Worldwide [change] |Account |Register |About Cisco
Guest

Hierarchical Navigation

Cisco 10000 Series Routers

Cisco IOS Release 12.2(4)BZ2

Downloads

Table Of Contents

Release Notes for the Cisco 10000 Series ESR
for Cisco IOS Release 12.2(4)BZ2

Contents

Upgrading to a New Software Release

System Requirements

New Features in Cisco IOS Release 12.2(4)BZ1

Cisco 10000 Series ESR Software Features

Limitations and Restrictions

Pre-cloning

AAA Method Lists

Remote Access MPLS VPNs

RBE Sub-interfaces with Per session rate limiting

Unshaped UBR PVCs

Controlling the Rate of Logging Messages

Testing Performance of High-Speed Interfaces

Important Notes

Available Memory with Features Enabled

Provisioning for Scaling

PPPoA sessions with IP QoS Static Routes

Call Per Second Rate

AAA Authentication on the NME Port

Call Admission Control

Inserting a New Line Card

Resolved Caveats in Cisco IOS Release 12.2(4)BZ2

Open Caveats in Cisco IOS Release 12.2(4)BZ1

Resolved Caveats in Cisco IOS Release 12.2(4)BZ1

Other Caveats

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Contacting TAC by Using the Cisco TAC Website

Contacting TAC by Telephone


Release Notes for the Cisco 10000 Series ESR
for Cisco IOS Release 12.2(4)BZ2

October 7, 2002

These release notes provide information about Cisco IOS Release 12.2(4)BZ2, which provides broadband aggregation features for the Cisco 10000 series edge services router (ESR).

These notes are identical to the release notes for Cisco IOS Release 12.2(4)BZ1, but were updated to include fixes for caveats discovered and resolved since the release of Cisco IOS Release 12.2(4)BZ1 (see Resolved Caveats in Cisco IOS Release 12.2(4)BZ2).

These release notes are updated as needed to describe new features, memory requirements, hardware support, software platform deferrals, and changes to the microcode and related documents.

Cisco IOS Release 12.2(4)BZ2 is based on the following releases:

Cisco IOS Release 12.2(4)BZ1

Cisco IOS Release 12.0(19)SL for features specific to the Cisco 10000 series ESR

Cisco IOS Release 12.2B for platform-independent features

To review the release notes for Cisco IOS Release 12.0(19SL, go to www.cisco.com and click Technical Documents > Aggregation > Cisco 10000 Series Edge Services Routers > Cisco 10000 Series ESR Release Notes > Release Notes for the Cisco 10000 Series ESR for Cisco IOS Release 12.0(19)SL.

To review the release notes for Cisco IOS Release 12.2, go to www.cisco.com and click Technical Documents. Select Release 12.2 from the Cisco IOS Software drop-down menu. Then click Cisco IOS Release Notes > Cisco IOS Release 12.2.

Contents

This document contains the following sections:

Upgrading to a New Software Release

System Requirements

New Features in Cisco IOS Release 12.2(4)BZ1

Cisco 10000 Series ESR Software Features

Limitations and Restrictions

Important Notes

Resolved Caveats in Cisco IOS Release 12.2(4)BZ2

Open Caveats in Cisco IOS Release 12.2(4)BZ1

Resolved Caveats in Cisco IOS Release 12.2(4)BZ1

Other Caveats

Obtaining Documentation

Obtaining Technical Assistance

Upgrading to a New Software Release

For specific information about upgrading your Cisco 10000 series ESR to a new software release, see the Cisco 10000 Series ESR Software Configuration Guide.

For general information about upgrading to a new software release, see the product bulletin Cisco IOS Upgrade Ordering Instructions located at:

http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/957_pp.htm

For additional information about ordering Cisco IOS software, refer to the Cisco IOS Software Releases URL:

http://www.cisco.com/warp/public/cc/pd/iosw/iore/index.shtml

System Requirements

This broadband aggregation image requires that you have the PRE1 version (part number ESR-PRE1) of the Performance Routing Engine (PRE) installed in the Cisco 10000 series ESR chassis. To verify which PRE is installed in the ESR, use the show version command.

New Features in Cisco IOS Release 12.2(4)BZ1

This section lists the new features and improvements that are supported in Cisco IOS Release 12.2(4)BZ1. For more information, see the Cisco 10000 Series ESR Broadband Aggregation Feature Guide.

Access Protocols

PPPoE over Ethernet

PPPoE over IEEE 802.1Q VLANs

Aggregation and Virtual Private Networks

MPLS VPNs

Overlapping IP Address Pools

PPPoA to MPLS VPN

PPPoE to MPLS VPN

IP and Routing

IP Multicast

Managed L2TP Network Server

Overlapping IP Address Pools

PPP in L2TP Terminated (LNS) to VRF

VPDN Session Limiting per VRF

PPPoA Terminated (PTA) to VRF

PPPoE Terminated (PTA) to VRF

Per VRF AAA

Quality of Service

MPLS VPNs

Overlapping IP Address Pools

Per Session Rate Limiting

Per Session Service Policy

Remote Access to MPLS VPN

MPLS VPNs

PPPoA to MPLS VPN

PPPoE to MPLS VPN

Overlapping IP Address Pools

Traffic Filtering

ACLs per Session

Cisco 10000 Series ESR Software Features

Table 1 lists the leased line features based on Cisco IOS Release 12.0(19)SL, and supported in the Cisco 10000 series ESR.

Table 1 Principal Software Features 

Administration

Cisco Discovery Protocol (CDP)

Simple Network Management Protocol (SNMP)

Availability

Route Processing Redundancy Plus (RPR+)

Encapsulations

Ethernet

High-Level Data Link Control (HDLC)

Point-to-Point (PPP)

Multilink Point-to-Point (MLP)

Multiprotocol Label Switching

Multiprotocol Label Switching Virtual Private Network (MPLS/VPN) edge services

802.1q PXF switching for ARPA encapsulation

Multicast Features

Multicast Static Routes

Multicast Routing Monitor (MRM)

Multicast Services

Internet Group Management Protocol (IGMP)

Protocol-Independent Multicast (PIM)

Distance Vector Multicast Routing Protocol (DVMRP)

Cisco Group Management Protocol (CGMP)

Unidirectional Link Routing (UDLR)

Session Directory Protocol (SDP)

Multicast Source Discovery Protocol (MSDP)

Border Gateway Protocol (BGP)

Routing Protocols

Border Gateway Protocol (BGP)

Intermediate System-to-Intermediate System (IS-IS)

Open Shortest Path First (OSPF)

Interior Gateway Routing Protocol (IGRP)

Enhanced Interior Gateway Routing Protocol (EIGRP)

Routing Information Protocol (RIP)

Policy Based Routing (PBR)

Security Features

Standard and extended access lists

Authentication, Authorization, and Accounting (AAA)

Kerberos authentication and client support on Telnet

RADIUS authentication

Terminal Access Controller Access Control System Plus (TACACS+)


Limitations and Restrictions

This section describes any limitations and restrictions that you should review before you use the Cisco 10000 series ESR.

Pre-cloning

To avoid a situation in which the Cisco 10000 series ESR runs out of memory, we recommend that you do not configure pre-cloning on virtual access interfaces.

AAA Method Lists

Cisco IOS Release 12.2(4)BZ1 supports a maximum of 99 authentication, authorization, and accounting (AAA) method lists. If you configure more than 99 AAA method lists using the aaa authentication ppp or aaa authorization network command, traceback messages appear on the console.

Remote Access MPLS VPNs

With PPPoAoE configured, the Cisco 10000 series ESR running Cisco IOS Release 12.2(4)BZ1 supports only one remote access MPLS VPN.

RBE Sub-interfaces with Per session rate limiting

With Cisco IOS Release 12.2(4)BZ1, the Cisco 10000 series ESR supports a maximum of 2,000 RBE RFC 1483 routed sub-interfaces with per-session rate limiting.

Unshaped UBR PVCs

Cisco IOS Release 12.2(4)BZ1 supports a maximum of 8000 unshaped UBR VCs on the OC-12 ATM line card. An unshaped UBR PVC is a PVC that has no rate configured on it. You can configure up to 16,000 shaped UBR VCs per port on the OC-12 line card if you configure the VCs with a shaped rate less than 299 Mbps.

Controlling the Rate of Logging Messages

It is important that you limit the rate that system messages are logged by the Cisco 10000 series ESR. This helps to avoid a situation in which the router becomes unstable and the CPU is overloaded. To control the output of messages from the system, use the logging rate-limit command.

We recommend that you configure the logging rate-limit command as follows: 

Router(config)# logging rate-limit console all 10 except critical

This rate-limits all messages to the console to 10 per second, except for messages with critical priority (level 3) or greater.

For more information on the logging rate-limit command, see the Cisco IOS Configuration Fundamentals Command Reference.

Testing Performance of High-Speed Interfaces

Cisco IOS software running on the Cisco 10000 series ESR has multiple queues for all classes of traffic over high-speed interfaces. The software selects a queue based on the source and destination address for the packet. This ensures that a traffic flow always uses the same queue and the packets are transmitted in proper order.

When the Cisco 10000 series ESR is installed in a real network, the high-speed interfaces work efficiently to spread traffic flow equally over the queues. However, using single traffic streams in a laboratory environment may result in less-than-expected performance.

Therefore, to ensure accurate test results, you should test the throughput of the gigabit Ethernet, POS, or ATM uplink with multiple source or destination addresses.

Tip To determine if traffic is being properly distributed, use the show hardware pxf cpu queue command.

Important Notes

This section contains important issues that you should be aware of with Cisco IOS Release 12.2(4)BZ1.

Available Memory with Features Enabled

The features that you enable on the Cisco 10000 series ESR consume available memory which may affect the operational capability of the ESR. To help you manage the memory available for features, use the information in Table 2.

Table 2 Available Memory with Features Enabled and Sessions Established

Features
Number of Sessions
Memory Available

RA-MPLS

32,000 PPPoX with 99 VRF

40-50 MB

QoS Policing

32,000 Unidirectional PPPoX

26-29 MB

QoS Policing

24,000 Bidirectional PPPoX

54 MB

PPPoE over VLANs

1000 VLANs with 32,000 PPPoE

126 MB

Full Virtual-Access Interface (VAI)

18,000

44 MB


Provisioning for Scaling

Cisco engineers have identified several configuration parameters that enable the Cisco 10000 series ESR to scale the configuration. Please ensure that you have the following commands and parameters in your configuration. For more information about configuring the Cisco 10000 series ESR for the highest scaling, see the Cisco 10000 Series ESR Broadband Aggregation Feature Guide.

PPPoA sessions with IP QoS Static Routes

To scale to 32,000 PPPoA with IP QoS enabled, you must limit the number of IP QoS static routes to 4,000 unidirectional QoS static routes.

Call Per Second Rate

When the Cisco 10000 series ESR is configured as a PPPoEoE server, the call-per-second (CPS) rate that the router can support is related to the session configuration and existing session number. With a per-session configuration, such as an ACL or QoS, the time required to establish sessions increases. Also, with higher numbers of existing sessions, the time required to establish new sessions increases.

To help you configure the Cisco 10000 series ESR for the highest scaling, the CPS performance of the router was bench-marked, and the following characteristics were observed:

Using local authentication with no other per-session configuration such as ACL or QOS, the router can support up to 300 CPS after 16,000 existing sessions

Using local authentication, with an outbound ACL and service-policy for each session, the router can support up to 300 CPS or higher, even after 8,000 existing sessions.

AAA Authentication on the NME Port

If you use AAA authentication on the NME port, set both the in and out interface hold queues to 4096. For example: 

Router(config)# int fe 0/1

Router(config-if)# hold-queue 4096 in

Router(config-if)# hold-queue 4096 out

Call Admission Control

For maximum scalability, we recommend that you set the Call Admission Control (CAC) to a maximum of 95. For example: 

Router(config)# call admission limit 95

Inserting a New Line Card

Unlike other Cisco routers, if you insert a new or different line card into a Cisco 10000 series ESR chassis slot that previously had a line card installed, the line card initially reports that it is administratively up.

Resolved Caveats in Cisco IOS Release 12.2(4)BZ2

This section lists caveats that have been resolved in Cisco IOS Release 12.2(4)BZ2.

CSCdx47342

Previously, if you entered the show mpls forwarding command or the show tag forwarding command, the memory of the Cisco 10000 series ESR became corrupted, which caused the router to stop responding. This problem has been fixed.

CSCdy43587

Previously, if you attempted to configure a VT controller on the channelized OC-12 line card installed in the Cisco 10000 series ESR, the router did not configure the VT controller correctly. This problem has been fixed.

CSCdy45444

Previously, when a packet was received by the Cisco 10000 series ESR in an L2TP tunnel (on an interface with multiple ports or channels), and the packet was diverted to the Route Processor (RP), the channel ID in the divert header was sometimes incorrect, resulting in the packet being improperly processed. This problem has been fixed.

CSCdy63036

Previously, if you changed the maximum transmission unit (MTU) value for a gigabit Ethernet interface, the change did not take effect immediately for incoming packets. If you increased the MTU value, the PXF dropped large incoming packets. If you decreased the MTU value, large packets (that should have been dropped) were allowed through. This problem has been fixed.

CSCdy68051

Previously, for ATM interfaces on the Cisco 10000 series ESR, the drop statistics for mtu_too_big were incorrectly combined with the drop statistics for mtu_too_wee, and caused confusion during debug sessions. This problem has been fixed.

CSCdy66350

Previously, if you configured PBR on the Cisco 10000 series ESR with the set ip next-hop action, a PXF crash could occur. This problem has been fixed.

Workaround: Disable PBR or the associated action.

Open Caveats in Cisco IOS Release 12.2(4)BZ1

Table 3 describes Open Caveats in Cisco IOS Release 12.2(4)BZ1.

Table 3 Open Caveats in Cisco IOS Release 12.2(4)BZ1

Caveat
Description

CSCdt47926

If you enter the dir disk0 command from ROMMON mode on the Cisco 10000 series ESR, the router reloads unexpectedly. This happens only if you use new disks that are shipped directly from the disk manufacturer.

Workaround: Reformat the disk.

CSCdv77601

If you add configuration commands to an existing configuration that has a large number of VCs, CPU use may increase. For example, in laboratory tests, adding the encapsulation aal5mux ppp Virtual-Template2 command to an existing configuration of 8000 VCs caused CPU use to increase.

Workaround: Add configuration commands when you create the VC configuration.

CSCdw09973

If you configure ToS on a virtual template, the inner (users) IP ToS settings are reflected in the outer L2TP IP ToS settings.

Workaround: There is currently no workaround.

CSCdw35723

If you copy the configuration of the router from bootflash or a TFTP server, the PerVRF Server definitions are not correctly restored, and the following error message appears on the console: 

%  Unknown VRF name=<vpn#>

Workaround: Manually configure the PerVRF Server definition using the ip vrf forwarding <vpn> command.

CSCdw36797

If PPPoE is configured on the router, the output of the show vpdn session packets command does not include locally-generated packets (ping packets sent to the PPPoE client) in the output fields, while packets that are passing through are included correctly.

Workaround: Use the show int virtual-access x.y command to display locally generated packets correctly.

CSCdw47382

If you configure the OC-12 ATM line card with more than 8000 unshaped UBR PVCs, and more than 8000 UBR PVCs are active, the SAR firmware on the line card experiences buffer leaks. This results in a reduced buffer pool for active VCs as well as an SAR firmware failure.

Workaround: Use shaped UBR with a shaped rate less than 299 Mbps. The OC-12 ATM line card supports up to 16000 shaped UBR PVCs per port.

CSCdw61985

If you remove the PVC range for active PPPoA sessions, the following traceback message appears on the console: 

16:16:41: %GENERAL-3-EREVENT: No vc_info for pppoa vccimap indexing 
-Traceback= 600C2038 600C225C 600C2544 609A4B60 609A6BE8 601B3A74 
602190D0 60218C18 60219948 6021A6B0 60352F84  6015DD70 60365A4C 
603E1018 603E1004

Workaround: There is currently no workaround.

CSCdw71583

The Cisco 10000 series ESR may reload unexpectedly during incoming authentication if the AAA method-type (that is using MS-CHAP) on the virtual-template is undefined, or if the user fails authentication.

Workaround: Delete the AAA method list before deleting the AAA method list that is configured on the virtual-template, or the configuration that refers to the AAA method list. Also, verify that the username is defined in either RADIUS or on the LNS.

CSCdw74379

If you add static routes to the Cisco 10000 series ESR configuration, traceback messages appear on the console.

Workaround: There is currently no workaround.

CSCdw77563

If you enter the server-private command on the Cisco 10000 series ESR, the following warning message appears on the console: 

%RADIUS-4-NOSERV: Warning: Server <IP-addr > is not defined

Workaround: There is currently no workaround. However, this problem does not affect the functionality or performance of the router.

CSCdw80543

If you configure 32,000 PPPoA sessions with IP QoS marking functionality, the remaining memory on the Cisco 10000 series ESR decreases to 26-29 MB.

Workaround: There is currently no workaround.

CSCdw90713

When you enter the show run command on a Cisco 10000 series ESR that is configured for remote access MPLS with 32,000 PPPoA sessions and 32,000 VRF routes, malloc failure occurs.

Workaround: There is currently no workaround. If you reduce the number of VRF routes in the configuration, you are unlikely to experience this problem.

CSCdx08689

If you clear an L2TP session on a Cisco 10000 series ESR that is configured as an LNS by entering the clear int vi4.xx command, accounting attributes 52,53.43,48 may contain incorrect values.

Workaround: There is currently no workaround.

CSCdx10298

If you clear VRF routes, spurious memory access problems may occur on the Cisco 10000 series ESR.

Workaround: There is currently no workaround.

CSCdx21007

If an LCP mismatch occurs with either the MTU size or authentication method between the LAC and the Cisco 10000 series ESR (that is configured as an LNS with CHAP/PAP), AAA accounting and VRF domain stripping may not work.

Workaround: Configure the lcp renegotiation on-mismatch command under the vpdn-group. For example: 

router(config)# vpdn-group 1

router(config-vpdn)# lcp renegotiation on-mismatch

CSCdx27637

If the Cisco 10000 series ESR has PPPoEoE sessions on a Gigabit Ethernet (GE) interface, and you add the first VLAN sub-interface, and you continue to build more PPPoEoE sessions on the GE interface, the router may crash after you enter the clear pppoe session command followed by the show pppoe session command.

Workaround: Shut down the GE interface before you add the VLAN sub-interface. Wait for all the PPPoEoE sessions to timeout instead of using the clear pppoe session command.

CSCdx27736

If you download IP Pools from a AAA server to the Cisco 10000 series ESR, the following message may appear on the console: 

%SCHED-3-UNEXPECTEDEVENT: Process received unknown event (maj 80, min 
0).

-Process= "PPP IPCP", ipl= 0, pid= 77

Workaround: There is currently no workaround. However, this problem does not affect the functionality or performance of the router.

CSCdx41630

If you remove an existing ACL from the configuration of the Cisco 10000 series ESR, and reconfigure the ACL, CPU HOG messages may appear on the console.

Workaround: There is currently no workaround. However, this problem does not affect the functionality or performance of the Cisco 10000 series ESR.

CSCdx42869

If you configure an Access List on a virtual template, the setup time for sessions may increase.

Workaround: There is currently no workaround.

CSCdx43070

The input rate-limited data on an ATM interface with a UBR PVC on the Cisco 10000 series ESR may exceed the configured police rate of the policy-map.

Workaround: There is currently no workaround.

CSCdx45033

If you enter the clear counters command to clear virtual-access sub-interface counters, the counters are not cleared.

Workaround: Clear the session by entering the clear int virtual-access <x>.<y> command.

CSCdx45925

Outbound ACLs configured with AAA per-user have no effect.

Workaround: To avoid this problem, use a locally configured ACL and include one of the following in the configuration:

Add the ip access-group in/out command under the virtual-template.

Add the lcp:interface-config=ip access-group in/out command under a RADIUS per-user VSA.

Use the ACL default Direction feature by including the radius-server attribute 11 direction default command. Then, on the RADIUS server , use attributes 11 Filter-ID to choose the ACL.

CSCdx48570

If you have a high number of PPPoEoA sessions in a VRF, and you redistribute them using the RIP routing protocol, Version 2, and reset the BGP session using the clear ip bgp* command, the router may reload unexpectedly.

Workaround: Instead of using the full VRF routing table, send a summary route using RIP.

CSCdx52139

If you attempt to download two non-contiguous IP pools from a AAA server to the Cisco 10000 series ESR, PPPoX sessions only use the first IP pool

Workaround: Create a single pool.

CSCdx52886

If you attempt to download two non-contiguous IP pools from a AAA server to the Cisco 10000 series ESR, the second IP pool overwrites the first one.

Workaround: Create a single pool for all the PPPoX sessions. For example, if you want to create 300 sessions, create a pool with 300 IP addresses.

CSCdx61206

PPPoE over 802.1q VLAN sessions on the Cisco 10000 series ESR may take over 20 minutes to timeout after you remove or shut down the VLAN sub-interface.

Workaround: Enter the no pppoe enable command under the VLAN sub-interface before you remove or shut down the interface.

CSCdx61259

If the Cisco 10000 series ESR is configured for PPPoE VRF VPNs, PPPoA VRF VPNs, PPPoA with multicast, and PPPoA, the router may reload unexpectedly.

Workaround: There is currently no workaround.

CSCdx61323

If you configure 32,000 RFC 1483 RBE subinterfaces, the Cisco 10000 series ESR may run out of memory and reload unexpectedly.

Workaround: There is currently no workaround.

CSCdx61174, CSCdx76574, CSCdx76704, CSCdx80179, CSCin11517

If you configure the first VLAN subinterface, or remove the last VLAN interface on a Gigabit Ethernet interface, all the PPPoEoE sessions on the physical interface are cleared.

Workaround: There is currently no workaround.

CSCdx64344

If you configure the Cisco 10000 series ESR as a PE device, with 32,000 PPPoAoA and PPPoE sessions in a VRF VPN, and the ESR is receives BGP route information (with greater than 10,000 routes) from other PE routers, the ESR may consume an excessive amount of memory.

Workaround: There is currently no workaround.

CSCdx67501

The Cisco 10000 series ESR may run out of memory if you configure either 32,000 RBE subinterfaces with IP numbered interfaces, or 32,000 RFC 1483 routed ATM sub-interfaces with IP numbered interfaces.

Workaround: To scale up to 32,000 RBE sessions, use ip unnumbered subinterfaces.

CSCdx67749

If you enter the clear pppoe all command when there are greater than 20,000 PPPoE sessions active on the Cisco 10000 series ESR, Process Thrashing traceback messages may appear on the console.

Workaround: There is currently no workaround.

CSCdx67969

If you attach a VC class to a PVC on the Cisco 10000 series ESR, spurious memory access traceback messages may appear on the console.

Workaround: There is currently no workaround.

CSCdx69956

If you configure PPP idle timeout threshold under a virtual-template or the RADIUS attribute Idle-timeout, PPP sessions do not disconnect properly.

Workaround: There is currently no workaround.

CSCdx70422

If you configure three queues and a class map, and the queues receive traffic, the values displayed in the class map counters are double the actual traffic.

Workaround: There is currently no workaround. However, if you divide the value displayed in the class map counters by two, the result is accurate.

CSCdx76665

If the Cisco 10000 series ESR is transmitting and receiving MPLS traffic, or MPLS over Generic Routing Encapsulation (GRE) traffic, the Parallel eXpress Forwarding network processors on the PRE may crash.

Workaround: There is currently no workaround.

CSCdx76787

If the keepalive period for PPP sessions is configured for 60 seconds, and you enter the debug ppp packet command, the debug output does not show information for every keepalive packet.

Workaround: There is currently no workaround. However, this only affects the debug messages, and does not affect the feature.

CSCdx76920

If you perform a 1024-byte sweep ping (with the DF bit set) from a customer edge (CE) router that is connected to the Cisco 10000 series ESR over an RFC 1483 VPN, the PRE installed in the ESR may experience a PXF crash.

Workaround: There is currently no workaround.

CSCdx77345

In a laboratory test, with 300 multicast and 16,000 sessions configured on the Cisco 10000 series ESR, the ESR reloaded unexpectedly as ATM interfaces were configured, and de-configured many times.

Workaround: There is currently no workaround. However, the action required to cause this problem is considered extreme in a normal ESR installation, and you are unlikely to experience this problem.

CSCdx78109

If the Cisco 10000 series ESR is receiving traffic, and you modify the match access-group command under a class map, CPU HOG traceback messages may appear on the console.

Workaround: There is currently no workaround.

CSCdx78960

If you enter the clear pppoe all command with 32,000 sessions active on the Cisco 10000 series ESR, CPU HOG and Card Up/Down traceback messages appear on the console.

Workaround: There is currently no workaround.

CSCdx79296

If there are greater than 12,000 PPPoX sessions active on the Cisco 10000 series ESR, and you attach a QoS ACL class map, or you remove a QoS ACL class map in a policy map, CPU HOG traceback messages appear on the console, and the line cards may disconnect the sessions and become disabled.

Workaround: Configure the QOS ACLs before you establish the sessions. If you need to remove a QoS ACL class map from a policy map for a maximum of 12,000 sessions.

CSCdx82369

If two Cisco 10000 series ESRs are connected back-to-back, and you enter the clear ip mroute command on both ESRs, and the igmp query interval is set to 100, the line cards may stop functioning properly.

Workaround: There is currently no workaround.

CSCdx82771

If you enter the mtu <bytes> command for any value other than the default (1500), the clns mtu <bytes> command is also added to the configuration, which forces the use of a full virtual-access interface instead of a virtual-access subinterface.

Workaround: After you enter the mtu <bytes> command under a virtual template, remove the clns mtu <bytes> command by entering the no clns mtu <bytes> command.

CSCdx85133

If you establish a PPPoE L2TP tunnel over an OC-3 connection, LCP packet failures may occur, and the tunnel may fail to come up.

Workaround: Enter the class-int command with encapsulation aal5snap and protocol pppoe.

CSCdx85327

In some circumstances, the Cisco 10000 series ESR may use full virtual access interfaces instead of sub virtual access interfaces and consume an excessive amount of memory. Examples of configurations that could cause this condition include configurations with the no keepalive command, and configurations with an LCP interface with the config-ip-vrf forwarding vrf name command.

The following list shows the remaining memory for the number of sessions indicated:

19000 sessions—42 MB Memory

20000 sessions—25 MB Memory

21000 sessions—4 MB Memory

Workaround: If you must use full virtual access interfaces, limit the number of sessions to 21,000, or avoid configurations that use full virtual access interfaces.

CSCdx86733

The values for packets/bytes in/out as reported in the output of the show interface virtual-access command, or sent to the RADIUS server as part of the collection statistics, are not accurate in the case of L2TP re-assembly on the LNS.

Workaround: There is currently no workaround. However, traffic is not affected

CSCdx86735

If you have full virtual access configured on the Cisco 10000 series ESR, and you enter the no logging event link-status command under a virtual template, and the virtual access state changes from up to down, an event link-status message is logged.

Workaround: There is currently no workaround. However, this only occurs with ESRs configured to use full virtual access. ESRs configured to use sub virtual access are not affected.

CSCdx89083

If you remove a service policy from the configuration, and you enter the show policy-map interface command, the output may show incorrect counter values.

Workaround: There is currently no workaround.

CSCdx89990

If you remove an IP VRF configuration from a GRE tunnel, traceback messages may appear on the console.

Workaround: There is currently no workaround.

CSCdx91570

As the number of unreachable IP packets transmitted by the Cisco 10000 series ESR increases, the forwarding performance of the router may be affected as the PXF Context Utilization approaches 100%.

Workaround: There is currently no workaround.

CSCdx92156

If you copy a virtual template configuration to the running configuration, the following traceback message appears on the console: 

BadSHARE : Bad Refcount Traceback

Workaround: There is currently no workaround.

CSCdx94676

If you enter the write erase command, for a large configuration, and reload the Cisco 10000 series ESR, spurious memory access may occur during the reload.

Workaround: There is currently no workaround.

CSCdy15504

If you have 32,000 PPPoA sessions configured on the Cisco 10000 series ESR, and a microcode reload occurs, CPU Hog traceback messages appear on the console.

Workaround: There is currently no workaround.

CSCdy15580

If you have 4000 PVCs configured on the Cisco 10000 series ESR, and you perform an Online Insertion and Removal (OIR) with the OC-12 ATM line card, CPU hog messages appear on the console for 4 minutes and 30 seconds. Then the ESR CPU stabilizes for 2 to 3 minutes, and another CPU hog message appears on the console for 1 to 2 minutes. Following this, the CPU usage is 100% until the PVCs are established again.

Workaround: There is currently no workaround.

CSCdy15990

If you apply a PBR policy to an ATM subinterface, the policy is ignored. If you apply a PBR policy on the main ATM interface, it is applied correctly to that main interface, but incorrectly applied to all the subinterfaces.

Workaround: There is currently no workaround.

CSCdy16777

RADIUS Attribute 45 (acct-authentic) is not included in the Accounting update/watchdog packet.

Workaround: There is currently no workaround.

CSCdy17201

If the Cisco 10000 series ESR is configured as an L2TP Network Server (LNS), and is operating under a stressful load, a double-fragmentation of the inner and outer L2TP packet may occur resulting in a PXF crash.

Workaround: When the outer L2TP fragmentation occurs, you can prevent the inner fragmentation by making sure the tunnel MTU (MTU configured on the virtual-template) is greater or equal to the large packet size destined in the downstream direction.

CSCdy18017

If two adjacent Cisco 10000 series ESRs are configured as PE routers, and are providing remote access MPLS VPN services, the remote PE router receiving BGP prefixes may run out of memory for the TagR entry in the PXF cef table.

Workaround: There is currently no workaround.

CSCdy18150

If the number of users do not match the number of IP addresses in the local pool on the Cisco 10000 series ESR, and debug ppp negotiation is configured, processor memory leaks occur.

Workaround: Do not use debug ppp negotiation for an extended period of time.

CSCdy18635

If 16,000 PPPoA sessions with 250 virtual templates and 250 VRFs (64 PPPoA sessions under each VT) are configured on the Cisco 10000 series ESR, a microcode reload may occur, and the following traceback message may appear on the console: 

%IPRT-4-ROUTECOUNTNEGATIVE

Workaround: There is currently no workaround.

CSCdy18648

If 16,000 PPPoA sessions with 250 virtual templates and 250 VRFs (64 PPPoA sessions under each VT) are configured on the Cisco 10000 series ESR, a microcode reload may occur, and a CPU hog condition may occur for approximately 4 minutes.

Workaround: There is currently no workaround.

CSCdy26289

If you change the encapsulation type on an ATM subinterface that has an active PPPoEoA session, and the main interface has a class-int configuration containing a pppoe protocol statement, the Cisco 10000 series ESR reloads unexpectedly.

Workaround: Do not configure the class-int statement on the main ATM interface.


Resolved Caveats in Cisco IOS Release 12.2(4)BZ1

This section lists caveats that have been resolved in Cisco IOS Release 12.2(4)BZ1.

CSCdv73385

In the past, if you configured AAA per-user static routes and specified an administrative cost on the Cisco 10000 series ESR, the remote user could not pass IP traffic. This problem has been fixed.

CSCdw04680 and CSCdx15208

Previously, if you modified vpdn-group parameters while the sessions were authenticating, traceback messages appeared on the console. This problem has been fixed.

CSCdw30235 and CSCdx01967

In the past, on a Cisco 10000 series ESR with 16,000 PPPoA sessions on an OC-12 line card or 8,000 PPPoA sessions on an OC-3 line card, if you entered the hw-module slot slot shutdown command followed by the show memory summary command, the router reloaded unexpectedly. This problem has been fixed.

CSCdw44545 and CSCdw94378

Previously, under rare circumstances, PXF errors could cause sessions to disconnect. This problem has been fixed.

CSCdw45491

In the past, if you configured RADIUS user profiles with an ip route VSA containing VRF information, the route was parsed incorrectly. When the route was applied, the call disconnected. This problem has been fixed.

CSCdw49876

Previously, if the Cisco 10000 series ESR was configured for PPPoA and PPPoE with IP QoS, the interface counters displayed by the show policy-map command could not be cleared. This problem has been fixed.

CSCdw58162 and CSCdx42698

Previously, in a laboratory test, with 32K static routes configured, and with several thousand PPP sessions experiencing time-outs and retries, the I/O memory of the router became exhausted and the router became unstable. This problem has been fixed.

CSCdw65016 and CSCdx10762

In the past, if you added the range pvc command on a point-to-point sub-interface, traceback and PVC creation fail messages appeared on the console. This problem has been fixed.

CSCdw65330 and CSCdw18198

Previously, if you changed the service policy under a virtual template with 8,000 PPPoA sessions configured, the Cisco 10000 ESR reloaded unexpectedly. This problem has been fixed.

CSCdw67644

In the past, if you cleared a high number of PPPoE sessions (for example, 16K or more) on an OC-12 line card, the line card could stop functioning correctly. This problem has been fixed.

CSCdw79914

Previously, RADIUS attribute 1 (username) was sent two times in the RADIUS accounting stop. This problem has been fixed.

CSCdw91358

In the past, if you changed the number of PPPoE max-sessions on one VLAN sub-interface, the values for max-sessions changed on all VLAN sub-interfaces that had the same vlan id. This occurred even though they were on different physical interfaces. This problem has been fixed.

CSCdx23755

Previously, If you had RADIUS accounting configured and enabled on the Cisco 10000 series ESR, the RADIUS accounting records did not display the number of input and output packets passed by PPPoX sessions. This problem has been fixed.

Other Caveats

This section includes caveats listed in previous release notes that are regarded as resolved because they are unreproducible or do not affect the behavior of the Cisco 10000 series ESR. In the event a caveat listed in this section causes problems, please contact Cisco customer service.

CSCdw06215

Previously, it was reported that if you used the pvc range command, the aggregate Sustainable Cell Rate (SCR) could exceed the bandwidth of the interface. We have been unable to reproduce this problem.

CSCdw14567

Previously, it was reported that if you removed the pvc range command from your configuration, the following traceback message appeared: 

%GENERAL-3-EREVENT: No vc_info for pppoa vccimap indexing

We have been unable to reproduce this problem.

CSCdw49627

Previously, it was reported that Write erase did not remove old database information from the fast ethernet interface, and pings to the new address assigned to the FE interface failed. We have been unable to reproduce this problem.

CSCdw56128

Previously, it was reported that scaling to higher numbers of PPPoA sessions caused a memory leak. We have been unable to reproduce this problem.

CSCdw57245

Previously, it was reported that while reloading the Cisco 10000 series ESR, the following error message appeared on the console: 

RADIUS-3-NOSERVERS: No Radius hosts configured.

Then, after attempting to start 20 PPPoE sessions from a Cisco 7200 (PPPoE client), the following messages appeared on the Cisco 10000 series ESR console and were continuously added to the system log: 

00:02:21: %RADIUS-3-ALLDEADSERVER: Group coopnet.or.jp: No active radius 

servers

found. Id 28.

router#

00:02:57: %RADIUS-6-SERVERALIVE: Group coopnet.or.jp: Radius server 

10.10.10.1

We have been unable to reproduce this problem.

CSCdw62173

Previously, it was reported that while bringing up PPPoE sessions into a VRF instance, assertion failure messages related to the virtual line appeared occasionally in the console. We have been unable to reproduce this problem.

CSCdw63282

Previously, it was reported that when the Cisco 10000 series ESR was configured with a remote access MPLS topology (with 32,000 PPPoA sessions configured and established), a smartbit started generating traffic to 16,000 of the PPPoA sessions and the toaster crashed on the PE. We have been unable to reproduce this problem.

Obtaining Documentation

The following sections provide sources for obtaining documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at the following sites:

http://www.cisco.com

http://www-china.cisco.com

http://www-europe.cisco.com

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.

Ordering Documentation

Cisco documentation is available in the following ways:

Registered Cisco Direct Customers can order Cisco Product documentation from the Networking Products MarketPlace:

http://www.cisco.com/cgi-bin/order/order_root.pl

Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

http://www.cisco.com/go/subscription

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, in North America, by calling 800 553-NETS (6387).

Documentation Feedback

If you are reading Cisco product documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.

You can e-mail your comments to bug-doc@cisco.com.

To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:

Attn. Document Resource Connection
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For Cisco.com registered users, additional troubleshooting tools are available from the TAC website.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.

Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online technical support, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.

Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.

To access Cisco.com, go to the following website:

http://www.cisco.com

Technical Assistance Center

The Cisco TAC website is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.

Contacting TAC by Using the Cisco TAC Website

If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to the TAC website:

http://www.cisco.com/tac

P3 and P4 level problems are defined as follows:

P3—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

P4—You need information or assistance on Cisco product capabilities, product installation, or basic product configuration.

In each of the above cases, use the Cisco TAC website to quickly find answers to your questions.

To register for Cisco.com, go to the following website:

http://www.cisco.com/register/

If you cannot resolve your technical issue by using the TAC online resources, Cisco.com registered users can open a case online by using the TAC Case Open tool at the following website:

http://www.cisco.com/tac/caseopen

Contacting TAC by Telephone

If you have a priority level 1 (P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following website:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

P1 and P2 level problems are defined as follows:

P1—Your production network is down, causing a critical impact to business operations if service is not restored quickly. No workaround is available.

P2—Your production network is severely degraded, affecting significant aspects of your business operations. No workaround is available.

CCIP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, Networking Academy, ScriptShare, SMARTnet, TransPath, and Voice LAN are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All That's Possible, The Fastest Way to Increase Your Internet Quotient, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, Internet Quotient, IOS, IP/TV, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.

All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0208R)

Copyright © 2002, Cisco Systems, Inc.
All rights reserved.