilink interface was changed by a user action, and the router has not been reloaded since that action.
Workaround: Enter the shutdown interface configuration command followed by the no shutdown interface configuration command on the Multilink interface, or reload the router.
–Weighted Random Early Detection (WRED)/Modified Deficit Round Robin (MDRR) is configured on a Multilink interface but is not functioning. This condition occurs when the router was reloaded after the WRED/MDDR configuration was applied.
Workaround: Reapply the configuration repeating the tx-cos name command on the interface. This action will be necessary every time the router is reloaded.
– The maximum transmission unit (MTU) of a Multilink interface was previously configured but is no longer there. This condition occurs when the router is reloaded after the MTU was configured.
Workaround: Configure the MTU again as required. This action will be necessary every time the router is reloaded.
–A previously shut Multilink interface has changed to the UP state without an administrative action. This condition occurs when there is a user-initiated microcode reload, or there was an online insertion and removal (OIR).
Workaround: Shut down all previously shut Multilink interfaces after a reload or OIR.
–The following message is displayed repeatedly with a traceback after an OIR event has occurred:
GSR-3-ENCAP: Failure to free (already free)
This message is only a warning, and it does not indicate a serious condition when seen in conjunction with an OIR. There is no workaround.
–The router is unable to ping Multilink interfaces, and the show interface | include IPCP command indicates that IPCP is in the Listen state on the Multilink interfaces. This condition occurs when the router has just been started or reloaded, the 6-port channelized T3 (6CT3-SMB) line cards are too close or fully configured with 168 T1s, and there are 3 or more Multilink interfaces.
Workaround: Increase the PPP timeout at the remote end to at least 60 seconds. To correct the problem temporarily, enter the shutdown interface configuration command followed by the no shutdown configuration command on the Multilink interface(s) that are in the Listen state.
•CSCds76418
In a Multiprotocol Label Switching (MPLS) network using Label Distribution Protocol (LDP) or Tag Distribution Protocol (TDP), packets matching the default route may be dropped or forwarded incorrectly. On router incorrectly dropping or forwarding such packets, the output of the show tag-switching forwarding command shows the label advertised for 0.0.0.0/n as the outgoing label for 0.0.0.0/0.
Workaround: Prevent the use of route 0.0.0.0/n in networks that use 0.0.0.0/0 (default).
•CSCds78741
When a Cisco Route Switch Processor 8 (RSP8) that is running Cisco IOS Release 12.0(13)S2 reloads, the ATM VC that is configured with VPI=0 is rejected by the ATM driver. The VC configuration for the ATM interface must entered manually after every reload. There is no workaround.
•CSCds85019
On a Cisco 12000 series router that is running Cisco IOS Release 12.0(13) with 6-port channelized T3 (6CT3-SMB) line cards, the Buffer Management ASIC (BMA) may receive an internal "register file" parity error at high temperatures, high frequency, and low voltage. There is no workaround.
•CSCds88436
When Distributed Weighted Fair Queuing (DWFQ) is enabled on channelized interfaces on a Versatile Interface Processor (VIP), many interfaces will not come up after the router is rebooted. There is no workaround.
•CSCdt03333
A Cisco 12000 series Internet router that is configured for IP Multicast switching may reload with a bus error (sig=10) under specific conditions. There is no workaround.
•CSCdt04234
Cisco-BGP-Policy-Accounting MIB Stats are not available for Inter-Switch Link (ISL) and Dot1Q sub-interfaces. There is no workaround.
•CSCdt04645
With Engine 2-based Cisco 12000 series Internet router line cards, the line card-to-RP queue can grow too large, which causes malloc failures on the line card. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(14)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(14)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdr52856
Enabling Multiprotocol Label Switching Traffic Engineering (MPLS-TE) tunnels on a Cisco 7507 router might result in a memory leak by the interprocess communication (IPC) Seat Manager process and a reload of the router if NetFlow and NetFlow Export are enabled on the router and the NetFlow Export packets are going out of the MPLS-TE tunnels.
Workaround: Disable NetFlow Export by entering the no ip flow-export ip-address udp-port global configuration command.
•CSCds25135
A Cisco Route Switch Processor 8 (RSP8) might reload at boot time because of an unexpected exception if a boot host tftp:[[[//host]/directory-path]/filename] configuration command is present in the startup configuration.
Workaround: Change the URL syntax in the configuration command to use the IP address instead of the host name. For example, use boot host tftp:[[[//a.b.c.d]/directory-path]/filename].
•CSCds33629
Symptoms: Closing an existing Telnet session may cause a router to crash.
Conditions: This symptom is platform-independent
Workaround: There is no workaround.
•CSCds34304
A Cisco 7500/RSP series router might experience a software-forced reload when fair queueing is configured on more than 512 interfaces. There is no workaround.
•CSCds41795
A Cisco AS5800 series universal access server may experience a bus error at les_ipfib_flow_switch along with spurious interrupts at the same process.
Workaround: Disable flow switching by entering the no ip route-cache flow interface configuration command.
•CSCds58988
A Cisco 7507 or 7513 router with dual Route Switch Processor 2s (RSP2s), RSP4s, RSP4+s or RSP8s, that is running any version of Cisco IOS between Cisco IOS Release 12.0(12.6)S and Cisco IOS Release 12.0(13.6)S1 inclusive, might reload repeatedly during bootup and fail to boot.
In this situation, messages similar to the following are displayed:
SLOT 7 RSP is system master SLOT 6 RSP is system slave RSP4 platform with 131072 Kbytes of main memory
Self decompressing the image : ################################################# ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ###################################### [OK]
Nested r4k_return_to_monitor call (2 times)
-Traceback= 0 60255640 60253FCC 6023D8D0 602D42F8 602D3A58 602E1C0C 602E0EBC 602D6360
Nested r4k_return_to_monitor call (3 times)
-Traceback= 0 602D43EC 602D3A58 602E1C0C 602E0EBC 602E1B3C 602E0EBC 602D6360
*** System received a Bus Error exception *** signal= 0xa, code= 0x8, context= 0x612b6780 PC = 0x602dab18, Cause = 0x20, Status Reg = 0x34008002 DCL Masked Interrupt Register = 0x000000ff DCL Interrupt Value Register = 0x00000000 MEMD Int 6 Status Register = 0x00000000
SLOT 6 RSP is system master SLOT 7 RSP is system slave RSP4 platform with 131072 Kbytes of main memory
Found bootloader image - slot0:rsp-boot-mz_120-13_3_S.bin
Self decompressing the image : ################################################# ################################################################################ ################################################################################ ################################################################################ ################## [OK]
Nested r4k_return_to_monitor call (2 times)
-Traceback= 0 60162EB8 60161844 6014B148 601E1B78 601E12D8 601EF48C 601EE73C 601E3BE0
Nested r4k_return_to_monitor call (3 times)
-Traceback= 0 601E1C6C 601E12D8 601EF48C 601EE73C 601EF3BC 601EE73C 601E3BE0
*** System received a Bus Error exception *** signal= 0xa, code= 0x8, context= 0x609fdbb0 PC = 0x601e8398, Cause = 0x20, Status Reg = 0x34008002 DCL Masked Interrupt Register = 0x000000ff DCL Interrupt Value Register = 0x00000000 MEMD Int 6 Status Register = 0x00000020
SLOT 6 RSP is system master SLOT 7 RSP is system slave RSP4 platform with 131072 Kbytes of main memory
(repeats)
Workaround: Pull out the slave RSP to allow the router to boot only the master RSP. Reverting to a version of Cisco IOS earlier than Release 12.0(12.6)S will also alleviate this condition.
Interfaces and Bridging
•CSCds03961
When a Cisco 7507 router with a Gigabit Ethernet Interface Processor (GEIP) installed in slot 5 and slot 6 is upgraded to Cisco IOS Release 12.0(11)S, the GEIP may experience a reload when it is booted.
Workaround: Run Cisco IOS Release 11.1(33)CC to stabilize the router.
IP Routing Protocols
•CSCdr49641
A Cisco router that is running Cisco IOS Release 12.0(10)S and that receives a large packet that was fragmented before receipt may display the following error message at the rendezvous point of a Multicast network that is running Protocol Independent Multicast (PIM) sparse mode:
%PIM-5-REG_ENCAP_INVALID: Bad register from <IP-address> for (<IP-address>, <Class-D-IP-address>). Trace = ....
Workaround: Send a mix of large and small packets from the source so that the source tree is set up correctly by the small packets between the first hop and the Route Processor (RP). If the Multicast data is forwarded correctly, then this situation may not cause any real harm.
Alternate workaround: Reduce the packet size from the source so that fragmentation does not occur between the first hop and the RP.
•CSCdr50217
Under rare circumstances, when a Cisco router does not receive any updates but has to send numerous updates to a peer router, Border Gateway Protocol (BGP) sends updates slowly because of a scheduling inefficiency in BGP. There is no workaround.
•CSCdr76940
A Cisco 12000 series Internet router might display the following error message:
%LC-3-PSALOADSHARE MPLS loadsharing inconsistency for 0.0.0.0/0
No other problems have been proven to be related to this message. If you see any MPLS load-sharing forwarding problems near the time the error message was displayed, contact your Cisco technical support representative. There is no workaround.
•CSCdr89108
Multicast distributed switching (MDS) sometimes does not function properly on a Versatile Interface Processor (VIP) interface of a Cisco 7500/RSP series router; the interface is inadvertently changed to process switching when there are process switching interfaces in the router.
Workaround: Reenter the no shutdown configuration command on the affected interfaces.
•CSCds05364
When Distributed FRF.12 and Quality of Service (QoS) service policy are configured on a large number of Frame Relay permanent virtual circuits (PVCs), FRF.12 might not function after the router reloads. In this situation, the output of the show frame-relay fragment command will show no fragment count even though FRF.12 appears to be configured properly.
Workaround: Reconfigure FRF.12 after the router reloads.
•CSCds11636
Writing a configuration to NVRAM that contains "ip nbar resources" may cause A Cisco router to reload.
Workaround: Do not save network-based application recognition (NBAR) resource configurations to NVRAM.
•CSCds12065
A Cisco 12008 Internet router that is running the gsr-k4p-mz image in Cisco IOS Release 12.0(11)S may display the following error message without any debugging enabled:
%GRP-3-IFCON: TOO MANY QUEUED MESSAGES
There is no workaround.
•CSCds20926
A router that is running Open Shortest Path First (OSPF) may reload during redistribution testing. This situation has only been seen in development-testing environments, where different routing protocols are configured and unconfigured quickly. Race conditions occur if these protocols are redistributed into OSPF, which forces the router to reload. This situation does not occur in normal operating environments where routing protocols are never removed. There is no workaround.
•CSCds26009
Using the summary-address router configuration command in Open Shortest Path First (OSPF) may cause high CPU utilization. This situation occurs if the routing table is 10K or above.
Workaround: Remove the summary-address command.
•CSCds37837
Rate-based distributed Quality of Service (QoS) features such as traffic-shaping, Low Latency Queueing (LLQ), and police do not report actually traffic rate after Compressed Real-Time Traffic Protocol (CRTP) has compressed the packets. This situation may result in premature packet drops.
For example, if the compression efficiency is 2:1, and a given QoS feature has enough tokens for two compressed packets, instead of being able to send a burst of two voice packets, the feature may drop the second packet because it does not debit the tokens using the compressed size.
There is no workaround.
•CSCds39722
A Cisco router that has Cisco Express Forwarding (CEF) enabled may reload when sending NetFlow export packets. There is no workaround.
•CSCds44496
A Border Gateway Protocol (BGP) UPDATE contains Network Layer Reachability Information (NLRI) and attributes that describe the path to the destination. Each path attribute is a type, length, value (TLV) object.
The type is a two-octet field that includes the attribute flags and the type code. The fourth high-order bit (bit 3) of the attribute flag is the extended length bit. It defines whether the attribute length is one octet (if set to 0) or two octets (if set to 1). BGP uses the extended length bit only if the length of the attribute value is greater than 255 octets.
An optional, transitive attribute that is unknown to a BGP speaker must be stored and forwarded when the path is sent in a BGP UPDATE. If the length of the attribute is such that the extended length bit is used, its contents are truncated when the UPDATE is sent. There is no workaround.
•CSCds53104
A Cisco router may reload while changing an interface IP address if overlapping network statements exist in the Open Shortest Path First (OSPF) configuration that match this IP address.
Workaround: Remove extra network statements that match the old IP address.
Miscellaneous
•CSCdm62717
A Cisco 12000 series Internet router line card might reload if there are a large number of adjacency and prefix updates in a short period of time. This condition also affects Versatile Interface Processor (VIP) line cards in the Cisco 7500/RSP series routers.
Workaround: Upgrade to Cisco IOS Release 12.1(10.5) or to a later release.
•CSCdr31064
Under rare conditions, the Cisco 12000 series Internet router switch fabric redundancy system may experience line card reloads and interprocess communication (IPC) errors while recovering from a Clock Scheduler Card (CSC) hardware failure. This problem is more frequent under high traffic load. There is no workaround.
•CSCdr61724
Resolution of recursive routes by Cisco Express Forwarding (CEF) may add 1 to 15 seconds to the end-to-end route convergence time. There is no workaround.
•CSCdr62580
When a Packet-over-SONET (POS) interface with an OC-48c/STM-16 POS line card on a Cisco 12008 series Internet router is disconnected and then reconnected, the router may stop functioning and exhibit continuous "%LC-2-INTSCHED" and traceback output messages. This behavior may also occur when the other end of the POS line is a Cisco 12008 router that goes down/up. There is no workaround.
•CSCdr69544
A Cisco 12016 or 12012 Internet router that is running Cisco IOS Release 12.0(9.6)ST2 with DC power displays might repeatedly display the following error messages:
GSR_ENV-0-SHUTDOWN: Slot 24 Inlet sensor temperature at 33 deg C > 0 deg C
GSR_ENV-0-SHUTDOWN: Slot 24 48V supply at 50V < 65408 VThe router does not actually shut down, but the messages display repeatedly. This situation may also occur with a Cisco 12016 Internet router with an AC power supply. There is no workaround.
•CSCdr72018
When an OC-48c/STM-16c Packet-over-SONET (POS) line card is pulled from a Cisco 12000 series Internet router, no traps are generated. When the card is reseated, both LinkDown and LinkUp traps are received. When a Gigabit Ethernet (GE) card is pulled, no traps are generated, and when the card is reseated, only a LinkUp trap is received. There is no workaround.
•CSCdr84883
Under certain circumstances when the access control list (ACL) matches the type of service (ToS) bits or Internet Control Message Protocol (ICMP) messages where the packet gets sent to the line card CPU for processing, the Multiprotocol Label Switching (MPLS) label imposition does not occur. The packet gets forwarded to the next hop as an IP packet rather than an MPLS packet. The router in the next hop puts an MPLS label on the packet. This situation does not affect packet flow; in the case of traffic engineering (TE) tunnels, the packet will be sent as IP and may not go through the TE tunnel. There is no workaround.
•CSCds01236
A Cisco 7200 or 7500/RSP series router with an ATM-PA3 port adapter might stop forwarding packets on one or more virtual channels (VCs). In this condition, the packets show up as output drops on those VCs, and the VCs appear stuck.
Workaround: Enter the shutdown configuration command followed by the no shutdown configuration command.
•CSCds04454
A single-port Packet-over-SONET (POS) OC-48c/STM-16 Cisco 12000 series Internet router Engine 2 line card may reload intermittently. There is no workaround.
•CSCds09570
A Cisco 12000 Internet router line card might reload if input MAC accounting is configured on a Gigabit Ethernet (GE) port on a 3-port GE line card. There is no workaround.
•CSCds11405
When encapsulation Frame Relay is enabled on a Packet-over-SONET (POS) interface with multiple subinterfaces, the following error message may be seen in the log:
SLOT 5:21:43:50: %LC-3-OUTINFO: Adj/midb(MDS 224.0.0.2): incorrect output_info=0 -Traceback= 40318D38 40368518 403643AC 403666C4 403667B0 40365F88 4009C074 40090 Slot 5 is where the OC3 is doing frame relay encapsulation.
There is no workaround.
•CSCds12065
A Cisco 12008 Internet router that is running the gsr-k4p-mz image in Cisco IOS Release 12.0(11)S may display the following error message without any debug enabled:
%GRP-3-IFCON: TOO MANY QUEUED MESSAGES
There is no workaround.
•CSCds12078
A Cisco 7200 series router with a NPE-200 Network Processing Engine and a PA-2FEISL port adapter might experience spurious memory access while Cisco Express Forwarding (CEF) is enabled.
Workaround: Disable CEF.
•CSCds13541
Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) traffic may be dropped in a Provider core network that has MPLS traffic engineering tunnels configured. This situation occurs when the dropped traffic follows a path through the core network that traverses an MPLS traffic engineering tunnel interface on which IP Label Switching has been configured. This situation only occurs on Cisco routers that are running Cisco IOS Release 12.0 S and acting as MPLS Traffic Engineering (TE) head end routers that are carrying packets that are already labeled, such as MPLS VPN traffic.
Workaround: After a traffic engineering tunnel interface comes up on a Provider core router, enter the following command sequence:
configure terminal
interface Tunnel tunnel-number
no tag-switching ip
tag-switching ip
•CSCds16875
Traffic might fail to be forwarded into Multiprotocol Label Switching (MPLS) tunnels after the tunnel has been dynamically rerouted. There is the possibility that after the tunnel has been rerouted to a different interface, probably because of a change in the network topology, that traffic might be lost when forwarded to the tunnel.
Workaround: Shutdown the tunnel interface by entering the shutdown command and then bring up the interface a few seconds later by entering the no shutdown command.
•CSCds16953
After a microcode reload, packets that are traveling through a Cisco 7500/RSP series router may get process-switched instead of getting distributed Cisco Express Forwarding (dCEF)-switched. This situation impacts the performance of the router. If the packets get process-switched while Distributed Multilink PPP (DML-PPP) is running, CPU utilization may reach close to 100 percent with 5 to 6 T1s. There is no workaround.
•CSCds16995
On a Cisco 7500/RSP series router, if you deconfigure a link from a bundle while Distributed Multilink PPP (DML-PPP) is running and the link is assigned an IP address, pings through this link fail. In this situation, the link that has been deconfigured can no longer carry traffic.
Workaround: Deconfigure the whole bundle and then reconfigure the bundle without this link. After you perform this action, the link should function properly.
•CSCds17239
If a Cisco 12000 series Internet router is configured with access control lists (ACLs) that are longer than 128 lines, and these ACLs are applied inbound on an Engine 2 (PSA-based) line card interface, traffic that is destined for the router may be dropped. This situation applies to traffic such as Internet Control Message Protocol (ICMP), Simple Network Management Protocol (SNMP), and routing protocol updates.
This situation is seen only on Engine 2 (PSA) line cards, and only when an ACL longer than 128 lines is applied inbound. No other configurations are vulnerable to this defect. There is no workaround.
•CSCds17914
File operations may be erratic if you have a corrupted file on either a Personal Computer Memory Card International Association (PCMCIA) Flash memory card or a SanDisk PCMCIA card, and you try to do something with the file such as copy it or delete it. There is no workaround.
•CSCds18648
Policy routing on Cisco 12000 series Internet router does not function properly for IP option packets and may cause a line card reload. There is no workaround.
•CSCds19179
If the first interface in FlexWAN does not have the route-cache flow command configured and you try to configure route-cache flow for later interfaces on that slot, it might cause a reload during online insertion and removal (OIR) operations.
Workaround: Enter the route-cache flow interface configuration command on the first interface of a port adapter.
•CSCds20491
A Cisco router that is running Cisco IOS Release 12.0(11.6)ST reloads when you use a load balancing route discovery command with a VPN routing/forwarding (VRF) instance specified (for example, the show ip cef vrf [vrf] exact-route [src-addr] [dest-addr] EXEC command). There is no workaround.
•CSCds21333
Some quality of service (QoS) features may not perform as expected when Cisco Express Forwarding (CEF) is enabled. There is no workaround.
•CSCds21669
If a Cisco 7500/RSP series router is booted with Multilink PPP (MLPPP) running and then distributed Cisco Express Forwarding (dCEF) switching is enabled after the router comes up, distributed MLPPP (DMLPPP) does not come up. In this situation, packets will not be distribute switched. Instead, the switching would be done by the RSP depending on the type of switching that is configured. There is no workaround.
•CSCds21813
A Cisco 12000 series Internet router might experience spurious accesses when switching IP packets if features like access lists are enabled. There is no workaround.
•CSCds26361
A Cisco 12000 series Internet router might access a NULL pointer and experience a memory fault reload if the router runs out of memory and tries to increase the size of the Multiprotocol Label Switching Traffic Engineering (MPLS TE) maximum link-state advertisement (LSA) received. There is no workaround.
•CSCds27045
The atm sonet stm-4 interface configuration command is added to the configuration automatically when upgrading to Cisco IOS Release 12.0(12)S or 12.0(12.6)S. Removing this line in the configuration of a Cisco 12000 series Internet router results in an error. On a Cisco 7500/RSP series router, the atm sonet stm-4 command cannot be removed from the configuration. There is no workaround.
•CSCds27443
Configuring Cisco Express Forwarding (CEF) is configured on a Cisco 7200 series router might cause a 50 percent packet loss.
Workaround: Clear the Address Resolution Protocol (ARP), or clear the adjacencies.
•CSCds31512
IP option packets may cause Cisco 12000 series Internet router line cards to reload if policy routing is enabled. This situation occurs only when the Internet router is running Cisco IOS Release 12.0(12.x) images. There is no workaround.
•CSCds32139
A Cisco 12008 router that is running Cisco IOS Release 11.2(19)GS4.1 may reload with a bus error. There is no workaround.
•CSCds34124
In Cisco IOS software that is running Multiprotocol Label Switching (MPLS)/Tag switching over ATM interfaces, virtual circuit (VC) resource exhaustion at the ATM driver level is not reported to the MPLS application during Label VC (LVC) creation. This situation causes MPLS to behave as though it successfully created an LVC when the ATM driver actually failed to complete the request. The output of the show atm vc privileged EXEC command shows the LVC in the INACTIVE state, so the destination cannot be pinged over the affected LVC.
This situation occurs only when you set the virtual path identifier (VPI) or virtual channel identifier (VCI) label range negotiated during Label Distribution Protocol (LDP)/Tag Distribution Protocol (TDP) session establishment larger than the VC range of the interface and when all the VC resources on the interface are exhausted.
This situation usually does not occur when the ATM interface is connected to a BPX, IGX, MGX, or any ATM switch, because the VC resources are constrained by the ATM switch during label range negotiation.
Workaround: Set the label range to be smaller than the VC space to ensure that this condition never occurs.
•CSCds36057
A Cisco 7500/RSP series router with a Versatile Interface Processor 4 (VIP4) and a PA-MC-2T3+ multichannel port adapter might reload after the shutdown interface configuration command is entered on a Multilink interface followed by the no shutdown interface configuration command. There is no workaround.
•CSCds36165
On a Cisco 12000 series Internet router, Per Interface Rate Control (PIRC) may not function properly on Engine 2-based Packet-over-SONET (POS) line cards. There is no workaround.
•CSCds39861
Multiprotocol Label Switching (MPLS) ATM Tag Distribution Protocol (TDP) bindings may not reestablish when TDP adjacencies flap. This situation may occur under high CPU utilization or when TDP neighbor adjacencies flap. This situation has been observed only when the TDP neighbor is running Cisco IOS Release 12.0(10)S or an earlier release. You can diagnose this problem by using the show tag-switching atm-tdp bindings privileged EXEC command. The symptoms are that the LER will have a tag ATM binding for a destination prefix while the downstream router will not. There is no workaround.
•CSCds43008
On a Cisco 7200 series router, if a policy map is configured with multiple classes and attached to an interface, the following error messages might be displayed after the configuration is saved in NVRAM and the router is reloaded:
class d1 ^ % Invalid input detected at '^' marker.
class q1 ^ % Invalid input detected at '^' marker.Workaround: Reconfigure the policy map after the router is reloaded.
•CSCds44514
A Cisco 12000 series Internet router may display messages similar to the following message if the router is configured with access control lists (ACLs) that use the "log-input" keyword on gigabit or Fast Ethernet interfaces:
%ALIGN-3-TRACE: -Traceback= 4036C724 402D9A38 4031B8D0 400BA094 00000000 00000000 00000000 00000000
Workaround: Remove the "log-input" keyword in the ACL definition.
•CSCds46872
Configuring IP accounting on a Cisco 12000 series Internet router by entering the ip accounting interface configuration command halts all traffic through the router. This situation does not occur if the ip accounting mac-address command is used.
Workaround: Use the ip accounting mac-address command.
•CSCds49677
The number of adjacencies a Gigabit Ethernet line card will support in this release is 32k without 802.1Q and 21k with 802.1Q. If this number of adjacencies is exceeded, the router displays error messages similar to the following:
GRP-3-ENCAP: Failure to allocate, slot X (info 0x22)
You can see the number of adjacencies by entering the show adjacency [summary] command. Entering the clear arp command normally reduces the number of adjacencies until each end device is required through ARP. There is no workaround.
•CSCds55488
Multiprotocol Label Switching (MPLS) ATM Tag Distribution Protocol (TDP) bindings may continuously flap between active and released states under certain stressful situations when Cisco IOS Release 12.0(13)S or previous versions of Cisco IOS Release 12.0 S are running. There is no workaround.
•CSCds58727
On a Cisco 7513 router, pings may fail through Multiprotocol Label Switching Traffic Engineering (MPLS TE) unidirectional tunnels when Cisco Express Forwarding (CEF) is configured. There is no workaround.
•CSCds61573
When an OC-3 ATM line card is configured with the egress Committed Access Rate (CAR), traffic is not forwarded if the receive (Rx) line card is a 3-port Gigabit Ethernet line card. There is no workaround.
•CSCds69928
On a Cisco 7500/RSP series router that is running Cisco IOS Release 12.0(13.6)S or 12.0(13.6)S1, when a service policy is attached to an ATM or Frame Relay VC, class-map statistics are correct, but feature statistics (for example, bandwidth or policy) are all zeros.
Workaround: Attach a service policy to ATM or Frame Relay subinterfaces.
TCP/IP Host-Mode Services
•CSCdk69541
If a Cisco router is running Cisco IOS Release 12.0 S and the "ip tcp path-mtu-discovery" feature is enabled, the router might experience a TCP timer problem and reload. This situation occurs when the router is experiencing a heavy load that includes a large number of Border Gateway Protocol (BGP) peer routers that are exchanging routing packets.
Workaround: Disable the "ip tcp path-mtu-discovery" feature by entering the no ip tcp path-mtu-discovery command.
Wide-Area Networking
•CSCds30986
Both 2x32-bit and 64-bit counters are incorrect when using Packet-over-SONET with Frame Relay encapsulation on subinterfaces. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(13)S8
Cisco IOS Release 12.0(13)S8 is a rebuild of Cisco IOS Release 12.0(13)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(13)S8 but may be open in previous releases.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Resolved Caveats—Cisco IOS Release 12.0(13)S6
Cisco IOS Release 12.0(13)S6 is a rebuild of Cisco IOS Release 12.0(13)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(13)S6 but may be open in previous releases.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(13)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(13)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdm56157
A Cisco Route Switch Processor (RSP) might periodically display the following traceback:
IPC-5-INVALID: Sequence Structure port index=0x0 appears on the console.
When you enable the debug ipc errors EXEC command, the RSP might display the following traceback:
IPC: SEQ_ERR ACK ... source seat 0x1000000 port 0x0
If you enter the show ipc stat command, the RSP produces "messages dropped on input" and "no local port" errors.
This situation might occur when distributed Cisco Express Forwarding (dCEF) is enabled on line cards. There is no workaround.
•CSCdr54711
On a Cisco router that is running Cisco IOS Release 12.0(10)S, aggregate NetFlow might report the -cef layer ifIndex related to the physical interface instead of reporting the actual physical interface ifIndex. There is no workaround.
•CSCdr71374
When output access control lists (ACLs) are configured on a Cisco 12000 series Internet router with Performance-48 or 3-Port Gigabit Ethernet line cards, packets that have a tag imposed on them by these cards may be transmitted with the incorrect tag Time to Live (TTL). There is no workaround.
•CSCdr77460
When an online insertion and removal (OIR) is performed, the IF-MIB ifTable, ifStackTable, and ifNumber retains the old entries even though the associated interface layers have been removed. There is no workaround.
•CSCdr90474
On a Cisco router that is running Cisco IOS Release 12.0(11.6)S, 64-bit Simple Network Management Protocol (SNMP) counters might count backwards for in/out octets on idle Ethernet interfaces. There is no workaround.
•CSCdr93938
The ifHCInOctets counter might report incorrect values during reloads for a Packet-over-SONET (POS) interface on a Cisco 12000 series Internet router. There is no workaround.
EXEC and Configuration Parser
•CSCdr53609
Deleting one serial subinterface from the running configuration on a Cisco 7500/RSP series router with a Route Switch Processor 4 (RSP4) that is running Cisco IOS Release 12.0(9)S or 12.0(10.3)S1 will cause the whole interface to disappear.
Workaround: Add the interface that was deleted back to the configuration.
Interfaces and Bridging
•CSCds12978
On a Cisco 7200 series router, the High-Level Data Link Control (HDLC) encapsulated interface on a Packet-Over-SONET (POS) port adapter is never up after reloading unless you configure the cdp enable or clock source internal interface configuration commands.
Workaround: Use the clear interface EXEC command or a sequence of the shut and no shut interface commands.
IP Routing Protocols
•CSCdr49641
A Cisco router that is running Cisco IOS Release 12.0(10)S and receives a large packet that was fragmented before receipt might display the following error message at the rendezvous point of a multicast network that is running PIM sparse mode:
%PIM-5-REG_ENCAP_INVALID: Bad register from <IP-address> for (<IP-address>, <Class-D-IP-address>). Trace = ....
There is no workaround.
•CSCdr68435
If the set interface route-map configuration command is entered on a Cisco router that is using distributed policy routing, the subinterfaces do not function properly, and the command will not work on an interface that is on a different line card.
Workaround: Enter the set ip next-hop route-map configuration command rather than the set interface command.
•CSCdr88511
A Cisco router that is running Cisco IOS 12.0(10.6)S2 or later releases might not install default routes that are advertised though type 5 link-state advertisements (LSAs) by other routers. This condition occurs when the Cisco router has only type 5 default LSAs and no nondefault type 5 LSAs are present in the database.
Workaround: Add a nondefault external LSA to the database.
•CSCdr89108
Multicast distributed switching (MDS) does not function properly on ATM subinterfaces on Cisco 7500/RSP series routers. Instead of being switched by the Versatile Interface Processor (VIP), the multicast traffic in this situation will be sent to the Route Switch Processor (RSP) to be switched by the RSP CPU.
Temporary workaround: Remove the incoming ATM subinterface, and then add a new subinterface that has the same configuration. (See the following example, in which multicast traffic comes in at ATM4/1/0.3.) This action will cause MDS to function normally and the switching to be performed by the VIP. Please note, however, that once the router is rebooted, MDS will start to fail again.
!
interface ATM4/1/0.3 point-to-point
ip address 192.168.100.1 255.255.255.0
no ip directed-broadcast
ip pim dense-mode
atm pvc 3 0 300 aal5snap
no atm enable-ilmi-trap
!
Router#conf t
Note Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no interface atm4/1/0.3
Note Not all configurations will be removed; they may reappear after the subinterface has been reactivated.
Router(config)#interface atm 4/1/0.4 point-to-point
Router(config-subif)# ip address 192.168.100.1 255.255.255.0
Router(config-subif)# no ip directed-broadcast
Router(config-subif)# ip pim dense-mode
Router(config-subif)# atm pvc 3 0 300 aal5snap
Router(config-subif)# no atm enable-ilmi-trap
Router(config-subif)#no shut
Router(config-subif)#^Z
Router#•CSCdr90410
Static routes that are within the range of a network statement where the gateway is an interface will not be distributed into Open Shortest Path First (OSPF) by the redistribute static command.
Workaround: Do not cover static to the interface by the network statement under OSPF.
Miscellaneous
•CSCdm62717
A Cisco 12000 series Internet router line card might reload if there is a large number of adjacency and prefix updates in a short period of time. This condition also affects Versatile Interface Processor (VIP) line cards in the Cisco 7500/RSP series routers.
Workaround: Upgrade to Cisco IOS Release 12.1(10.5) or later release.
•CSCdm88828
Multiprotocol Label Switching (MPLS) with redundant parallel links may fail in certain cases.
Workaround: Upgrade to Cisco IOS Release 12.0(13)S.
•CSCdr02061
On the output Versatile Interface Processor (VIP) interfaces of a Cisco 7500/RSP that is running Cisco IOS Release 12.0 S, Multiprotocol Label Switching (MPLS) packets are not classified correctly for Distributed Weighted Random Early Detection (DWRED) and Distributed Weighted Fair Queueing (DWFQ). In this situation, all MPLS packets will be considered class 0 by these algorithms regardless of the actual value of their MPLS experimental field values. There is no workaround.
•CSCdr03956
A Cisco 7200 series router running Cisco IOS Release 12.0(7)XE1 with multicast and tunneling configured on a PA-A3-8T1 IMA port adapter may reload due to a software forced reload caused by a memory corruption problem. There is no workaround.
•CSCdr06072
Multicast forwarding might stop for a specific group on the outgoing interface for a given multicast client if the client is pruned after leaving the group and later joins the group again. This condition occurs only in Protocol Independent Multicast (PIM) dense mode; PIM sparse mode is not effected.
Workaround: Clear the multicast route for the group for that client by entering the clear ip mroute group command.
•CSCdr13521
A low memory condition might provoke a reload in Integrated File System (IFS). There is no workaround.
•CSCdr35715
Under certain circumstances, a Cisco router may reload when crypto is enabled on a FDDI.
Workaround: Disable Cisco Express Forwarding (CEF) on the affected interface.
•CSCdr37306
When a Multiprotocol Label Switching (MPLS) tunnel is created on a Cisco 12000 series Internet router, and this tunnel goes out over a Packet-over-SONET (POS) interface, traffic that is routed from an incoming line card into the tunnel has a corrupted frame header, which causes the frame to be discarded.
Workaround: Ensure that tag switching is enabled by entering the tag-switching ip interface configuration command.
•CSCdr48014
Open Shortest Path First (OSPF) updates may be corrupted on a Cisco 7500 series router using Multiprotocol Label Switching (MPLS) switching with Cisco Express Forwarding (CEF) output features enabled (including "service policy output"). IP routes are temporarily deleted from the IP routing table, and a loss of connectivity may occur.
Workaround: Configure the ip cef global configuration command. Then execute the copy running start command, and reload.
Alternative workaround: Enter the memory cache-policy io uncached command. However, entering this command might sacrifice packet switching performance.
•CSCdr49537
The five-minute output rate counters on a PA-MCT3 interface may not match the five-minute input rate of the directly connected serial interface. There is no workaround.
•CSCdr49601
A Gigabit Ethernet Interface Processor (GEIP) on a Cisco 7500 series router may experience receiving problems that cause the router to pause indefinitely.
Workaround: Disable dCEF on the GE interface.
•CSCdr57631
If both access control lists (ACLs) and Multiprotocol Label Switching (MPLS) are configured on a Cisco 12000 series Internet router with a 3-Port Gigabit Ethernet line card, traffic may not pass through that interface. There is no workaround.
•CSCdr62168
Upon system initialization, ATM permanent virtual circuits (PVCs) are left in the inactive state and do not change to the active state unless the user issues a shutdown/no shutdown of the associated ATM interface in configuration mode.
Workaround: Reinitialize the interfaces manually.
•CSCdr65006
A Cisco 12000 series Internet router may fail to properly forward Multiprotocol Label Switching (MPLS)-encapsulated frames over Gigabit Ethernet line cards. In this condition, the traffic sent on to a tunnel head over the Gigabit Ethernet interface is dropped, and any MPLS-encapsulated frame forwarded by the Internet router over a Gigabit Ethernet line card is sent with an invalid or garbled destination MAC address and is not received. There is no workaround.
•CSCdr65544
A Versatile Interface Processor (VIP) may reload after fragmenting packets if distributed Cisco Express Forwarding (dCEF) is enabled. The same condition may occur with a Cisco 7200 series router if CEF is enabled. There is no workaround.
•CSCdr67801
A Cisco 7200 series router or a Cisco 7500/RSP series router with a PA-A3 ATM port adapter may reload because of a bus error that points to an 0x50000000 address or an 0x08000000 address. These reloads occur after the PA-A3 driver has received a packet and attempts to process it.
Workaround: Disable Cisco Express Forwarding (CEF) by entering the no ip cef global configuration command on the Cisco 7200 series router or by entering the no ip cef [distributed] global configuration command on the Cisco 7500/RSP series router.
•CSCdr68932
Configuring an output access control list (ACL) on a Cisco 12000 series Internet router with a 3-Port Gigabit Ethernet line card may result in the reload of the 3-Port Gigabit Ethernet line card if the line card is also performing tag imposition and the ACL contains a rule regarding the packet's source port, type of service, precedence, logging, or Internet Group Management Protocol (IGMP). There is no workaround.
•CSCdr75997
CSCdm94333, which was integrated in Cisco IOS Release 12.0(9.6)S, introduced a new version of the Automatic Protection Switching (APS) protect group protocol that required both working and protect routers to be upgraded simultaneously. The fix for CSCdr75997 relaxes this restriction by supporting interoperability between systems that are running different versions of the APS protocol so that working and protect can be upgraded independently.
•CSCdr77472
When an online insertion and removal (OIR) is performed for a Switch Fabric Card (SFC) or Clock and Scheduler Card (CSC) for a Cisco 12000 series Internet router, the OLD-CISCO-CHASSIS-MIB and ENTITY-MIB do not reflect this OIR event, and a card that has been removed still appears in both MIBs. There is no workaround.
•CSCdr80686
When a rate-limiting feature (for example, committed access rate (CAR)) or a QoS feature (for example, access-control list (ACL)) is enabled on an interface of an Engine 0 or Engine 1 line card on a Cisco 12000 series Internet router, the receive (RX) byte and packet counters for that interface shows the net number of byte and packets that have been admitted to the interface. In this situation, packets that are dropped at the interface because of CAR or ACL are excluded from the RX byte and packet counters. There is no workaround.
•CSCdr80820
A Cisco 12000 series Internet router that is configured for distributed IP multicast might exhibit the following error messages:
SLOT 8:03:43:10: %ALIGN-3-SPURIOUS: Spurious memory access made at 0x402EB90C reading 0x0
SLOT 8:03:43:10: %ALIGN-3-TRACE: -Traceback= 402EB90C 402E779C 402E9AC4 402E9BA8 402E9388 4009B02C 4009B018 00000000
SLOT 8:03:43:10: %ALIGN-3-TRACE: -Traceback= 402EB910 402E779C 402E9AC4 402E9BA8 402E9388 4009B02C 4009B018 00000000There is no workaround.
•CSCdr81857
If a QoS service-policy is configured on a channelized interface on a PA-MC-T/E1 or PA-MC-T/E3 port adapter, entering the microcode reload global configuration command under heavy traffic might result in a failure to forward packets for the interface.
Workaround: Remove the service-policy before entering the microcode reload command, and then reapply the policy.
•CSCdr83067
If the clear counters EXEC command is entered from a Secure Shell (SSH) connection on a router with E1/T1 controllers, a "SYS-3-CPUHOG" error message might be exhibited. This condition occurs when the clear counters command fails on more than one E1/T1 controller with a "POT1E1-3-MBOXSEND" error.
Workaround: Clear each E1/T1 controller individually.
•CSCdr83141
Under certain circumstances, configuration on an ATM permanent virtual connection (PVC) might fail with the following error message:
ATM hardware failed cannot update vc
If Operation, Administration, and Maintenance (OAM) is also configured, the router might reload after the error.
Workaround: Do not enter the show policy interface global configuration command.
•CSCdr88949
The performance rate after traffic shaping on four-port OC-3 and single-port OC-12 line cards on Engine 0 may degrade if distributed traffic shaping (DTS) is configured. There is no workaround.
•CSCdr90642
On Engine 0 card, the Weighted Random Early Detection (WRED) queue average and drop counter calculations might not be accurate because process timer expiration might vary under the packet-handling load. Under traffic loads that do not respond to drops (for example, User Datagram Protocol (UDP) or load generator), there might be short periods of time where the link bandwidth drops to 0 bps. In this situation, every packet might be dropped. There is no workaround.
•CSCdr91303
When attaching and removing a QoS service-policy under a heavy traffic load on a channelized interface on a MC-T/E1 or MC-T/E3 port adapter, packets might stop forwarding out of the interface.
Workaround: Enter the microcode reload global configuration command.
•CSCdr91482
The Cisco 12000 series Internet router will incorrectly increment the input drops counter because of an accounting issue. This action might not correctly reflect packets dropped because of congestion. This situation might be seen on all Internet router interfaces, but has no effect on service or functionality of the interfaces. There is no workaround.
•CSCdr95090
When a policy map is attached to an interface on a Cisco 7200 series router, the router experiences spurious memory access at the function hqf_get_policymap(). There is no workaround.
•CSCds02168
Entering the show ip cache flow EXEC command on the line card of a Cisco 12000 series Internet router might cause null destination interfaces to be reported in exported packets and the output of the show ip cache flow command if output Committed Access Rate (CAR) is enabled.
Workaround: Remove output CAR.
•CSCds06676
On a Cisco 7200 series router that is running Cisco IOS Release 12.0(12)S with Dynamic Packet Transport (DPT), the Intelligent Protection Switching (IPS) packets that are sent by the node have a MAC address of 0000.0000.0000, which results in instability on the DPT ring.
Workaround: Manually configure a MAC address on the DPT interface.
•CSCds08615
All packets that are received on an interface with an access control list (ACL) applied that is supposed to be processed by the packet-switched ASIC (PSA) might actually be processed by the CPU. This situation occurs only with interfaces other than interface 0 on the card. This condition results in lower performance for the packets that are received on these interfaces. There is no workaround.
•CSCds10029
Removing a service policy from a large number of Frame Relay permanent virtual circuits (PVCs) might prevent packets from being forwarded out of the entire interface. The commands that lead to this situation are:
interface s1/00:0
no frame-relay class name
or
map-class frame-relay map-class name
no service-policy {output} policy-mapWorkaround: Attach a dummy Class-Based Weighted Fair Queueing (CBWFQ) policy to the interface, and then remove the policy.
•CSCds11189
Low Latency Queueing (LLQ) and Class-Based Weighted Fair Queueing (CBWFQ) do not function properly on an ATM subinterface policy after that interface has been brought down and up or if the link flaps.
Workaround: Apply the service policy under the permanent virtual connection (PVC). In this situation, the policy functionality is not affected by link flaps.
Alternate Workaround: Reattach the subinterface service policy after the interface or link comes up.
•CSCds12078
A Cisco 7200 series router with a NPE-200 Network Processing Engine and a PA-2FEISL port adapter might experience spurious memory access while Cisco Express Forwarding (CEF) is enabled.
Workaround: Disable CEF.
•CSCds13541
Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) traffic may be dropped in a Provider core network that has MPLS traffic engineering tunnels configured. This situation occurs when the dropped traffic follows a path through the core network that traverses a MPLS traffic engineering tunnel interface on which IP Label Switching has been configured. This situation only occurs on Cisco routers that are running Cisco IOS Release 12.0 S and acting as MPLS Traffic Engineering (TE) head end routers that are carrying packets that are already labeled, such as MPLS VPN traffic.
Workaround: After a traffic engineering tunnel interface comes up on a Provider core router, enter the following command sequence:
–configure terminal interface tunnel tunnel-number
–no tag-switching ip
–tag-switching ip
•CSCds13547
When Output Rate Limiting is configured on a Versatile Interface Processor (VIP) interface and the router is reloaded, the Rate Limiting functionality will not be properly enabled, and the Distributed Committed Access Rate (DCAR) functionality does not take effect.
Workaround: Disable and then reenable the rate-limit interface configuration command.
•CSCds16995
On a Cisco 7500/RSP series router, if you deconfigure a link from a bundle while Distributed Multilink PPP (DML-PPP) is running and the link is assigned an IP address, pings through this link will fail. In this situation, the link that has been deconfigured can no longer carry traffic.
Workaround: Deconfigure the whole bundle and then reconfigure the bundle without this link. After you perform this action, the link should function properly.
•CSCds17239
If a Cisco 12000 series Internet router is configured with access control lists (ACLs) that are longer than 128 lines, and these ACLs are applied inbound on an Engine 2 (PSA-based) line card interface, traffic that is destined for the router may be dropped. This situation applies to traffic such as Internet Control Message Protocol (ICMP), Simple Network Management Protocol (SNMP), and routing protocol updates.
This situation is seen only on Engine 2 (PSA) line cards, and only when an ACL longer than 128 lines is applied inbound. No other configurations are vulnerable to this defect. There is no workaround.
TCP/IP Host-Mode Services
•CSCds13972
Border Gateway Protocol (BGP) sessions on Cisco 12000 series Internet router might fail to send updates when the router establishes passive BGP sessions because of problems with the flow control of BGP and TCP.
Workaround: Use an inbound Access Control List (ACL) to deny any traffic destined for the port, and always open the session actively.
Wide-Area Networking
•CSCdr68102
PA-A1 port adapters do not function when installed in bay 1 of a Versatile Interface Processor 4 (VIP4).
Workaround: Install PA-A1 port adapters in bay 0 of VIP4s.
Resolved Caveats—Cisco IOS Release 12.0(12)S4
Cisco IOS Release 12.0(12)S4 is a rebuild of Cisco IOS Release 12.0(12)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(12)S4 but may be open in previous releases.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Resolved Caveats—Cisco IOS Release 12.0(12)S3
Cisco IOS Release 12.0(12)S3 is a rebuild of Cisco IOS Release 12.0(12)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(12)S3 but may be open in previous releases.
•CSCdp90696
If an interface card is replaced online through an online insertion and removal (OIR) with a card of a different type, the Hot Standby Router Protocol (HSRP) configuration might not be carried over to the new card.
Workaround: Remove HSRP from the configuration before removing the card.
•CSCds61448
A Turbo ACL's counter does not increase when Turbo ACLs are enabled. There is no workaround.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(12)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(12)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdp97532
Snmpboots, a boot counter for SNMP Version 3, is incremented and saved during bootup, which might cause a noticeable bootup delay. This bootup delay will occur only when SNMP Version 3 is configured. There is no workaround.
•CSCdr59243
A Cisco 7500 series router with a PA-CT3 port adapter that has been channelized down to a T1 might exhibit the following error messages on any of the channelized interfaces:
%RSP-3-RESTART: cbus complex
%RSP-3-RESTART: interface Serial5/0/0:1, output stuckIn this condition, the channelized interfaces might enter a down/down state.
Workaround: Reload the router.
•CSCdr77460
When an online insertion and removal (OIR) is performed, the IF-MIB ifTable, ifStackTable, and ifNumber retains the old entries even though the associated interface layers have been removed. There is no workaround.
Interfaces and Bridging
•CSCdr16853
A single Packet-over-SONET (POS) port adapter in a Cisco 7500/RSP series router with a Versatile Interface Processor 4 (VIP4) might stop transmitting and cause an "output stuck" condition. A POS port adapter that is a coresident with another port adapter in a Versatile Interface Processor 2 (VIP2) might also cause an "output stuck" condition for itself or the coresident port adapter. There is no workaround, but disabling distributed Cisco Express Forwarding (dCEF) globally, or in some conditions on the POS interface, will stop this condition from appearing.
IP Routing Protocols
•CSCdr45483
A Cisco router with multicast configured might reload with a bus error if there are severe unicast route updates. There is no workaround.
•CSCdr88511
A Cisco router that is running Cisco IOS 12.0(10.6)S2 or later releases might not install default routes that are advertised though type 5 link-state advertisements (LSAs) by other routers. This condition occurs when the Cisco router has only type 5 default LSAs and no nondefault type 5 LSAs are present in the database.
Workaround: Add a nondefault external LSA to the database.
Miscellaneous
•CSCdm87756
In a network where there are multiple paths between two networks and the paths travel through different sets of routers between these networks, per-destination load balancing will not be effective in any router after the first router where the load balancing paths diverge.
Workaround: Use per-packet load balancing.
•CSCdp34901
Entering the clear ip rtp header-compression EXEC command on a Frame Relay interface that has data-link connection identifiers (DLCIs) with no compression configured might cause the router to reload.
Workaround: Do not enter the clear ip rtp header-compression command under these conditions.
•CSCdp42210
A node route processor (NRP) ATM interface stops sending when there are multiple particles with data-length 0 at the last particle. The only way to exit out of this situation is to use the shutdown interface configuration command followed by the no shutdown interface configuration command. There is no workaround.
•CSCdp67380
A Cisco router might reload if the show ip cef EXEC command is entered while the routing table is changing. There is no workaround.
•CSCdp88625
Under rare circumstances, a permanent virtual circuit (PVC) on a Cisco 6400 series node route processor (NRP) might stop sending traffic.
Workaround: Use the shut and no shut commands on the subinterface that is carrying the PVC.
Alternate Workaround: Enable ATM traffic shaping.
•CSCdr02061
On the output Versatile Interface Processor (VIP) interfaces of a Cisco 7500/RSP series that is running Cisco IOS Release 12.0 S, Multiprotocol Label Switching (MPLS) packets are not classified correctly for Distributed Weighted Random Early Detection (DWRED) and Distributed Weighted Fair Queueing (DWFQ). In this situation, all MPLS packets will be considered class 0 by these algorithms regardless of the actual value of their MPLS experimental field values. There is no workaround.
•CSCdr02641
A TI1575 ATM driver might reload with a bus error due to double freeing buffers. There is no workaround.
•CSCdr06072
Multicast forwarding might stop for a specific group on the outgoing interface for a given multicast client if the client is pruned after leaving the group and later joins the group again. This condition occurs only in Protocol Independent Multicast (PIM) dense mode; PIM sparse mode is not affected.
Workaround: Clear the multicast route for the group for that client by entering the clear ip mroute {group} command.
•CSCdr07280
Snmpwalk on a Cisco 7500/RSP series router with an ATM interface might cause a CPUHOG situation and affect router performance. There is no workaround.
•CSCdr23302
When you use Cisco Express Forwarding (CEF), generic routing encapsulation (GRE) tunnels, and tunnel checksums, the packet loss rate is abnormally high.
Workaround: Disable tunnel checksums or disable CEF on the tunnel interface.
•CSCdr28435
If you modify an interface maximum transmission unit (MTU), the saved MTU change is not read properly from the NVRAM configuration file upon reload. In a large Frame Relay environment, all Frame Relay links will be in a down state until a manual reconfiguration is done. There is no workaround.
•CSCdr29259
Interface counters will give incorrect values for tunnels on a serial interface when Cisco Express Forwarding (CEF) and IP Security (IPSec) are in use. There is no workaround.
•CSCdr34877
A memory leak might occur on a Route Switch Processor (RSP) when it is used with Versatile Interface Processors (VIPs) while running Open Shortest Path First (OSPF). The problem results due to repetitive reloading and downloading of VIP line cards that are disabling Cisco Express Forwarding (CEF) due to a lack of memory.
Use the show processes memory [inc OSPF R] EXEC command and the show memory summary [inc OSPF R] EXEC command on the RSP to determine if increasingly large amounts of memory are being held by the OSPF process. Use the show cef linecard EXEC command to determine the number of reloads that a VIP has encountered.
Workaround: Ensure that the VIPs have sufficient memory for their configuration and environment, such that CEF is not disabled on the VIP.
•CSCdr35715
Under certain circumstances, a Cisco router might reload when crypto is enabled on a Fiber Distributed Data Interface (FDDI). There is no workaround.
•CSCdr40080
A Cisco 12000 series Internet router might reload with a bus error at PC 0x600D3ED4, address 0x1B2DC330. There is no workaround.
•CSCdr44028
If access lists with more than 1000 lines are used on a Cisco router that has compiled access control lists (ACLs) enabled, changes or additions to the ACLs might cause the router to exhibit a message similar to the following:
SLOT 0:%SYS-3-CPUHOG: Task ran for 2928 msec (35/5),
Process = TurboACL, PC = 4009274C
-Traceback= 40092754 401AFED4 401AFB18 401B1474 401B2E60 401B2ED8 401B2FEC 40082128 40082114In some situations, this condition might cause a failure with process keepalive messages that results in an undesired line protocol down state. There is no workaround.
•CSCdr46190
When attaching a service policy in combination with Multiprotocol Label Switching (MPLS), the service policy will not take effect until the configuration is saved and the router is reloaded. There is no workaround.
•CSCdr48014
Open Shortest Path First (OSPF) updates might be corrupted on a Cisco 7500 series router using Multiprotocol Label Switching (MPLS) switching with Cisco Express Forwarding (CEF) output features enabled (including "service policy output"). IP routes are temporarily deleted from the IP routing table and a loss of connectivity might occur.
Workaround: Configure the ip cef global configuration command. Then, execute the copy running start command, and reload.
Alternative workaround: Enter the memory cache-policy io uncached command. However, entering this command might sacrifice packet switching performance.
•CSCdr49601
A Gigabit Ethernet Interface Processor (GEIP) on a Cisco 7500 series router might experience receiving problems that cause the router to pause indefinitely.
Workaround: Enter the shutdown command followed by the no shutdown command on the gigabit interface. If the problem persists, perform a microcode reload on the router to disrupt all interfaces.
•CSCdr51003
Enabling or disabling output access control lists (ACLs) might cause a 3-port Gigabit Ethernet (GE) card in the router to restart. There is no workaround.
•CSCdr52838
PA-MC-8T1 reported firmware hung and then crashed the router. There is no workaround.
•CSCdr52879
A Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(11)S might exhibit error messages similar to the following:
SLOT 6:00:21:00: %LC-3-MACSTR: Adj/midb (MDS 224.101.1.1) incorrect macstring: length=12, macstr word=0x00180100
-Traceback= 402AE924 402F9BD8 402F5A5C 402F7D84 402F7E70 402F7638 4009B974 4009B960In this situation, IP Multicast on ATM cards might not function properly. This condition only affects ATM cards. There is no workaround.
•CSCdr52927
A channelized OC-12 STS-3c/STS-1 line card might not properly create internal loops. In this situation, no tests will run through the looped OC-3. There is no workaround.
•CSCdr53138
A Gigabit Ethernet interface might remain in an up/up state with no cable attached when running Cisco IOS Release 12.1(2). This condition can cause problems when running Hot Standby Routing Protocol (HSRP). The result is that if the active router fails, the backup router will take over; however, any traffic destined for the local segment from the original active router will be dropped. There is no workaround.
•CSCdr57725
On a Cisco 12000 series Internet router, the performance card might double-count software-switched input packets. The packet count for hardware-switched packets is not affected.
Workaround: Do not configure Gigabit Ethernet static routes to another adjacent Gigabit Ethernet interface.
•CSCdr64798
In certain configurations, the ATM permanent virtual connection (PVC) service policy might not function properly after the router has reloaded. In this situation, there are no feature counters in the show policy interface command output.
Workaround: Remove and then reattach the service policy after the router is reloaded.
•CSCdr65982
If the fair-queue interface configuration command is entered more than once within the same class in which weighted fair queueing is already enabled on that same interface, the router might reload. There is no workaround.
•CSCdr73378
When the packet switch ASIC (PSA) access list (ACL) feature is enabled by entering the access-list hardware {psa} global configuration command and the feature was previously disabled with the no access-list hardware {psa} command, output ACLs that should be processed by the PSA might be processed on the line card CPU.
Workaround: Avoid toggling the state of the access-list hardware {psa} command. This situation will not occur if the command is in the startup configuration and is not toggled.
•CSCdr73473
Removing and attaching a service policy under a traffic load might cause spurious memory access errors and high CPU utilization on the Versatile Interface Processor (VIP). This spurious access occurs at hqf_get_policymap().
Workaround: Stop background traffic before making configuration changes.
•CSCdr74025
The spatial reuse protocol (SRP) line card on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(11.5)S might reload unexpectedly upon start-up. There is no workaround.
•CSCdr75209
When Frame Relay fragmentation is configured after attaching a traffic-shaping service policy to a large number of permanent virtual connections (PVCs), the service policy might not function properly. Since Frame Relay fragmentation appears after "service-policy" in the configuration order, there is a chance that this situation will occur after a system reload. The specific policy that fails is:
policy-map fr-pvc
class class-default
shape average <cir>
service-policy llq-policyWorkaround: Configure service-policy after FR fragmentation, or add queue-limit to the traffic shaping policy as follows:
policy-map fr-pvc
class class-default
shape average <cir>
queue-limit <n>
service-policy llq-policy•CSCdr75997
CSCdm94333, which was integrated in Cisco IOS Release 12.0(9.6)S, introduced a new version of the Automatic Protection Switching (APS) protect group protocol that required both working and protect routers to be upgraded simultaneously. The fix for CSCdr75997 relaxes this restriction by supporting interoperability between systems that are running different versions of the APS protocol so that working and protect can be upgraded independently.
•CSCdr80820
A Cisco 12000 series Internet router that is configured for distributed IP multicast might exhibit the following error messages:
SLOT 8:03:43:10: %ALIGN-3-SPURIOUS: Spurious memory access made at 0x402EB90C reading 0x0
SLOT 8:03:43:10: %ALIGN-3-TRACE: -Traceback= 402EB90C 402E779C 402E9AC4 402E9BA8 402E9388 4009B02C 4009B018 00000000
SLOT 8:03:43:10: %ALIGN-3-TRACE: -Traceback= 402EB910 402E779C 402E9AC4 402E9BA8 402E9388 4009B02C 4009B018 00000000There is no workaround.
•CSCdr80686
When a rate-limiting feature (for example, committed access rate (CAR)) or a QoS feature (for example, access-control list (ACL)) is enabled on an interface of an Engine 0 or Engine 1 line card on a Cisco 12000 series Internet router, the receive (RX) byte and packet counters for that interface shows the net number of byte and packets that have been admitted to the interface. In this situation, packets that are dropped at the interface because of CAR or ACL are excluded from the RX byte and packet counters. There is no workaround.
•CSCdr81657
When there is no feature enabled on a Route Switch Processor (RSP), a Cisco Express Forwarding (CEF) switched packet (as opposed to a distributed CEF packet) will cause spurious memory access in atm_set_cli_wrapper(). There is no workaround.
•CSCdr81857
If a QoS service-policy is configured on a channelized interface on a PA-MC-T/E1 or PA-MC-T/E3 port adapter, entering the microcode reload global configuration command under heavy traffic might result in a failure to forward packets for the interface.
Workaround: Remove the service-policy before entering the microcode reload command, and then reapply the policy.
•CSCdr83067
If the clear counters EXEC command is entered from a Secure Shell (SSH) connection on a router with E1/T1 controllers, a "SYS-3-CPUHOG" error message might be exhibited. This condition occurs when the clear counters command fails on more than one E1/T1 controller with a "POT1E1-3-MBOXSEND" error.
Workaround: Clear each E1/T1 controller individually.
•CSCdr83141
Under certain circumstances, configuration on an ATM permanent virtual connection (PVC) might fail with the following error message:
ATM hardware failed cannot update vc
If Operation, Administration, and Maintenance (OAM) is also configured, the router might reload after the error.
Workaround: Do not enter the show policy interface global configuration command.
•CSCdr91303
When attaching and removing a QoS service-policy under a heavy traffic load on a channelized interface on a MC-T/E1 or MC-T/E3 port adapter, packets might stop forwarding out of the interface.
Workaround: Enter the microcode reload global configuration command.
•CSCdr91482
The Cisco 12000 series Internet router will incorrectly increment the input drops counter because of an accounting issue. This action might not correctly reflect packets dropped because of congestion. This situation might be seen on all Internet router interfaces, but has no effect on service or functionality of the interfaces. There is no workaround.
•CSCdr95090
When a policy map is attached to an interface on a Cisco 7200 series router, the router experiences spurious memory access at the function hqf_get_policymap(). There is no workaround.
•CSCdt05743
A Cisco 12000 series Internet router that is running an earlier release than Cisco IOS Release 12.0(12)S and is configured as a Frame Relay switch may experience problems with Frame Relay Permanent Virtual Circuits (PVCs) and problems with traffic appearing on the management PVC.
Workaround: Rebuild the PVC, or enter the no frame-relay route 30 interface Serial3/1 103 command.
Wide-Area Networking
•CSCdr43764
Extracting 64-bit Simple Network Management Protocol (SNMP) counters for the Frame Relay interface on a Packet-over-SONET (POS) interface might not work. This condition applies to both the relevant IF-MIB counters and the Cisco-specific 2 x 32-bit counters in CISCO-C12000-IF-HC-COUNTERS-MIB and relates only to the Frame Relay 64-pit permanent virtual connection (PVC) counts when a Frame Relay encapsulated interface is added to a POS interface. The main POS interface counters are not affected and continue to function properly.
Workaround: Upgrade to an image that contains this patch.
Resolved Caveats—Cisco IOS Release 12.0(11)S6
Cisco IOS Release 12.0(11)S6 is a rebuild of Cisco IOS Release 12.0(11)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(11)S6 but may be open in previous releases.
•CSCdr70415
When you remove the configuration for Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnels on a Cisco router that is running Cisco IOS Release 12.0 S, you may see the shortest path first (SPF) algorithm under the Open Shortest Path First (OSPF) protocol start running every 10 seconds on all routers in the area where the configuration was removed.
Workaround: Stop the SPF recalculations by restarting OSPF on all routers in the area by using the following set of commands:
–no router ospf X (where X is your process number for OSPF)
–config memory
•CSCdr76940
The following error message may appear on a Cisco router console:
%LC-3-PSALOADSHARE MPLS loadsharing inconsistency for 0.0.0.0/0
No problems are related to this message. If you see any Multiprotocol Label Switching (MPLS) load-sharing forwarding problems at the time the error message is emitted, contact your technical support representative. There is no workaround.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(11)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(11)S. This section describes only severity 1 and 2 caveats.
Interfaces and Bridging
•CSCdp08975
A Cisco 7200 router that is configured for RFC1577 and is not acting as an Address Resolution Protocol (ARP) server might experience a condition in which the status of ATM VCs might change in spite of the traffic flowing on them. This condition occurs if RFC1577 is configured on the main interface.
Workaround: Configure RFC1577 on a subinterface.
•CSCdp71620
A Cisco Packet OC-3 Interface Processor (POSIP) might reload with a bus error. There is no workaround.
IP Routing Protocols
•CSCdp95210
Under rare circumstances, a link-state advertisement (LSA) on a neighboring router might get stuck in MAXAGE state and not be deleted. In this situation, the LSA cannot be originated again on this router, and the route might become unavailable or cause packets to take another route that is less than optimal. This situation has been seen to occur when an Open Shortest Path First (OSPF) neighbor ran out of memory and OSPF tables are corrupted.
Workaround: Restart the OSPF process by entering the clear ip ospf proc command.
•CSCdr07966
On a Cisco 7500 series router, many Virtual Private Networks (VPNs) configured in combination with a large number of channelized interfaces might result in a FIBDISABLE message.
The FIBDISABLE message indicates that the Route Processor (RP) has not received a Forwarding Information Base (FIB) "keepalive" message from the line card in the expected amount of time. When this situation occurs, the RP acts as if the interprocess communication (IPC) mechanism had malfunctioned and disables Cisco Express Forwarding (CEF) on that line card.
Workaround: Disable distributed switching.
•CSCdr27994
When tearing down a link-state packet (LSP) reservation, Resource Reservation Protocol (RSVP) sends the upstream neighbor a ResvTear message that contains a RESV_CONFIRM object. RSVP maintains the reservation and continues to send this message periodically until the upstream neighbor responds with a ResvTearConf message or the reservation times out.
If the downstream neighbor continues to send Resv refreshes for the LSP, the reservation will never time out. In this situation, if the upstream neighbor never sends a ResvTearConf message, the reservation remains in this state indefinitely. The ResvTearConf mechanism is no longer defined in the RSVP-TE IETF draft and is no longer used by some non-IOS implementations. There is no workaround.
•CSCdr35856
If you enter the show ip mds summary EXEC command or the show ip mds forwarding EXEC command at the Versatile Inter face Processor/line card (VIP/LC) console, then a counter to track the number of multicast routes might be incorrectly decremented and underflow to a huge number. The VIP/LC console might display a syslog message similar to the following:
%MDS-4-ROUTELIMIT: 4294967237 routes exceeded multicast route-limit of 2147483647
If this situation occurs, no additional multicast routes can be created and the router must be restarted.
Workaround: Do not use the show ip mds summary EXEC command or the show ip mds forwarding EXEC command at the VIP/LC console.
•CSCdr45483
A Cisco router with multicast configured might reload with a bus error if there are severe unicast route updates. There is no workaround.
ISO CLNS
•CSCdr09770
Configuring a tunnel bandwidth requirement change to a Multiprotocol Label Switching/traffic engineering (MPLS/TE) tunnel might cause Intermediate System-to-Intermediate System (IS-IS) routes that are accessible through that tunnel interface and their corresponding Cisco Express Forwarding (CEF) entries to be unnecessarily reinstalled when subsequent shortest path calculations are done.
Workaround: If MPLS/TE announces new tunnel information to IS-IS routes after the bandwidth change has taken effect, this spurious RIB updates behavior can be cleared. The following are a few actions that can clear this behavior:
–Configuring an MPLS/TE tunnel metric
–Adding or removing MPLS/TE tunnels to the same tail-end as the tunnel that changed bandwidth. This can include both the current MPLS/TE tunnel and additional tunnels to the same tail-end.
•CSCdr21706
A Cisco router that is running Cisco IOS Release 12.0(3.5)S or later releases might experience a reload with both Border Gateway Protocol (BGP) and Intermediate System-to-Intermediate System (IS-IS) routing running and a configuration setting the BGP administrative distance to 115. In this situation, the following traceback immediately precedes the reload (<>> indicates a variable value):
%CLNS-1-BKUPERR: ISIS: No NDB back pointer in 0x<>, ndb_next 0x0, ndb_prev 0x0, lsp_next 0x0, lsp_prev 0x0, metric 0x0, index 0, 0x0
Workaround: Configure a BGP administrative distance different from 115.
Miscellaneous
•CSCdm69594
The interface delay metric is set incorrectly for port channel interfaces where one or more Gigabit Ethernet interfaces are grouped into a channel. The delay for a single Gigabit Ethernet interface is 10 microseconds. The delay for a port channel made up of one or more Gigabit Ethernets is 100 microseconds. The incorrect setting might seriously impact routing protocols that use interface delay as part of the metric (for example, Enhanced Interior Gateway Routing Protocol (EIGRP)), and might cause the routing protocol to take a route through a single interface over a route through a port channel.
Workaround: Manually configure an appropriate delay under the port channel interface by entering the delay tens of microseconds interface configuration command.
•CSCdm78020
Performance OC-48 POS and QOC-12 POS line cards might not fragment Multiprotocol Label Switching (MPLS) packets or send Internet Control Message Protocol (ICMP) messages if the DF bit is set in the header of the IP Payload of MPLS packets requiring fragmentation.
Workaround: Change the maximum transmission unit (MTU) on the interface to be less than or equal to the MTU on the next hop.
•CSCdm94154
A Cisco 7200 series router that is configured with a T1 multichannel T1 card might not show any errors while a remote Cisco 7000 series router shows cyclic redundancy check (CRC) errors, input frame errors, or overrun errors. Errors occur, but the counter remains at zero. There is no workaround.
•CSCdp23658
Tunnels that are configured for multicast routing and multicast distributed switching might cause a Cisco 12000 series Internet router to reload with a bus error.
Workaround: Do not configure the tunnel for multicast routing by entering the ip pim {foo-mode} interface configuration command. If you must configure the tunnel interface for multicast routing, enter the no ip mroute-cache interface configuration command.
•CSCdp48087
A Cisco 12000 series Internet router with dual gigabit route processors (GRPs) might exhibit the following error message if the primary GRP reloads and the secondary GRP takes over:
%FIB-3-FIBDISABLE: Fatal error, slot 2: No window > message, LC to RP IPC is non-operational
This error message will disable the line card, and the line card must be reloaded manually before it comes back online. There is no workaround.
•CSCdp51945
On a Cisco 7500 series RSP router, a Simple Network Management Protocol (SNMP) get query of cieNumberOfConnections (.1.3.6.1.4.1.9.9.52.1.3.1.0) results in spurious access. This condition can also lead to a memory leak in the IP SNMP process. There is no workaround.
•CSCdp56613
When fast-switching an IP frame that is fewer than 46 bytes in length to an ATM interface, the router always sets the length in the ATM adaption layer 5 (AAL5) header to 54 bytes even though the length should be equal to the IP frame length plus the length of the AAL5 header, which is 8 bytes. There is no workaround.
•CSCdp58964
A Cisco router that is running Cisco IOS Release 12.0(7)S or Cisco IOS Release 12.0(8)S will disable Cisco Express Forwarding (CEF) with a FIB-3-NOMEM failure even though there appears to be plenty of memory. There is no workaround.
•CSCdp78089
When the environmental values for voltage get corrupted and a Cisco 12008 Internet router has all slots at the critical warning level, entering the show run command causes the router to shut down. This condition is more likely to occur after a router has been up and running for several weeks or more. There is no workaround.
•CSCdp83870
Proper Multiprotocol Label Switching (MPLS) fragmentation is not done for some packet sizes on a Cisco 12000 series Internet router when the output interface is Fast Ethernet (FE) or Gigabit Ethernet (GE). There is no workaround.
•CSCdp90558
When the atm pvp interface configuration command is entered on a Cisco 12000 Internet router that is running Cisco IOS Release 12.0(8.5)S or higher releases, two F4 Operation, Administration, and Maintenance (OAM) virtual circuits (VCs) are automatically created. There is no workaround.
•CSCdr02906
A Cisco router might experience spurious memory access in function lc_qos_supported() when the show running-config command or the show startup-config command is entered and exhibit a traceback similar to the following:
Reading rsp-jsv-mz.121-1.0.2.T.symbols rsp-jsv-mz.121-1.0.2.T.symbols read in Enter hex value: 0x603BD8E4 0x61266454 0x602C4E3C 0x602CD2C4 0x602CD45C 0x60278 88C 0x6025EF40 0x6025F2A8 0x603BD8E4:lc_qos_supported(0x603bd89c)+0x48 0x61266454:distributed_feature_enable(0x6126632c)+0x128 0x602C4E3C:prioritygroup_command(0x602c4df8)+0x44 0x602CD2C4:eol_action(0x602cd240)+0x84 0x602CD45C:eols_action(0x602cd440)+0x1c 0x6027888C:parse_token(0x6027854c)+0x340 0x6025EF40:nv_current_common(0x6025ede8)+0x158 0x6025F2A8:nv_current_to_new_buffer(0x6025f1d8)+0xd0 Enter hex value:
This situation will occur if one or more Fast Ethernet channels are configured by entering the interface port-channel command. There is no workaround.
•CSCdr04630
Packets that are destined to IP prefixes using recursive routes over Multiprotocol Label Switching/traffic engineering (MPLS/TE) tunnels might be dropped by OC-48 Packet-over-SONET (POS) and QOC-12 POS line cards for the Cisco 12000 series Internet router at the head end of the tunnel. There is no workaround.
•CSCdr08160
Under heavy traffic on the outbound side of a Spatial Reuse Protocol (SRP) port adapter, packets will get queued on holdq if the TX ring is full. These packets will be accounted as process switched instead of route-cache switched. There is no workaround.
•CSCdr15506
When 802.1Q is configured on a Cisco 12000 series Internet router Gigabit Ethernet (GE) line card, the following error message might be displayed:
%LC-3-BMACMDLOST: ToFab BMA has lost a command
There is no workaround.
•CSCdr16178
When an access control list (ACL) is applied to an interface and the ACL has destination prefixes in it that are more specific than a route that is learned recursively, packets that match the ACL entry with that destination prefix will not be routed correctly in the "permit" case.
For example, if there are the following static routes:
ip route 70.0.0.0 255.0.0.0 pos 1/0 ip route 80.0.0.0 255.0.0.0 70.1.1.1 ip route 90.0.0.0 255.0.0.0 80.1.1.1
and an ACL is applied with the following rule:
access-list 101 permit ip any host 90.1.1.1
the route to 90.0.0.0/8 is recursive and 90.1.1.1 is more specific than this route; packets destined to 90.1.1.1 will not get routed to their destination.
This situation will only occur if the route is learned or applied after the ACL is applied to the interface. If the ACL is applied after the routes are learned, this situation does not occur.
Workaround: Remove and reapply the ACL after a recursive route is learned or applied.
•CSCdr17190
If Resource Reservation Protocol (RSVP) receives Path messages for the same label-switched path (LSP) session on two different interfaces, RSVP may enter a state where it sends Resv messages alternately on those interfaces and where only the Resv messages sent on one of the interfaces contains a label for the LSP.
In the event a single device is receiving the alternating Resv messages, which could happen if the sending and receiving devices are connected by parallel links, the receiving device will update its forwarding table entry for the LSP on receipt of each Resv.
Receipt of the Resv with no label will cause the receiving node to install a "label pop" entry. Packets arriving at the receiving node on the LSP in question will have their top label popped incorrectly.
Workaround: Shut down the LSP tunnel interface at the LSP head device and wait for the RSVP state for the LSP to time out of the network.
•CSCdr19089
When deleting a port-channel subinterface on a Cisco 7500/RSP series router that is running Cisco IOS Release 12.0(10)S, the entire interface (both main and subinterfaces) is deleted rather than just the selected interface. There is no workaround.
•CSCdr19213
If packet switch ASIC (PSA) access control lists (ACLs) are applied on a Cisco 12000 series Internet router, packets that ingress on a PSA-enabled card and egress on a non-PSA card (Engine 0 or Engine 1) will not appear in the outbound show interface counters even though these packets are forwarded properly.
This situation only affects the outbound packet accounting (shown by the outbound packet rate counter) and the outbound packet counter. Input byte and packet rate counters are not effected. Packets that egress the router on a PSA (Engine 2) card are counted correctly. There is no workaround.
•CSCdr21181
When Cisco Express Forwarding (CEF) is enabled on a Gigabit Route Processor (GRP) E0 interface on a Cisco 12000 series Internet router and the router is reloaded, the ip route-cache cef interface configuration command is lost after the reload. The default behavior was changed for this interface as of Cisco IOS Release 12.0(8.6)S by CSCdm01200. This change disables ip route-cache cef by default, and it has changed the forwarding behavior as well. When the command is disabled, packets will not be routed through the Internet router if they come in on this interface.
Workaround: Upgrading past CSCdr21181 will allow you to configure the ip route-cache cef command, and the command will survive all consecutive reloads if you save it to NVRAM.
•CSCdr23697
When distributed Cisco Express Forwarding (dCEF) is enabled on spatial reuse protocol (SRP) IP doing sam- interface routing, on a Cisco 7500 router that is running Cisco IOS Release 12.0(8)S, traffic will not be sent out the SRP interface.
Workaround: Change from first-in first-out (FIFO) to priority queueing (PQ).
•CSCdr24628
An OC-48E/POS line card might restart with a software forced crash. This condition occurs due to Multicast, and the following error messages are seen in the log:
LC-3-TBMMCAST: tbmm_tbl_remove_ent_port: invalid hw_mdb/midb
LC-3-TBMMCAST: tbmm_remove_ent_port: port not setWorkaround: Remove Multicast from the configuration.
•CSCdr24842
If input MAC accounting is configured on an interface, misaligned read accesses might be encountered on the Cisco 7500 series route switch processor (RSP). The show alignment command should be entered to determine if misaligned accesses are occurring.
Workaround: Disable input MAC accounting on the interface.
•CSCdr25771
A Cisco 12000 series Internet router spatial reuse protocol (SRP) line card might reload when a node on the SRP ring contains a MAC address that ends with the value 0800 or 8847.
Workaround: Change the value of the last two bytes of the MAC address.
•CSCdr27954
Under rare circumstances, the processing of re-resolving a previously known Address Resolution Protocol (ARP) entry might cause errors in the packet switch ASIC (PSA) access control list (ACL) processing, which leads to the incorrect blocking of packets into a PSA-enabled card. This condition occurs when output ACLs are configured on the Gigabit Ethernet (GE) interface and PSA ACLs are in the inbound direction on the PSA card.
Workaround: Remove either the input or the output ACL and reapply it, which forces a rebuild of the PSA data structures and clears the problem.
•CSCdr28169
A Cisco router that is running Cisco IOS Release 12.0 S might reload or experience spurious memory access if set atm-clp is configured in an attached policy map and then removed while the policy map is still attached. This situation might also occur if a policy map that is configured with set atm-clp is attached and detached from an interface. There is no workaround.
•CSCdr29540
A Cisco 12000 series Internet router with dual gigabit route processors (GRPs) that is running Cisco IOS Release 12.0(9.6)S or 12.0(10)S might experience difficulties with the serial console after a failover. Both GRPs in a Internet router dual GRP setup might have individual serial console connections (for example, there is no "Y" cable). If you use the serial console that is attached to the secondary GRP then this is automatically connected through to a vty on the primary GRP. If there is a failover while the secondary console is in use, the console is not released from the vty session. The console is inoperative until the old primary GRP has rebooted, at which time the vty connection is reestablished. The effect is similar to an attach session being started. A symptom of this situation is that the prompt has the form "GRP-Slot#".
Workaround: After a failover, type exit to leave the unwanted session with the other GRP. This action should return the console to a normal state. This action will only work if the failed GRP has rebooted to become the secondary GRP. If the failed GRP does not reboot, the serial console will effectively remain locked. To recover from this, use Telnet to log in to the router and enter the clear line 0 command. To prevent this situation from occurring again, avoid any use of the console on the secondary GRP.
•CSCdr29594
A Cisco 7500 series route switch processor (RSP) with ATM interfaces might pause indefinitely under the following conditions:
–A microcode reload
–A change in the maximum transmission unit (MTU)
–A change in the encapsulation
Workaround: A possible workaround is to put all the ATM interfaces in admin down state during the above operations.
•CSCdr33450
DML-PPP does not function properly on a VIP4-80 Versatile Interface Processor. The VIP4 will reload, and the controller will be in a shutdown state. There is no workaround.
•CSCdr34945
The Cisco 12000 series Internet router is unable to switch packets from an ingress line card interface to the section data communication channel (SDCC) that is communicating with a Cisco Optical Regenerator. In this situation, the Cisco Optical Regenerator might display the following error message:
Illegal HDLC serial type code 60, PC=0x801410C4
Illegal HDLC serial type code 60, PC=0x801410C4The Cisco Optical Regenerator can only be managed from the E0 interface of the Internet router. There is no workaround.
•CSCdr40080
A Cisco 12000 series Internet router might reload with a bus error at
PC 0x600D3ED4, address 0x1B2DC330. There is no workaround.•CSCdr40808
On Performance OC-48, QOC-12, and 16-port OC-3 line cards, the Time To Live (TTL) value is not propagated correctly on receipt of a Multiprotocol Label Switching (MPLS) packet with a label stack of more than one label when performing a label swap or a label pop operation. There is no workaround.
•CSCdr42456
If you attempt to set a class queue limit by entering the fair-queue [qos-group|tos] value limit value command, the limit command does not function properly, and the queue limit will always remain at the default value. There is no workaround.
•CSCdr44028
If access lists with more than 1000 lines are used on a Cisco router that has compiled access control lists (ACLs) enabled, changes or additions to the ACLs might cause the router to exhibit a message similar to the following:
SLOT 0:%SYS-3-CPUHOG: Task ran for 2928 msec (35/5), Process = TurboACL, PC = 4009274C -Traceback= 40092754 401AFED4 401AFB18 401B1474 401B2E60 401B2ED8 401B2FEC 40082128 40082114
In some situations, this condition might cause a failure with process keepalive messages that results in an undesired line protocol down state. There is no workaround.
•CSCdr46240
If the crypto key generate rsa global configuration command has been included in the startup-config file, the router may reload during key generation when the startup-config is processed.
Workaround: Exclude the crypto key generate rsa global configuration command from the startup-config file, and manually configure the RSA key-pair from the console session.
•CSCdr47488
NetFlow does not function properly for Engine 0-based cards on a Cisco 12000 series Internet router that is running Cisco IOS Release 12.0(10.1)S to 12.0(10.5)S.
Workaround: Use sampled netflow.
•CSCdr48846
If a hardware error occurs on a Performance OC-48 line card where an application specific integrated circuit (ASIC) on the line card must be reset to recover, the line card might experience problems forwarding Multiprotocol Link Switching (MPLS) traffic. The line card will require a microcode reload to fully recover. There is no workaround.
•CSCdr49629
When an output access control list (ACL) is used, the line card might produce some tracebacks while running Cisco IOS Release 12.0(10.1)S to 12.0(10.5)S. This message is harmless, and the only side-effect of this condition is that the log message will be printed. There is no workaround.
Wide-Area Networking
•CSCdr43764
Extracting 64-bit Simple Network Management Protocol (SNMP) counters for the Frame Relay subinterface on a Packet-over-SONET (POS) interface might not work. This condition applies to both the relevant IF-MIB counters and the Cisco-specific 2 x 32-bit counters in CISCO-C12000-IF-HC-COUNTERS-MIB and relates only to the Frame Relay 64-bit PVC counts when a Frame Relay encapsulated interface is added to a POS interface. The main POS encapsulated subinterface counters are not effected and continue to function properly.
Workaround: If the 32-bit equivalent SNMP counters from the IF-MIB are retrieved with a fast enough polling cycle that the counters can be guaranteed not to wrap between polls, the 64-bit SNMP counters are not necessary.
Resolved Caveats—Cisco IOS Release 12.0(10)S8
Cisco IOS Release 12.0(10)S8 is a rebuild of Cisco IOS Release 12.0(10)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(10)S8 but may be open in previous releases.
•CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Resolved Caveats—Cisco IOS Release 12.0(10)S7
Cisco IOS Release 12.0(10)S7 is a rebuild of Cisco IOS Release 12.0(10)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(10)S7 but may be open in previous releases.
•CSCdr47865
If a L1 router in an Intermediate System-to-Intermediate System (IS-IS) network is configured with a metric greater than 1024, the L1 router can lose the default route to the L2 router. There is no workaround.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(10)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(10)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdp45379
A Cisco 7200 series router with an NPE-300 network processing engine installed might not boot up when certain Cisco IOS Release 12.0(5)XE3 subset images are installed. The router will pause indefinitely in the early stage of booting up, and a power cycle is required to resume. For systems set for auto boot, you will need to enter the break command to abort the boot process and break out to the ROM monitor before the 12.0(5)XE3 image is launched for execution. You will then need to either modify the software configuration register to revert to a manual boot of some other known good image, or you will need to switch the PCMCIA flash card with a known good image in case the system is set for a default image boot from the slot0: PCMCIA card. There is no workaround.
Interfaces and Bridging
•CSCdm06860
Cisco IOS Release 11.1(24)CC might return a wrong value for MIB object cardType for PA-POSSW-MM/SM port adapters due to the Simple Network Management Protocol (SNMP) agent in the Cisco IOS Release 11.1(24)CC. Values for PA-POSSW 401 are returned instead of values for PA-POSSW 564 and PA-POSSW 564. There is no workaround.
•CSCdm11933
CT3/CE3 port adapters on a Cisco 7200 series router might drop TX packets under bursts of heavy traffic instead of putting them in a hold queue if the number of outstanding transmit packets temporarily exceeds the number specified by the TX limit. There is no workaround.
•CSCdp60859
When a channel on a CT3/CE3 port adapter is continually overstressed by traffic, other nonstressed channels might experience some transmit packet drops. There is no workaround.
•CSCdp99579
Configuring an Async interface in any Cisco 7500 series Route Switch Processor (RSP) will prevent the proper parsing of interface name for CT3/CE3 port adapters.
Workaround: Deconfigure any Async interface, and then write the configuration to NVRAM and reload the router. Or, you can move the VIP from slot 0 to another slot.
•CSCdr00681
A Channelized T3 Interface Processor (CT3IP) driver on a Cisco 7500 series router might leak particles from the receiving side, which results in the CT3IP seeing all serial interfaces as flapping after a few hours. This situation can be observed by checking input errors in the show interface output. There is no workaround.
IP Routing Protocols
•CSCdp18787
A Cisco router that has tag switching enabled and is running Cisco IOS Release 12.0(5)T might reload if a tag advertisement appears in a certain time window when a related routing update takes place. An ATM interface transition might cause this condition. There is no workaround.
•CSCdp43545
Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnels might bounce under certain conditions if there is a very heavy traffic load on a Internet router line card. This condition has been observed when a routing loop is present and the card is generating Internet Control Message Protocol (ICMP) "TTL expired" messages, and when the card is used as the data sink for ICMP ECHO requests from a traffic generator. There is no workaround.
•CSCdp72309
A Cisco router that is running Cisco IOS Release 12.0(8)S might reload with a bus error at ospf_default_networkupdate after links flap or the clear ip bgp {*} EXEC command is entered. There is no workaround.
•CSCdp85688
When a Multicast Routing Monitor (MRM) Test Sender is instructed by an MRM Manager to send test packets out of all interfaces that are configured for multicast routing, which is the default option, the MRM might experience a leak in the small buffers.
Workaround: Configure the MRM Manager with the senders {access-list-number | access-list-name} [target-only] command.
Miscellaneous
•CSCdm64005
A PA-T3 port adapter might exhibit a timing problem resulting in dropped packets. There is no workaround.
•CSCdm75813
Writing to an AT Attachment (ATA) device might cause the device to become unusable and result in an "ATA_Status time out waiting for 1" error message.
Workaround: Reload the Cisco IOS software.
•CSCdm94333
In APS configurations in which working and protect interfaces are in different routers, if a direct link between the two routers fails and is replaced by an indirect IP route, then the router containing the working interface will have no IP address for the router that is housing the protect interface. The resulting communications failure might result in both interfaces being deselected or both interfaces being selected. There is no workaround.
•CSCdp16749
When Turbo Access Control Lists (Turbo ACLs) are enabled when the access-list compiled command is entered, reloading or reinstalling multiple access lists might cause a reload or an alignment error. This condition is most likely to occur on Cisco 12000 series Internet router line cards, and usually occurs when many access list lines are being copied into the configuration.
Workaround: Disable Turbo ACL by entering the no access-list compiled command.
•CSCdp34046
If an output rate limit is configured on a non-Versatile Interface Processor (VIP) interface (for example, AIP or FIP) on a Cisco 7500 series Route Switch Processor (RSP) with Cisco Express Forwarding (CEF) enabled, packets cannot be switched out of that interface.
Workaround: Disable CEF.
•CSCdp46780
After the primary clock scheduler card (CSC) has been removed, a Cisco OC-48/STM-16 Packet-over-SONET/SDH line card might not recover from being switched to the secondary clock switched card (CSC) card and report error messages.
Workaround: Reload the line card.
•CSCdp54069
A Cisco PA-2T3 port adapter might show increasing overruns in the show interface command output display when one of the two ports is in a DOWN state.
Workaround: Configure the serial restart 0 command on the DOWN interface, or put the DOWN port in ADMIN SHUT state.
•CSCdp54813
A Cisco 7500 series router will often reload when switching onto an IP tunnel if sending to the tunnel destination involves Multiprotocol Label Switching (MPLS) label imposition. There is no workaround.
•CSCdp61411
A Cisco 7200 series router might receive a large number of alignment errors in the Cisco Express Forwarding (CEF) FastPath, which causes severe performance degradation.
Workaround: Disable CEF by entering the no ip cef global configuration command.
•CSCdp64140
Two Cisco 12000 series Internet routers that are connected by a Gigabit Ethernet connection might exhibit "GRP-4-CORRUPT" error messages when one of the routers is upgraded to Cisco IOS Release 12.0(8)S. There is no workaround.
•CSCdp71623
Packets that have been padded by the previous hop that are received by a Versatile Interface Processor (VIP) Ethernet/Fast Ethernet/Gigabit Ethernet router might be dropped if those packets are supposed to be processed by the Route Processor rather than by the VIP.
Workaround: Disable distributed Cisco Express Forwarding (dCEF) on the ingress interface.
•CSCdp72483
If a Cisco 12012 or Cisco 12016 Internet router that is running Cisco IOS Release 12.0(7)S or 12.0(8)S with dual gigabit route processors (GRPs) experiences a failover, full bandwidth line cards might not boot correctly, and the router will exhibit a "MBUS-3-INSUFF_BW" message. A microcode reload is needed to make the line cards function properly again. This condition is rare.
Workaround: If you are upgrading a Internet router with dual GRPs and full fabric line cards to Cisco IOS Release 12.0(7)S or 12.0(8)S, check that all line cards initialize correctly after a dual GRP failover. You can test this condition by entering the redundancy force-failover EXEC command. If the check fails, then you will need to use a different image.
•CSCdp74038
On Gigabit Ethernet line cards, 802.1Q packets that are 512 bytes and larger might get dropped on input. There is no workaround.
•CSCdp74616
On the Cisco OC-48c/STM-16c and Cisco QOC-12 line cards for the Cisco 12000 series Internet router, there is a timing problem during initialization that might cause the line cards to reload if Multiprotocol Label Switching (MPLS) packets are received before the initialization is complete. There is no workaround.
•CSCdp78781
A memory leak in a Cisco 12000 series Internet router line card in the Cisco Express Forwarding (CEF) line card statistics might not clear quickly and exhibit high memory utilization. In this situation, the router exhibits the following stack trace:
glc1-lc-m.120-8.3.S.symbols read in Enter hex value: 400A0314 400A1DC0 4027D3EC 40279794 4009AA6C 4009AA58 0x400A0314:report_malloc_failure(0x400a02d4)+0x40 0x400A1DC0:malloc(0x400a1aa4)+0x31c 0x4027D3EC:fib_collect_frpvc_rxstats(0x4027d3b4)+0x38 0x40279794:fib_lc_stats_background(0x402796c0)+0xd4 0x4009AA6C:r4k_process_dispatch(0x4009aa58)+0x14 0x4009AA58:r4k_process_dispatch(0x4009aa58)+0x0
Workaround: Limit the size of the access lists, or do not use access lists.
•CSCdp80282
Packets that are sourced from a Cisco 7500 series router with Multiprotocol Label Switching (MPLS) enabled and exit the router through a T1 or Channelized T1 connection will not be sent correctly. Other traffic traversing the router is not affected. There is no workaround.
•CSCdp82125
A Route Switch Processor (RSP)-based router with one or more Versatile Interface Processors (VIPs) that is running Cisco IOS Release 12.0 S (or any image with tag support) might experience a memory leak with Cisco Express Forwarding (CEF) and tag switching enabled and the no ip route-cache distributed command configured. This memory leak can be detected by repeatedly entering the show process memory | include OSPF command on the RSP console or vty.
Workaround: Enable distributed CEF instead of CEF, or turn off tag switching.
•CSCdp88204
If the tx-ring-limit command is entered on a Cisco 7500 series Route Switch Processor (RSP) that is running Cisco IOS Release 12.0 S, the router might experience a NULL pointer access, and the Versatile Interface Processor (VIP) might reload. This situation occurs during line flapping and when the router is being configured. There is no workaround.
•CSCdp89965
Under rare circumstances, a tunnel might have a drop adjacency on the line card while simultaneously having a valid adjacency on the on the Route Processor (RP).
Workaround: Enter the clear cef linecard command to download the correct information to the line card.
•CSCdp86111
When Cisco Express Forwarding (CEF) is configured as part of a large configuration (typically with access lists), following boot traffic that is directly addressed to the interfaces of a router might not be received. This condition can be observed on enabled interfaces where IP interfaces appear to be up, but the CEF interfaces are down.
Workaround: Perform one of the following steps.
–Boot without CEF enabled.
–Disable and then re-enable CEF.
–Enter the no shutdown command on each of the interfaces that are effected.
•CSCdp91476
The fix for this caveat adds a 32-bit overflow counter that can be used in conjunction with the existing 32-bit counter to get the full 64-bit value. In addition, a true 64-bit counter has also been added to the MIB. SNMP v1 managers and Cisco IOS Release 11.X releases are limited to using the 32-bit overflow counters; the 64-bit counters will be invisible to them. SNMP v2 and SNMP v3 managers that are running on top of Cisco IOS Release 12.X releases will be able to use either the 32-bit overflow counters or the 64-bit counters.
•CSCdr01116
A Cisco 12000 Internet router that is configured for 802.1Q trunking over a Gigabit Ethernet interface might not form Open Shortest Path First (OSPF) or EIGRP adjacencies when ip route-cache flow is configured on the main Gigabit Ethernet interface.
Workaround: Configure and use Gigabit Ethernet subinterfaces or disable flow switching by entering the no ip route-cache flow command.
TCP/IP Host-Mode Services
•CSCdp63037
Border Gateway Protocol (BGP) sessions on Cisco 12000 series Internet router might fail to send updates when the router establishes passive BGP sessions because of problems with the flow control of BGP and TCP.
Workaround: Use an inbound Access Control List (ACL) to deny any traffic destined for the port, and always open the session actively.
Wide-Area Networking
•CSCdp51767
A Cisco 7500 series Route Switch Processor (RSP) with a VIP2-50 Versatile Interface Processor and a PA-A3 port adapter might not react to available bit rate (ABR) explicit rate (ER) congestion marking. In this situation, the output rate of an ABR connection does not decrease upon the reception of a Resource Management (RM) cell with an ER field value that is lower than the CCR value. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(9)S8
Cisco IOS Release 12.0(9)S8 is a rebuild of Cisco IOS Release 12.0(9)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(9)S8 but may be open in previous releases.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(9)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(9)S. This section describes only severity 1 and 2 caveats.
Basic System Services
•CSCdm81049
If a serial interface is flapping up and down repeatedly, the router might pause indefinitely with a stack trace indicating that it is in use cdelay() as a result of cbus_mci_serial_reset() being called while at interrupt level. This situation rarely occurs.
Workaround: Enter the shutdown interface configuration command on the serial interface that is flapping up and down.
•CSCdp23786
A Cisco router that is running Cisco IOS Release 12.0(7)T cannot execute boot configuration commands from Flash, and exhibits the following error message:
%Error opening nvram:/startup-config (File system is in an inconsistent state)
When this message is displayed, no configuration is loaded. If you enter the copy startup-config running-config command and then enter the no shutdown interface configuration command, the router will come back on line. There is no workaround.
•CSCdp56057
Cisco 3620 routers and Cisco 3640 routers might exhibit traceback messages after being reloaded. The tracebacks occur because of uninitialized semaphore attempts to become locked. This situation does not affect the router functions. There is no workaround.
•CSCdp57908
This caveat adds support for a new revision of a hardware component that fixes a previous error. For the benefit of users that have not upgraded to the new hardware, it will also exhibit a warning error message that indicates the old hardware revision.
Cisco 7200 series routers with NPE-175 or NPE-225 network processing engines must upgrade to Cisco IOS releases that incorporate this change (for example, Cisco IOS Release 12.0(9) and later releases or Cisco IOS Release 12.0(9)S and later releases). Use of older Cisco IOS releases might result in unpredictable malfunctions. Please see the following document for further information:
http://www.cisco.com/warp/customer/770/fn8611.shtml
IBM Connectivity
•CSCdp09919
Remote source-route bridging (RSRB) might change frame types. This situation occurs on Cisco routers that are running RSRB where one side of the RSRB is running Cisco IOS Release 11.0 and the other side is running Cisco IOS Release 12.0. The frame that is moving along the source-route translational bridging (SR/TLB) and RSRB bridge will be changed from an Ethernet Type II frame to an IEEE 802.3 Ethernet frame.
Workaround: Configure the 90-compatible option by entering the source-bridge transparent ring-group pseudo-ring bridge-number tb-group [90-compatible] global configuration command.
Interfaces and Bridging
•CSCdm19573
A Cisco 7200 series router that is running Cisco IOS Release 11.1(22)CC or Cisco IOS Release 11.1(25)CC with a PA-CT3 might experience problems with local-area transport (LAT) services under the following conditions:
If you are using transparent bridging with LAT enabled on a serial interface, you might not see LAT services when entering the show lat service command, even when the remote link (also using transparent bridging with LAT enabled) is advertising LAT services. There is no workaround.
•CSCdp18313
A Cisco 7206VXR router that is running Cisco IOS Release 12.0(6.5)T2 and has a network processing engine (NPE)-300 network processing engine might reload with a bus error. There is no workaround.
IP Routing Protocols
•CSCdp26552
Open Shortest Path First (OSPF) and summary link-state advertisement (LSA) is not installed in the routing table.
Workaround: Clear the routing table and restart the OSPF process.
•CSCdp30454
The dataless header register is not working properly in Cisco IOS Release 12.0(7)S. There is no workaround.
•CSCdp39843
If a Cisco router receives a Resource Reservation Protocol Reserve (RESV) message to refresh a label-switched path (LSP) for which it is the source, and if the RESV message contains a Multiprotocol Label Switching (MPLS) label other than the one previously received, the router will attempt to perform a label change operation. If the label change operation fails, the router might reload while executing the appropriate error handling procedures. This situation rarely occurs. There is no workaround.
•CSCdp57762
A Cisco router that is running Cisco IOS Release 12.0(05.06)S03 or later releases up to Cisco IOS Release 12.0(8.5)S might not send withdraw requests and not delete the entry from the IP routing table under the following *SOFT RESET* conditions:
–The neighbor soft-reconfiguration router configuration command is entered on the router for a particular peer.
–The route-map global configuration command is entered to modify attributes.
–There is a used entry and a received-only entry for a given prefix, and the neighbor filter-list, neighbor distribute-list, or neighbor prefix-list router configuration commands or the route-map global configuration command is entered to deny this prefix.
–The soft clear bgp EXEC command is entered.
Symptoms of this situation include the prefix being present in the Border Gateway Protocol (BGP) table with the received-only path, the prefix remaining in the IP table, and the prefix not being withdrawn from all the other peers to which it has advertised. These symptoms do not occur if both peers are route-refresh capable, soft-reconfiguration inbound is not configured, the filter that you apply does not result in a deny for a prefix, if you do a hard reset, or the soft reconfiguration is done through route-refresh.
Workaround: If you have soft cleared the session after applying the filter, enter the clear ip bgp {*} [soft out] EXEC command.
Alternate workaround: Upgrade to Cisco IOS Release 12.0(8.5)S.
Miscellaneous
•CSCdk77704
If you enable fancy queueing on an interface where it is the default, the queueing behavior might not function properly. There is no workaround.
•CSCdp17433
The Forwarding Information Base (FIB) scanner might not free a locked FIB entry so the FIB path chunks will never be freed, resulting in a memory leak. There is no workaround.
•CSCdp35794
When Access Control Lists (ACLs) are used, Gigabit and Fast Ethernet line cards might experience data corruption. This situation is likely to happen for non-Address Resolution Protocol (ARP) standard Ethernet style (RFC 826) encapsulation packets.
When extended or compiled ACLs are used, a Internet router with Gigabit Ethernet (GE) or Fast Ethernet (FE) line cards might experience line-card failures or corruption of internal queueing structures. This failure might result in incorrect traffic forwarding behavior for packets received on affected cards.
This failure will not occur if ACLs are not used. Even when ACLs are configured, the occurrence of this failure is still rare. Conditions that will increase the frequency of the error occurring are the use of compiled access lists, large amounts of traffic with nonstandard Ethernet encapsulations, or the presence of large amounts of ARP traffic.
Workaround: Reset the card by entering the microcode reload [slot-number] global configuration command.
•CSCdp38982
When a first label switch router (LSR) is sending Multiprotocol Label Switching (MPLS) encapsulated IP frames to a second LSR that is removing the last label and sending the resultant IP frame onto an Inter-Switch Link (ISL), then IP packets of less than 44 bytes will be received as cyclic redundancy check (CRC) errors. There is no workaround.
•CSCdp41376
Multiprotocol Label Switching (MPLS) imposition load balancing adjacency entry updates might cause the Internet router performance line cards to reload. There is no workaround.
•CSCdp42529
A Cisco 7200 VXR router might experience a situation where switched virtual circuits (SVCs) are disconnected intermittently and then recovered after 7 to 20 hours. There is no workaround.
•CSCdp46780
After the primary clock scheduler card (CSC) has been removed, a Cisco OC-48/STM-16 Packet-over-SONET/SDH line card might not recover from being switched to the secondary clock switched card (CSC) card and report error messages.
Workaround: Reload the line card.
•CSCdp47676
Under certain timing conditions on some Versatile Interface Processors (VIPs), 2-port High-Speed Serial Interfaces (HSSIs) or PA-2T3s might experience abnormal transmit underruns as indicated by the show interfaces EXEC command. There is no workaround.
•CSCdp52926
Output committed access rate (CAR) might not function properly when running on a non-Versatile Interface Processor (VIP) interface. Traffic does not pass properly through the output interface that is enabled with CAR. There is no workaround.
•CSCdp54813
A Cisco 7500 series router will often reload when switching onto an IP tunnel if sending to the tunnel destination involves Multiprotocol Label Switching (MPLS) label imposition. There is no workaround.
•CSCdp58615
A Versatile Interface Processor (VIP) might reload after distributed committed access rate (DCAR) is configured and traffic is present on the VIP interface. The condition returns to normal after the VIP reloads. There is no workaround.
•CSCdp58675
Received packets that had been padded by the previous hop are corrupted by the Multiprotocol Label Switching (MPLS) distributed Cisco Express Forwarding (dCEF) label imposition code, which will result in IP checksum errors at their final destination or at an intermediate hop, depending on the network configuration.
Workaround: Disable dCEF globally or on a per-VIP interface basis.
•CSCdp64140
Two Cisco 12000 series Internet router that are connected by a Gigabit Ethernet (GE) connection might exhibit "GRP-4-CORRUPT" error messages when one of the routers is upgraded to Cisco IOS Release 12.0(8)S. There is no workaround.
Wide-Area Networking
•CSCdm56380
When an ATM switch is not configured, a permanent virtual circuit (PVC) or one of the subinterfaces might be shut down on the other side of the ATM switch, but the Simple Network Management Protocol (SNMP) agent reflects that the subinterface shows the subinterface as being UP(AdminStatus and OperStatus). There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(8)S1
Cisco IOS Release 12.0(8)S1 is a rebuild of Cisco IOS Release 12.0(8)S. All the caveats listed in this section are resolved in Cisco IOS Release 12.0(8)S1 but may be open in previous releases.
•CSCdw65903
An error can occur with management protocol processing. Please use the following URL for further information:
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903
Resolved Caveats—Cisco IOS Release 12.0(8)S
All the caveats listed in this section are resolved in Cisco IOS Release 12.0(8)S. This section describes only severity 1 and 2 caveats.
IP Routing Protocols
•CSCdp15126
Symptoms A packet that is destined for a next hop may not be policy-routed.
Conditions These symptoms are observed when you enable policy routing on a Fast Ethernet Inter-Switch Link (ISL) subinterface.
Workaround There is no workaround.
Miscellaneous
•CSCdm36033
The pos delay triggers line command is used for Internet router POS interfaces connected to internally-protected DWDM systems. This command is invalid for interfaces that are configured as APS working or protected. Normally, even a few microseconds of line- or section-level alarms (SLOS, SLOF, or LAIS) will bring down the link until the alarm has been clear for ten seconds. If holdoff is configured, this link-down trigger is delayed for 100 ms. If the alarm stays up for more than 100 ms, the link is brought down as it is now. If the alarm clears before 100 ms, the link is not brought down.
•CSCdm82546
The Internet router Performance line cards do not have the ability to load balance between IP and tag adjacencies. There is no workaround.
•CSCdp05571
Entering the show access-list [#] command will report statistics for matches to fast Access Control List (ACL) items. Statistics are reported on an item by item basis and appear in parenthesis to right of the item. The statistics reported represent the running sum of matches to the item on all interfaces. This new command output fixes the problem of statistics for ACLs not being displayed in previous releases.
•CSCdp10843
When disabling distributed Cisco Express Forwarding (dCEF) on a running system, clean up all forwarding entries on the line card and move all incoming packets to the Route Processor (RP). The intent is to leave line card forwarding in the state it would have been in if dCEF had never been enabled in the first place.
Midpoints for Multiprotocol Label Switching traffic engineering (MPLS-TE) tunnel link-state packets (LSPs) do not get cleaned up when dCEF is disabled so when packets arrive at a Versatile Interface Processor (VIP) with the MPLS labels for these stale midpoint entries, the VIP will not forward these packets correctly.
Workaround: Reload any line card on which dCEF has been disabled if that line card is, or might be at some point, an incoming interface for an MPLS-TE tunnel LSP.
•CSCdp21343
Some permanent virtual connections (PVCs) in ATM line cards do not function. The show atm vc command indicates that the ATM PVC peak and average rates are zero. The state of any sub-interfaces remain INACTIVE. During a reload when the shut ATM sub-interface is encountered, all subsequent sub-interfaces within that interface will be ignored.
Workaround: Ensure that the ATM interface is not shut. Enter the shut and no shut commands on each affected ATM sub-interface.
•CSCdp21424
Under certain conditions, a Cisco 7200 or 7500 series router with a multichannel E1/T1 port adapter might exhibit the following error message:
%LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Serial3/0:0
There is no workaround.
•CSCdp31259
Enhanced OC48 Packet-Over-SONET (POS) line cards will not boot correctly if the fabric downloader is upgraded while running affected images. This problem can be triggered by the following commands:
Command Modeservice upgrade all
configuration
upgrade all all
enabled EXEC
upgrade fabric-downloader all
enabled EXEC
upgrade fabric-downloader [slot#]
enabled EXEC
The problem causes the line card to boot incorrectly. Changing to a different version of code is required to correctly load the card once the fabric downloader upgrade has been executed. The upgrade will need to be reinstalled after reload.
Workaround: Do not upgrade the fabric downloader by avoiding the upgrade commands.
•CSCdp31471
The available bit rate (ABR) feature on PA-A3 does not work. The PA-A3 driver can send and receive forward resource management (FRM) cells but backward resource management (BRM) cells cannot be transmitted. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(7)S
This section describes possibly unexpected behavior by Cisco IOS Release 12.0(7)S. This section describes only severity 1 and 2 caveats.
IBM Connectivity
•CSCdm89688
A Cisco 7000 series router with two CIP cards that are both running tn3270-server might unexpectedly reload with a software forced crash if you remove the client ip configuration command. There is no workaround.
Miscellaneous
•CSCdm70554
A Gigabit EtherChannel (GE) line card might pause indefinitely in FABL START state when the secondary Gigabit Route Processor is in the chassis.
Workaround: Remove the secondary Gigabit Route Processor.
•CSCdm72149
When formatting a PCMCIA card with Cisco IOS Release 12.0 S, the command might fail if you have not formatted your bootflash.
Workaround: Format your bootflash and try the operation again.
•CSCdm74152
A Cisco router that is running Cisco IOS Release 12.0(4.6)T through 12.0(5)T might experience problems with fast switching if Cisco Express Forwarding (CEF) is disabled.
Workaround: Enable Cisco Express Forwarding (CEF), and then disable CEF to remove it from the unwanted interfaces.
•CSCdm77266
A Cisco 12000 router that is running the "gsr-k4-p" software image in Cisco IOS Release 12.0(5.5)S2 might reload if you simultaneously configure Border Gateway Protocol (BGP) neighbors and static routes and Multicast Source Discovery Protocol (MSDP). There is no workaround.
•CSCdm89160
After you upgrade the ROM monitor on a Cisco router, the router might not reload properly and exhibit the following error message:
*** Cache Error Exception *** Cache Err Reg = 0xa4240560 data reference, primary cache, data field error , error on SysAD Bus PC = 0xbfc00e04, Cause = 0x8000, Status Reg = 0x30408404 Tiger Masked Interrupt Register = 0x000000ff Tiger Interrupt Value Register = 0x0000000c
This situation occurs only when the following conditions exist:
1) The router is running one of the following IOS software images: 11.2(17)GS1; 12.0(5.5)S1 and later versions prior to this fix; 12.0(5.6)S and later versions prior to this fix; or 12.0(6.0.2)S and later versions prior to this fix.
2) You have manually upgraded the ROM monitor using either the upgrade rom slot [RP-slot#] command or the upgrade all all command. If you used the upgrade all all command, answering "yes" when prompted to upgrade the Route Processor (RP) ROM monitor will cause this situation to occur.
Workaround: Do not upgrade the ROM monitor.
•CSCdp00618
A Route/Switch Processor (RSP) might reload while unprovisioning a channelized interface under heavy traffic. There is no workaround.
Resolved Caveats—Cisco IOS Release 12.0(6)S
This section describes possibly unexpected behavior by Cisco IOS Release 12.0(6)S. This section describes only severity 1 and 2 caveats.
IP Routing Protocols
•CSCdk70273
If there are more than 31 OSPF interfaces, flooding does not work, starting from the 32nd OSPF interface. There is no workaround.
•CSCdm34431
An RSP4 Route/Switch Processor that is running Cisco IOS Release 12.0(3.6)T or 12.0(4)T might reload with the following error message if you issue the copy tftp running command to update the configuration while the Versatile Interface Processor (VIP) or Route/Switch Processor (RSP) is under a heavy traffic load:
ipfib_policy_forward vip_ip_fib_flow amdfe_rx_interrupt s_amdfe_chec
kThis situation occurs when the RSP is running with a VIP2-50 Versatile Interface Processor, a Fast Ethernet port adaptor, and PA-A3 and is configured with distributed Cisco Express Forwarding (dCEF), policy routing, and NetFlow.
Workaround: Avoid reloading the configuration with the copy tftp running command.
•CSCdm51092
A Cisco router might reload if you enter the same no ip msdp mesh-group foo peer-address command twice. There is no workaround.
•CSCdm59659
When "debug ip icmp" is enabled on a line card in a Cisco 12000 series Internet router, it cannot be disabled. There is no workaround.
•CSCdm60244
A Cisco router might reload if you perform a router_id change or issue the clear ip bgp {*} command when Multicast Border Gateway Protocol (MBGP) is enabled.
Workaround: Avoid issuing the clear ip bgp {*} command or changing router_id.
•CSCdm94032
Border Gateway Protocol (BGP) routes might not be withdrawn if deterministic med is not enabled.
Workaround: Configure deterministic med by issuing the bgp deterministic med command.
ISO CLNS
•CSCdm61381
A Cisco 2500 series router might reload if you issue the no router isis [tag] command. There is no workaround.
Miscellaneous
•CSCdm09656
After you load the image on a Cisco 7500 series router that is running Cisco IOS Release 12.0 S and Release 12.0 T, issuing the no shutdown command on a T1 controller that is up causes the T1 controller to go down. Channels created under that controller also go down. This only happens with T1 and does not occur on Cisco 7200 series routers.
Workaround: Issue the shutdown command followed by the no shutdown command on the T1 controller. If this fails, perform a microcode reload to bring the controller back up.
•CSCdm12259
The rate limit on a Internet router might not work properly if input Committed Access Rate (CAR) based on QoS groups is configured. There is no workaround.
•CSCdm66427
If you use the "log" keyword in an Access Control List (ACL) that is used to filter routes, it might result in alignment errors that cause increased CPU utilization and interfere with normal router operation.
Workaround: Remove the "log" keyword from the configuration.
Wide-Area Networking
•CSCdm49871
A Cisco router reloads when you deconfigure a routing protocol (for example, when you issue the no ipx routing command). The problem exists in Cisco IOS Release 12.0(3)T and Release 12.0(3)S and later releases. At least one Frame Relay interface must be configured and at least one Frame Relay map (an association between a DLCI and a level 3 protocol address) must be established by Inverse ARP.
Workaround:
1. Disable Inverse ARP for the routing protocol to be deconfigured (for example, for IPX routing, use the no frame-relay inverse-arp ipx dlci interface configuration command).
2. Clear the Frame Relay Inverse ARP cache using the clear frame-relay-inarp executive command.
3. Remove the routing protocol from the router (for example, for IPX routing, use the no ipx routing global configuration command).
Troubleshooting
The following documents provide assistance with troubleshooting your Cisco hardware and software:
•Hardware Troubleshooting Index Page at:
http://www.cisco.com/warp/public/108/index.shtml
•Troubleshooting Bus Error Exceptions at:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800cdd51. shtml
•Why Does My Router Lose Its Configuration During Reboot? at:
http://www.cisco.com/warp/public/63/lose_config_6201.html
•Troubleshooting Router Hangs at:
http://www.cisco.com/warp/public/63/why_hang.html
•Troubleshooting Memory Problems - SYS-2-MALLOCFAIL at:
http://www.cisco.com/warp/public/63/mallocfail.shtml
•Troubleshooting High CPU Utilization on Cisco Routers at:
http://www.cisco.com/warp/public/63/highcpu.html
•Troubleshooting Router Crashes at:
http://www.cisco.com/warp/public/122/crashes_router_troubleshooting.shtml
•Using CAR During DOS Attacks at:
http://www.cisco.com/warp/public/63/car_rate_limit_icmp.html
Posted: Fri Dec 14 17:22:46 PST 2007
All contents are Copyright © 1992--2007 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.