|
|
April 4, 2001
 |
Note The most current Cisco documentation for released products is available on Cisco.com at http://www.cisco.com. The online documents may contain updates and modifications made after the hardcopy documents were printed. |
These release notes include the following topics:
These release notes document new features and caveats for the Cisco Content Routing software, Release 1.1. The previous version of this software was called the Content Router 4400 software, Release 1.0. Cisco Content Routing software, Release 1.1 contains boomerang technology for the Content Router 4430. Boomerang is a DNS-based content routing process utilized by the Content Router and systems, such as Content Engines, that have been configured to act as content routing agents for the Content Router.
Refer to the Cisco Content Routing Software Configuration Guide and Command Reference, Release 1.1 for a description of the content routing process, for details on configuring Release 1.1 on the Content Router, and for a reference to all of the commands in Release 1.1.
For details on how to configure a system as a content routing agent, refer to the documentation associated with that system's software.The Content Routing software, Release 1.1 operates on the Content Router, not the content routing agent. As of the printing the these release notes, the following systems can be configured as content routing agents:
Cisco Content Routing software, Release 1.1 is designed to operate on the Cisco Content Router 4430. It is compatible with the content routing agent software contained in Cisco Cache software, Release 2.5. It is not compatible with the content routing agent software contained in Cisco Cache software, Release 2.4.
|
Note We recommend that you install the most recent software version available for your model of the Content Router. |
To determine the version of the software currently running on the Cisco Content Router, log on to the Content Router and enter the show version EXEC command.
Content Router software can be downloaded from the Cisco Systems Software Center at the following URL:
http://www.cisco.com/cgi-bin/tablebuild.pl/content-router
Two types of Content Router software files are available on Cisco.com to download: files with the .pax suffix and files with the .bin suffix. The .pax file contains the full-image software with the graphical user interface (GUI) and is the file routinely installed. The .bin file software is for recovery situations that require booting from the network, or restoring Flash memory. Refer to the section "Recovering the Content Router System Software" in Chapter 3 of the Cisco Content Routing Software Configuration Guide and Command Reference, Release 1.1 for instructions on loading your system image with the .bin file.
To install the software from the .pax file:
Step 1 Use an FTP client to transfer the .pax file to the /local directory of your Content Router.
Step 2 Log on to the Content Router, and at the privileged level EXEC command prompt enter:
install filename.pax
where filename is the name of the .pax file.
Step 3 Follow the command-line interface instructions as prompted. At the following prompt, enter y:
Copy new image to flash memory?[yes]:
After the Content Router has rebooted, use the show version command to display the current software version.
This section includes:
There are no new hardware features in this release of the software.
This release includes the following new software features:
This release of the software provides support for up to 200 content routing agents. This support is provide by a process called simulated annealing. With simulated annealing, the first DNS server to send a request to the Content Router receives ten DNS responses from ten randomly selected agents, by default. This is called the "DNS race" because the first agent response received is the winner of the race and is therefore the site to which the user will connect. When the next request from the same DNS server occurs, the Content Router routes responses from the winner of the first race plus nine other randomly selected agents. The third time the same DNS server sends a request, the last two winners plus eight random agents are used. By default, the Content Router uses no more than three previous DNS race winners and a total of ten agents in each race. However, you can configure the maximum number of previous winners and the total number of agents used in each DNS race.
For more information about this feature, see the "boomerang annealing Command" section.
Denial-of-service (DoS) attacks can disable a host or a network by consuming critical resources, altering configuration information, or by destroying a physical network components.
Multiple mechanisms are included in this software to prevent the Content Router from being used in a DoS attack. For example, any packets with a source IP address representing a broadcast, multicast, or loopback address are discarded. Multiple DNS requests sent by the same server to the same domain within the same second are now rejected. If a possible DoS attack occurs, the following syslog message is displayed:
possible Denial-of-Service attack from 127.2.2.1 on domain www.mydomain.com; ignoring DNS
query!
For more information about this feature, see the "show boomerang Command" section.
The Content Router uses asynchronous probing of the requesting DNS server in order to determine which content routing agent's response reached the server first. This information is logged in two different files. One file is a time-stamped archive of the results of the asynchronous probing. This file is /var/log/archive.txt.
The second file contains a record of the eight previous DNS race winners for each DNS server that made a request in each domain. This text file (/local/boom.db) is stored in memory. It is generated by the boomerang database dump command. A total of 131072 (1024 x 128k) entries can be stored in the boom.db. After you reboot the Content Router, you can use the boomerang database restore command to restore the previous boom.db file contents.
For more information about this feature, see the "boomerang database Command" section.
A new form of agent configuration has been created to accommodate the scaling of agent support. The new boomerang client-list configuration mode allows you to create lists of content routing agents, which you can reuse when you configure other domains. To reuse a client-list, use the client-group command in domain configuration mode.
For more information about this feature, see the following sections:
This section describes the new commands included in Release 1.1:
To configure the maximum number of previous winners and total number of content routing agents that can be used in each DNS race, use the boomerang annealing command.
boomerang annealing past-winners win-number agent-count agent-number
Syntax Description
past-winners Specifies maximum number of previous DNS race winners that can be used in the next DNS race. win-number Number of previous winners (0 to 8). agent-count Specifies total number of agents that can participate in each DNS race. agent-number Number of agents (1 to 40).
Defaults
The default past-winners value is 3. The default agent-number value is 10.
Command Modes
Global configuration
Usage Guidelines
Use the boomerang annealing command to configure the number of maximum number of previous winners and the total number of agents used in each DNS race. For example, if agent-number is 20, the first DNS server to send a request to the Content Router receives 20 DNS responses from 20 randomly selected agents. This is called the "DNS race." The first agent response received is the winner of the DNS race and therefore is the site to which the user will connect. When the same DNS server sends another request, the Content Router routes responses from the winner of the first race plus 19 other randomly selected agents. The third time the same DNS server sends a request, the last two race winners, plus 18 random agents are used, and so on. If win-number is set at 3, three is the maximum number of previous race winners that can be included in the race.
To configure the Content Router to send out as many random DNS replies as possible (up to 40), use the no command. For example:
Console (config-domain)# no boomerang annealing
|
Note The no boomerang annealing command does not set boomerang annealing to default values. Instead, it allows the Content Router to send out as many random DNS replies as possible, up to 40. |
Examples
Console (config)# boomerang annealing past-winners 5 agent-number 9
To enter client-list configuration mode in order to edit or create a new list of content routing agents, use the boomerang client-list global configuration command.
boomerang client-list list-name
Syntax Description
list-name Name of client list (list of agents).
Defaults
No default behavior or values
Command Modes
Global configuration
Usage Guidelines
Use this command to enter client-list configuration mode. Use list-name to specify the name of the list of content routing agents that you want to edit or to specify a new name for a new list. After using this command, use the client command to create or edit a client list.
Examples
Console (config)# boomerang client-list List_A
Related Commands
client
client-group
To generate a database file of recent DNS race winners, use the boomerang database EXEC command.
boomerang database {dump | restore}
Syntax Description
dump Generates a database of recent DNS race winners in the text file /local/boom.db. restore Restores previous boom.db file contents after the system reboots.
Defaults
No default behaviors or values
Command Modes
EXEC
Usage Guidelines
Use the boomerang database dump command to generate a record of the eight previous DNS race winners for each DNS server that made a request in each domain. If the same agent won more than one of the eight previous races, you will see fewer than eight agents listed. This text file (/local/boom.db) is stored in memory. A total of 131072 (1024 x 128k) entries can be stored in the boom.db file. After you reboot the Content Router, you can use the boomerang database restore command to restore the previous boom.db file contents.
Examples
Console# boomerang database dump
Console# boomerang database restore
To configure the decay and sample frequency values of a domain, use the boomerang timing global configuration command.
boomerang timing {decay decayvalue}{sample-freq samp-freqvalue}
Syntax Description
decay Specifies how to weight the latest round trip time (RTT) measurement. A lower decay value gives higher priority to recent measurements. decayvalue Decay value (1 to 10). The default value is 2. sample-freq Sets how many times per minute to sample the delay between the Content Router and the content routing agent. samp-freqvalue Sample frequency value in number of times per minute (1 to 600). The default value is 6.
Defaults
The default decay value is 2. The default samp-freq value is 6.
Command Modes
Global configuration
Examples
Console (config)# boomerang timing decay 5
Console (config)# boomerang sample-freq 24
To assign a client list (list of content routing agents) to a domain, use the client-group domain configuration mode command.
client-group list-name
Syntax Description
list-name Name of client-list.
Defaults
No default behaviors or values
Command Modes
Domain configuration
Usage Guidelines
To use a client list for another domain, use the boomerang dns domain command to enter domain configuration mode for the domain, and then use the client-group command to specify the client list you want to use.
Examples
To reuse client list List_A for domain www.mydomain.com, enter the following commands:
Console (config)# boomerang dns domain www.mydomain.com
Console (config-domain)# client-group List_A
This section describes the commands that have changed since the Content Router 4400 software, Release 1.0.
The decay and sample-freq command options have been incorporated into the new boomerang timing command option.
The client command consists of the same syntax used in Release 1.0, but in Release 1.1 it is now a client-list configuration mode command. Use this command to assign content routing agents to the client list specified by the boomerang client-list command. For example:
Console (config)# boomerang client-list List_A
Console (config-client-lis)# client 10.2.3.4
Console (config-client-lis)# client 10.2.5.7
Console (config-client-lis)# client 10.2.6.8
Console (config-client-lis)# client 10.2.7.9
To remove a client from a list, use the no command in client-list configuration mode. For example:
Console (config-client-lis)# no client 10.2.3.4
The show boomerang EXEC command output has been modified to support new features in this release. Content routing agents are displayed according to their assigned list, and associated client groups are displayed under each domain name. (Agents are described as "clients" in the output.) The show boomerang command also displays new denial-of-service prevention data. In addition, new command options have been added.
For context, the entire show boomerang command is described below.
show boomerang {all | client-list list-name | domain domain-name | global}
Syntax Description
boomerang Displays boomerang-specific configuration information. all Displays all of the show boomerang information. client-list Displays configuration information for specified client list. list-name Name assigned to a list of content routing agents with the boomerang client-list command. domain Displays configuration information for specified domain. domain-name Name of domain (for example, www.foo.com). global Displays boomerang global DNS statistics.
Defaults
No default behavior or values
Command Modes
EXEC
Usage Guidelines
On a Content Router, this command displays the current average latency between the Content Router and its content routing agents. (Agents are described as "Boomerang Clients" in the output.) If the agent is repeatedly unreachable, the word "unknown" is displayed instead of a number. See Table 0-1 for a breakdown of the information displayed by the show boomerang command.
|
Note The delay time for agents may differ from one domain to another because of updates during the execution of the command. |
This command also shows the number of DNS packets received that have a bogus IP source address. Packets bearing these source addresses are typically used with the intention of using the Content Router in a denial-of-service attempt, or to overload the Content Router. Packets with these source addresses are discarded by the Content Router in direct mode, and reinserted into the original packet stream in WCCP mode. Bogus IP source addresses include the following:
|
Note If a possible denial-of-service attempt occurs, the following syslog message is displayed: |
possible Denial-of-Service attack from 127.2.2.1 on domain www.mydomain.com; ignoring DNS query!
Examples
Console# show boomerang all
DNS packets with unknown domain:0
Number of PTR Type requests (valid/invalid/total):15/0/15
Domain or Alias A pkts SOA pkts MX pkts Unsupported
www.boomexample.com 28 4 5 0
www.boomtest.org 14 1 7 0
Client Group:list1
Maximum Configured Delay: 500 msec
23 queries sent to resolvers, 12 responses received
Client List:list1 One-way Probe Races
Delay (msec) Timeouts Won
10.2.3.4 23.741 0% 5 21.7%
10.2.4.4 303.908 0% 0 0.0%
10.2.5.4 63.695 0% 2 8.6%
10.2.6.4 83.718 0% 2 8.6%
10.2.7.4 103.544 0% 0 0.0%
10.2.8.6 203.620 0% 0 0.0%
Client List:list2 One-way Probe Races
Delay (msec) Timeouts Won
10.2.8.7 203.646 0% 0 0.0%
10.2.8.8 203.636 0% 0 0.0%
10.2.8.9 202.965 0% 0 0.0%
10.2.8.10 unknown 100% 0 0.0%
1 minute input rate 0 requests/sec, output rate 0 services/sec
5 minute input rate 0 requests/sec, output rate 0 services/sec
10 minute input rate 0 requests/sec, output rate 0 services/sec
current counts:50 requests, 44 fulfills, 0 fails
23 queries sent to resolvers, 12 responses received
0 bogus source address, 0 bogus length
0 bogus client source address, 0 no buffer
2 elements in dproxy-domain database, 5 denial-of-service attempts
Table 0-1 describes the fields in the display.
| Field | Description |
|---|---|
DNS packets with unknown domain | Number of DNS packets received in which the domain has not been configured on the system. |
Number of PTR Type requests | Number of PTR Type requests. |
Domain or Alias | Name or alias of the current domain. |
A pkts | Number of DNS Address packets received. |
SOA pkts | Number of DNS Start of Authority packets received. |
MX pkts | Number of DNS Mail eXchange (MX) packets received. |
Unsupported | Number of DNS requests other than A, SOA, or MX packets. (These unsupported packets are discarded.) |
Client group | Name of client list assigned to this domain. |
Maximum Configured Delay | Configured maximum one-way delay. (One-way delays greater than this value are reduced to this value.) |
Queries sent to resolvers | Number of DNS queries sent to resolvers. |
Responses received | Number of DNS responses received. |
Client list | Name of client list. The agents in the client list are listed below this heading. |
One-way Delay | Observed delay in packets sent from the Content Router to the agent. Calculated by dividing the round trip time by 2. |
Probe Timeouts | Percentage of keepalive probes sent to the agent for which a response was not received. |
Races won | Number of DNS races this agent won. |
input rate | Average number of valid DNS requests received per second over the past 1, 5, and 10 minutes. |
output rate | Average number of valid DNS requests serviced per second over the past 1, 5 and 10 minutes. |
current counts | DNS request counts. |
requests | Total number of valid DNS requests. |
fulfills | Total number of valid DNS requests sent to agents. |
fails | Total number of valid DNS requests that failed to be serviced. (Usually due to lack of memory.) |
bogus source addresses | Number of bogus source addresses received. (See the show boomerang "Usage Guidelines" section.) |
bogus length | Number of times a packet of the wrong length was received. |
no buffer | Number of times a free packet was requested when none were available. |
elements in dproxy-domain database | Number of elements in the dproxy (DNS server) domain database. (There is one element for every unique combination of DNS server and content routing domain.) |
denial-of-service attempts | Number of times denial-of-service attempts were detected. |
A new boomerang command option has been added to the show running-config EXEC command. This option allows you to request client-list-specific and domain-specific configuration information.The full show running-config command is described below.
show running-config [boomerang {client-list list-name | domain domain-name}]
Syntax Description
boomerang (Optional.) Displays boomerang-specific configuration information. client-list Displays configuration information for specified client list. list-name Name assigned to a list of agents with the boomerang client-list command. domain Displays configuration information for specified domain. domain-name Name of domain (for example, www.foo.com).
Defaults
No default behavior or values
Command Modes
EXEC
Usage Guidelines
Use this command in conjunction with the show startup-config command to compare the information in running memory to the startup configuration used during bootup.
Examples
Console# show running-config
Building configuration...
Current configuration:
!
!
!
user add admin uid 0 capability admin-access
!
!
!
hostname CR4430
!
interface ethernet 0
ip address 10.2.2.8 255.255.255.0
ip broadcast-address 10.2.2.255
exit
!
interface ethernet 1
exit
!
ip default-gateway 10.2.2.1
ip name-server 10.2.2.6
ip route 0.0.0.0 0.0.0.0 10.2.2.1
cron file /local/etc/crontab
!
!
!
!
boomerang dns enable direct-mode
!
boomerang dns domain www.boomexample.com
key 7 15060e1f10
origin-server 10.2.2.6 boomexample.com
client-group list1
!
boomerang client-list list1
client 10.2.3.4
client 10.2.4.4
client 10.2.5.4
client 10.2.6.4
client 10.2.7.4
client 10.2.8.6
!
boomerang client-list list2
client 10.2.8.7
client 10.2.8.8
client 10.2.8.9
client 10.2.8.10
Before upgrading your Content Router to Release 1.1, upgrade any associated content routing agents to software that is compatible with Content Routing software, Release 1.1. For example, if you are using Content Engines as content routing agents, upgrade them to Cisco Cache software, Release 2.5 before installing a new Content Router.
 |
Caution There is no supported path for downgrading to Release 1.0 after you upgrade to Release 1.1. Remember to save a backup copy of your Release 1.0 configuration. |
|
Note Cisco Content Routing software, Release 1.1 is not compatible with Cisco Cache software, Release 2.4. |
All communications between the Content Router and the content routing agents take place on UDP port 1304.
Cisco Content Routing Software Configuration Guide and Command Reference, Release 1.1
Cisco Cache Software Command Reference, Release 2.5.0
Cisco Cache Software Configuration Guide, Release 2.5.0
Release Notes for Cisco Cache Software, Release 2.5.0
The following sections provide sources for obtaining documentation from Cisco Systems.
You can access the most current Cisco documentation on the World Wide Web at the following sites:
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.
Cisco documentation is available in the following ways:
If you are reading Cisco product documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.
You can e-mail your comments to bug-doc@cisco.com.
To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:
Attn Document Resource Connection
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate your comments.
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For Cisco.com registered users, additional troubleshooting tools are available from the TAC website.
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.
Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online technical support, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.
Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.
To access Cisco.com, go to the following website:
The Cisco TAC website is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.
If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to the TAC website:
P3 and P4 level problems are defined as follows:
In each of the above cases, use the Cisco TAC website to quickly find answers to your questions.
To register for Cisco.com, go to the following website:
http://www.cisco.com/register/
If you cannot resolve your technical issue by using the TAC online resources, Cisco.com registered users can open a case online by using the TAC Case Open tool at the following website:
http://www.cisco.com/tac/caseopen
If you have a priority level 1(P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following website:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
P1 and P2 level problems are defined as follows:
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
AccessPath, AtmDirector, Browse with Me, CCDA, CCDE, CCDP, CCIE, CCNA, CCNP, CCSI, CD-PAC, CiscoLink, the Cisco NetWorks logo, the Cisco Powered Network logo, Cisco Systems Networking Academy, the Cisco Systems Networking Academy logo, Fast Step, Follow Me Browsing, FormShare, FrameShare, GigaStack, IGX, Internet Quotient, IP/VC, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, MGX, the Networkers logo, Packet, PIX, RateMUX, ScriptBuilder, ScriptShare, SlideCast, SMARTnet, TransPath, Unity, Voice LAN, Wavelength Router, and WebViewer are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All That's Possible, and Empowering the Internet Generation, are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Enterprise/Solver, EtherChannel, EtherSwitch, FastHub, FastSwitch, IOS, IP/TV, LightStream, MICA, Network Registrar, Post-Routing, Pre-Routing, Registrar, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. or its affiliates in the U.S. and certain other countries.
All other brands, names, or trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0102R)
Copyright © 2000, Cisco Systems, Inc.
All rights reserved.
Posted: Sat Sep 28 19:39:20 PDT 2002
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.