Downloads |
Table Of Contents
New Features in Cisco IOS Release 12.2(1)DX
New Hardware Features in Cisco IOS Release 12.2(1)DX
New Software Features in Cisco IOS Release 12.2(1)DX
Quality of Service Features for Parallel Express Forwarding (PXF)
Virtual Private Dial-up Network Extended Fail-over Conditions
Product Bulletin - No. 1379
Cisco IOS
X-Release 12.2DX
This Product Bulletin describes the content and delivery information concerning Cisco IOSTM software release 12.2DX. It should be used in conjunction with Product Bulletin titled, Cisco IOS Software Release 12.2T. 12.2DX is a short lived Early Deployment (ED) release parented to 12.2(1)DD and supporting Cisco 7200 and 7400 Series platforms. This release contains all new features delivered in 12.2T and 12.2DD up to 12.2(1)T and 12.2(1)DD respectively.
The platform and features delivered in 12.2DX will be immediately incorporated into Cisco IOS 12.2(1)DD and subsequent Cisco IOS 12.2DD releases.
New Features in Cisco IOS Release 12.2(1)DX
The following features will be delivered in the initial release of 12.2(1)DX.
Table 1 Cisco IOS Release 12.2(1)DX New Features
Please see the next section for documents that address details on these new features. Any ED release of software should be utilized first in a test network before being deployed in a production network.
New Hardware Features in Cisco IOS Release 12.2(1)DX
The following new hardware features are supported by the Cisco 7200 and 7400 Series platforms for Cisco IOS Release 12.2(1)DX:
Cisco 7400
The Cisco 7400 delivers exceptional price/performance to meet the requirements of both enterprise and service providers. With its combination of scalable performance, density, and low per-port pricing, the Cisco 7400 allows network-layer capabilities to be extended to a much wider range of network configurations and environments. Customers can now gain the advantages of high-performance network-layer switching and services, including security, QoS, and traffic management to more locations throughout the network.
•
Form Factor (Stackable 1 rack unit, low power (under 50W), front to back airflow)
•
•
•
•
•
The Cisco 7400 delivers the full suite of Cisco IOS software services for managing network security, allocating QoS among applications or users, and providing value-added services such as NetFlow accounting and encryption. QoS applications such as committed access rate (CAR), Weighted Random Early Detection (WRED), and Weighted Fair Queuing (WFQ) can be flexibly applied to provide precedence across IP addresses, applications, or specific users with a high level of granularity.
The Cisco 7400 offers scalable density with a very wide range of interfaces including:
•
•
•
•
The Cisco 7400 uses the same port adapters as the Cisco 7200 Versatile Interface Processor (VIP), thus protecting customer investment in interfaces and simplifying sparing.
The Cisco 7400 sets new standards in price/performance/ rack density, meeting requirements for high-performance Layer 3 services at an affordable price. The NSE-1 engine powers the Cisco 7400. Network Services Engine (NSE-1) takes advantage of parallel processing in order to offer unprecedented price/performance. NSE-1 delivers wire rate OC3 throughput while running concurrent high-touch WAN edge services. It is the first Cisco processing engine to offer integrated hardware acceleration increasing Cisco 7400 system performance by 50-300% for combined "high touch" edge services. NSE-1 takes advantage of a new technology called Parallel eXpress Forwarding (PXF).
For more information on PXF processing on the Cisco 7400 Series, refer to
http://www.cisco.com/warp/public/cc/pd/ifaa/prossor/nse1/
PA-2FE
The PA-2FE provides two 10/100-Mbps, 10/100BaseT Fast Ethernet/Inter-Switch Link (ISL) interfaces and supports both full-duplex and half-duplex operation. The PA-2FE comes in two models, the PA-2FE-TX and the PA-2FE-FX).
Each Fast Ethernet port on the PA-2FE-TX has an RJ-45 connector to attach to Category 5 unshielded twisted-pair (UTP) cable for 100BaseTX. Each Fast Ethernet port on the PA-2FE-FX has an SC-type fiber-optic connector for 100BaseFX.
PA-8PRI
The multichannel E1/PRI port adapters (PA-MC-2E1 and PA-MC-8E) integrate data service unit (DSU) functionality and E1 channel support into the Cisco router. The PA-MC-2E1 or PA-MC-8E1 port adapter provides two or eight independent E1 (120-ohm) connections via RJ-48C connectors. (See Figure 1-1 and Figure 1-2.) The PA-MC-8E1 port adapter can provide up to 128 separate full-duplex High-Level Data Link Control (HDLC) channelized E1, fractional E1, full E1, or unframed E1 interfaces and the PA-MC-2E1 port adapter can provide up to 62 separate full-duplex HDLC channelized E1, fractional E1, full E1, or unframed E1 interfaces.
New Software Features in Cisco IOS Release 12.2(1)DX
The following new software features are supported by theCisco 7200 and 7400 Series platform for Cisco IOS Release 12.2(1)DX.
Per VRF AAA
Using the Per VRF AAA feature Internet Service Providers (ISPs) can partition authentication, authorization, and accounting (AAA) services based on Virtual Route Forwarding (VRF). This permits the Virtual Home Gateway (VHG) to communicate directly with the customer RADIUS server associated with the customer VPN, without having to go through a RADIUS proxy. Thus, ISPs can scale their VPN offerings more efficiently because they no longer need to proxy AAA to provide their customers the flexibility demanded.
To support per VRF AAA, AAA must be VRF aware. ISPs must be able to define multiple instances of the same operational parameters—such as AAA server groups, method lists, system accounting, and protocol specific parameters—and secure the parameters to the VRF partitions.
If an AAA configuration, such as a method list, is uniquely defined many times across the network access server (NAS), the specification of the AAA server, which is based on IP addresses and port numbers, may create an overlapping of private addresses between VRFs. Securing AAA method lists to a VRF can be accomplished from one or more of the following sources:
Virtual Template—used as a generic interface configuration
Service Provider AAA server—used to associate a remote user with a specific VPN based on the domain name or DNIS. The server then provides the VPN-specific configuration for the virtual access interface, which includes the IP address and port number of the customer's AAA server.
Customer VPN AAA server—used to authenticate the remote user and to provide user-specific configurations for the virtual access interface.
Global AAA accounting configurations and some AAA protocol-specific parameters cannot be logically grouped under the Virtual Template configuration.
PPPoE over Gigabit Ethernet
The PPPoE over Gigabit Ethernet feature enhances PPP over Ethernet (PPPoE) functionality by adding support for PPPoE and PPPoE over IEEE 802.1Q VLANs on Gigabit Ethernet interfaces. The PPPoE over Gigabit Ethernet feature is supported on Cisco 7200 series routers with Gigabit Ethernet line cards.
PPPoE Session Limit
The PPPoE Session Limit feature enables you to limit the number of PPPoE sessions that can be created on a router or on an ATM PVC, PVC range, or VC class.
Before the introduction of this feature, there was no way to limit the number of PPPoE sessions that could be created on a router. Not having a limit was potentially a problem because it was possible that the router could create so many PPPoE sessions that it would run out of memory.
To prevent the router from using too much memory for virtual access, the PPPoE Session Limit feature introduces a new command and a modification to an existing command that enable you to specify the maximum number of PPPoE sessions that can be created. The new pppoe limit max-sessions command limits the number of PPPoE sessions that can be created on the router. The modified pppoe max-sessions command limits the number of PPPoE sessions that can be created on an ATM PVC, PVC range, VC class, or Ethernet subinterface.
Quality of Service Features for Parallel Express Forwarding (PXF)
The Modular Quality of Service Command-Line Interface (Modular QoS CLI) and many of the associated class-based QoS features are now available on PXF.
The following class-based QoS features are being introduced for PXF:
•
•
•
•
•
•
The Committed Access Rate (CAR) feature configured to use an access list with rate-limiting policies (the access-list rate-limit command in interface configurationmode) is also now available on PXF. If you wish to rate-limit traffic without using an ACL, use the Modular QoS CLI to configure the Traffic Policing feature.
Because of the addition of the Modular QoS CLI, traditional WRED (the random-detect command in interface configuration mode) and Fair Queueing (the fair-queue command in interface configuration mode) are no longer configurable. If you would like to configure WRED or Fair Queueing, you can use the Modular QoS CLI to configure Class-Based WRED or Class-Based Weighted Fair Queueing on a per-class rather than a per-interface basis.
The Modular QoS CLI on PXF does not currently support the following match criteria that are available on other Modular QoS CLI-supported platforms:
•
•
•
•
•
•
•
For additional information on the Modular QoS CLI, see the Modular Quality of Service Command-Line Interface doc.
RADIUS Attribute Screening
The RADIUS Attribute Screening feature allows users to configure a list of "accept" or "reject" RADIUS attributes on the network access server (NAS) for purposes such as authorization or accounting.
If a NAS accepts and processes all RADIUS attributes received in an Access-Accept packet, unwanted attributes may be processed, creating a problem for wholesale providers who do not control their customers' authentication, authorization, and accounting (AAA) servers. For example, there may be attributes that specify services to which the customer has not subscribed, or there may be attributes that may degrade service for other wholesale dial users. The ability to configure the NAS to restrict the use of specific attributes has therefore become a requirement for many users.
The RADIUS Attribute Screening feature should be implemented in one of the following ways:
•
•
Virtual Private Dial-up Network Extended Fail-over Conditions
The Virtual Private Dial-up Network (VPDN) failover has been extended to occur in instances where the receiving node sends an error message to the transmitting node. Before this feature, the failover mechanism would only occur when the transmitting node did not receive a response from the receiving node.
This feature occurs automatically when failover is configured, so this feature has no new command. Failover is configured in the VPDN group by using the initiate-to command.
VPDN Group Session Limiting
Before the introduction of the VPDN Group Session Limiting feature, you could only globally limit the number of VPDN sessions on a router with limits applied equally to all VPDN groups. Using the VPDN Group session limiting feature, you can limit the number of VPDN sessions allowed per VPDN group. This feature is implemented with the introduction of the session-limit number command in VPDN configuration mode. VPDN group session limiting is applied after the global VPDN session limiting (which is configured via the vpdn session-limit session command in configuration mode) is enforced.
Product Numbers
Table 2 Cisco IOS 12.2(1)DX Feature Sets, Images, and Memory Recommendations
Cisco 7200 Series
Enterprise
S72A-12201DX
c7200-js-mz
16 MB
128 MB
Cisco 7400 Series
Enterprise
S74A-12201DX
c7400-js-mz
16 MB
128 MB
Download Information
Customers can download Cisco IOS Release12.2(1)DX software from Cisco Connection Online (CCO) in the Software Image Library.
http://www.cisco.com/public/sw-center/
Migration Path
It is important to note that there are no planned maintenance releases for 12.2DX. In addition, please note the migration path to the latest DD release. Customers should prepare to upgrade using this migration path.
