Cross Platform Release Notes for Cisco IOS Release 15.9(3)M
These release notes support Cisco IOS Release 15.9(3)M and describe new features and related documents.
Cisco IOS Release 15.9(3)M provides the latest innovations for the world’s most demanding networks and is designed to provide a unified network architecture that is stable, reliable, and secure. New features are fully integrated with extensive capabilities already available in Cisco IOS software to provide solutions for enterprise, service provider, and smart grid.
System Requirements
This section describes the system requirements for Cisco IOS Release 15.9(3)M and includes the following sections:
Supported Hardware Platforms
-
Cisco 800 and Cisco 800M series routers
-
Cisco 900 series routers
-
Cisco Analog Voice Gateways (VG202XM and VG204XM)
-
Cisco Connected Grid Router (CGR) 2000 series (CGR 2010)
-
Cisco Connected Grid Router (CGR) 1000 series (CGR1240,CGR1120)
-
Cisco Industrial Integrated Services Routers IR8XX (809,829,807)
For more information about the platforms supported in Cisco IOS Release 15.9(3)M, see the “Platform-Specific Information” section.
Determining Your Software Version
To determine the version of Cisco IOS software that is currently running on your Cisco network device, log in to the device and enter the show version user EXEC command:
Router> show version
Cisco Internetwork Operating System Software IOS (tm)
15.9 Software (c880data-universalk9-mz.), Version 15.9(3)M, RELEASE SOFTWARE
Upgrading to a new Release
MIBS
Field Notices and Software-Related Tools and Information
TroubleshootingUpgrading to a New Release
For information about selecting a new Cisco IOS software release, see How to Choose a Cisco IOS Software Release at the following URL:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1834/products_tech_note09186a00800fb9d9.shtml
For information about updating or upgrading Cisco IOS software, see How to Update/Upgrade Cisco IOS Software at the following URL:
Platform-specific documents may also provide information about upgrading to a new software release:
-
Cisco 800 Series Industrial Integrated Services Routers: http://www-author.cisco.com/c/en/us/support/routers/800-series-industrial-routers/products-installation-guides-list.html
-
Cisco 800 series routers:http://www.cisco.com/en/US/products/hw/routers/ps380/prod_installation_guides_list.html
-
Cisco IR 800 series routers: https://www.cisco.com/c/en/us/support/routers/800-series-industrial-routers/products-installation-guides-list.html
https://www.cisco.com/c/en/us/td/docs/routers/access/800/829/15-9-3M-Release-Note.htm
-
Cisco 900 Integrated Services Routershttps://www.cisco.com/c/en/us/td/docs/routers/access/900/hardware/installation/guide/b-cisco-ISR900-series-hig.html
-
Cisco 1000 CGR series routers http://www.cisco.com/c/en/us/support/routers/1000-series-connected-grid-routers/products-installation-and-configuration-guides-list.html
https://www.cisco.com/c/en/us/td/docs/routers/access/800/829/15-9-3M-Release-Note.htm
-
Cisco 2000 CGR series routers:http://www.cisco.com/en/US/products/ps10977/prod_installation_guides_list.html
https://www.cisco.com/c/en/us/td/docs/routers/access/800/829/15-9-3M-Release-Note.htm
-
Cisco 2900 and 3900 series routers: http://www.cisco.com/en/US/docs/routers/access/2900/hardware/installation/guide/Hardware_Installation_Guide.html
-
Cisco 5900 Embedded Services Routers: http://www.cisco.com/c/en/us/support/routers/5900-series-embedded-services-routers/products-installation-guides-list.html
-
Cisco VG202XM and Cisco VG204XM Voice Gateways: http://www.cisco.com/en/US/docs/routers/access/vg202_vg204/hardware/vg2_vg4hw.html
For instructions on ordering a Cisco IOS upgrade, see the document at the following location: http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/957_pp.html.
To choose a new Cisco IOS software release by comparing feature support or memory requirements, use Cisco Feature Navigator. Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or by feature set (software image). Under the release section, you can compare Cisco IOS software releases side by side to display both the features unique to each software release and the features that the releases have in common.
To choose a new Cisco IOS software release based on information about defects that affect that software, use Bug Toolkit at the following URL: http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl.
MIBs
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:
http://tools.cisco.com/ITDIT/MIBS/servlet/index
If Cisco MIB Locator does not support the MIB information that you need, you can also obtain a list of supported MIBs and download MIBs from the Cisco MIBs page at the following URL:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:
Field Notices and Software-Related Tools and Information
We recommend that you view the field notices for this release to see if your software or hardware platforms are affected. You can find Field Notices at http://www.cisco.com/en/US/support/tsd_products_field_notice_summary.html.
Visit the Download Software page on Cisco.com to subscribe to Cisco software notifications, locate MIBs, access the Software Advisor, and find other Cisco software-related information and tools. Access the Download Software page at http://www.cisco.com/cisco/software/navigator.html?a=a&i=rpm.
Troubleshooting
The following documents and websites provide assistance with troubleshooting your Cisco hardware and software:
- Troubleshoot and Alerts Product or Technology Selection Page
http://www.cisco.com/cisco/web/psa/troubleshoot.html?mode=prod&level0=268437899
- Cisco 800 Series Routers Troubleshooting Guides
http://www.cisco.com/en/US/products/hw/routers/ps380/prod_troubleshooting_guides_list.html
- Cisco 1240 and 1120 Connected Grid Router Installation Guides
- Cisco 1600 Series Routers Hardware Troubleshooting Index Page
http://www.cisco.com/en/US/products/hw/routers/ps214/products_tech_note09186a008012fb88.shtml
- Troubleshooting Cisco 3900 Series, 2900 Series, and 1900 Series ISRs
http://www.cisco.com/en/US/docs/routers/access/2900/hardware/installation/guide/Trouble.html
- Cisco Unified Communications 500 Series Install and Upgrade Tech Notes
Cisco Error Message Decoder
http://www.cisco.com/pcgi-bin/Support/Errordecoder/index.cgi
- Cisco Support Community
Feature Support
Cisco IOS software is packaged in feature sets that consist of software images that support specific platforms. The feature sets available for a specific platform depend on which Cisco IOS software images are included in a release. Each feature set contains specific Cisco IOS features.
 Caution |
Cisco IOS images with strong encryption (including, but not limited to 168-bit [3DES] data encryption feature sets) are subject to U.S. government export controls and have limited distribution. Strong encryption images to be installed outside the United States are likely to require an export license. Customer orders may be denied or subject to delay because of U.S. government regulations. When applicable, the purchaser/user must obtain local import and use authorizations for all encryption strengths. Please contact your sales representative or distributor for more information, or send an e-mail to export@cisco.com. |
Cisco Feature Navigator
Feature-to-image mapping is available through Cisco Feature Navigator. Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or by feature set (software image). You can compare Cisco IOS software releases side-by-side to display both the features unique to each software release and the features that the releases have in common.
Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:
For help with Cisco Feature Navigator, see the help information at the following URL:
http://www.cisco.com/web/applicat/CFNTOOLS/Help_Docs/help/cfn_support.html
Determining the Software Images (Feature Sets) That Support a Specific Feature
To determine which software images (feature sets) in a Cisco IOS release support a specific feature, go to the Cisco Feature Navigator home page and perform the following steps.
SUMMARY STEPS
- From the Cisco Feature Navigator home page, click Research Features.
- Select your software type or leave the field as “All”.
- To find a feature, you can search by either Feature or Technology (select the appropriate button). If you select Search by Feature, you can further filter your search by using the Filter By text box.
- Choose a feature from the Available Features text box, and click the Add button to add the feature to the Selected Features text box.
- Click Continue when you are finished choosing features.
- In the Release/Platform Tree area, select either your release (from the Train-Release list) or your platform (from the Platform list).
- The “Search Result” table will list all the software images (feature sets) that support the features that you chose.
DETAILED STEPS
|
Step 1 |
From the Cisco Feature Navigator home page, click Research Features. |
||
|
Step 2 |
Select your software type or leave the field as “All”. |
||
|
Step 3 |
To find a feature, you can search by either Feature or Technology (select the appropriate button). If you select Search by Feature, you can further filter your search by using the Filter By text box. |
||
|
Step 4 |
Choose a feature from the Available Features text box, and click the Add button to add the feature to the Selected Features text box.
Repeat this step to add features. A maximum of 20 features can be chosen for a single search. |
||
|
Step 5 |
Click Continue when you are finished choosing features. |
||
|
Step 6 |
In the Release/Platform Tree area, select either your release (from the Train-Release list) or your platform (from the Platform list). |
||
|
Step 7 |
The “Search Result” table will list all the software images (feature sets) that support the features that you chose.
|
Determining the Features Supported in a Specific Software Image (Feature Set)
To determine which features are supported in a specific software image (feature set), go to the Cisco Feature Navigator home page and perform the following steps.
SUMMARY STEPS
- From the Cisco Feature Navigator home page, click Research Software.
- Select your software type from the drop-down list and chose the Release button in the “Search By” area.
- From the Major Release drop-down list, chose the appropriate major release.
- From the Release drop-down list, choose the appropriate maintenance release.
- From the Platform drop-down list, choose the appropriate hardware platform.
- From the Feature Set drop-down list, choose the appropriate feature set. The Image Details area will provide details on the specific image. The Available Features area will list all the features that are supported by the feature set (software image) that you chose.
DETAILED STEPS
|
Step 1 |
From the Cisco Feature Navigator home page, click Research Software. |
||
|
Step 2 |
Select your software type from the drop-down list and chose the Release button in the “Search By” area. |
||
|
Step 3 |
From the Major Release drop-down list, chose the appropriate major release. |
||
|
Step 4 |
From the Release drop-down list, choose the appropriate maintenance release. |
||
|
Step 5 |
From the Platform drop-down list, choose the appropriate hardware platform. |
||
|
Step 6 |
From the Feature Set drop-down list, choose the appropriate feature set. The Image Details area will provide details on the specific image. The Available Features area will list all the features that are supported by the feature set (software image) that you chose.
|
Memory Recommendations
To determine memory recommendations for software images (feature sets) in your Cisco IOS release, go to the Cisco Feature Navigator home page and perform the following steps.
SUMMARY STEPS
- From the Cisco Feature Navigator home page, click Research Software.
- Select your software type from the drop-down list and choose the Release button in the “Search By” area.
- From the Major Release drop-down list, choose the appropriate major release.
- From the Release drop-down list, choose the appropriate maintenance release.
- From the Platform drop-down list, choose the appropriate hardware platform.
- From the Feature Set drop-down list, choose the appropriate feature set.
- The Image Details area will provide details on the specific image including the DRAM and flash memory recommendations for each image. The Available Features area will list all the features that are supported by the feature set (software image) that you chose.
DETAILED STEPS
|
Step 1 |
From the Cisco Feature Navigator home page, click Research Software. |
|
Step 2 |
Select your software type from the drop-down list and choose the Release button in the “Search By” area. |
|
Step 3 |
From the Major Release drop-down list, choose the appropriate major release. |
|
Step 4 |
From the Release drop-down list, choose the appropriate maintenance release. |
|
Step 5 |
From the Platform drop-down list, choose the appropriate hardware platform. |
|
Step 6 |
From the Feature Set drop-down list, choose the appropriate feature set. |
|
Step 7 |
The Image Details area will provide details on the specific image including the DRAM and flash memory recommendations for each image. The Available Features area will list all the features that are supported by the feature set (software image) that you chose. |
Features and Important Notes
These release notes describe the following topics:
New and Changed Information
Important Notes
-
The H.323 functionality is not supported from Cisco IOS 15.7(3)M onwards. This might potentially have an impact on the NAT H.323 ALG functionality. Note that Cisco technical support will not be available for any NAT H.323 ALG issues related to this change. If you are impacted by this change, we recommend that you consider Session Initiation Protocol (SIP) as an alternative solution.
New Hardware Features Supported in Cisco IOS Release 15.9(3)M
There are no new hardware features supported in this release.
New Software Features Supported in Cisco IOS Release 15.9(3)M
There are no new software features supported in this release.
Bugs for Cisco IOS Release 15.9(3)M
Open and Resolved Bugs
The open and resolved bugs for this release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about bugs and vulnerabilities in this product and other Cisco hardware and software products.
Within the Cisco Bug Search Tool, each bug is given a unique identifier (ID) with a pattern of CSCxxNNNNN, where x is any letter (a-z) and N is any number (0-9). The bug IDs are frequently referenced in Cisco documentation, such as Security Advisories, Field Notices and other Cisco support documents. Technical Assistance Center (TAC) engineers or other Cisco staff can also provide you with the ID for a specific bug.
You can save searches that you perform frequently. You can also bookmark the URL for a search and email the URL for those search results.
 Note |
If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential. |
Using the Bug Search Tool
The Cisco Bug Search Tool enables you to filter the bugs so that you only see those in which you are interested. In addition to being able to search for a specific bug ID, or for all bugs in a product and release, you can filter the open and/or resolved bugs by one or more of the following criteria:
- Last modified date
- Status, such as fixed (resolved) or open
- Severity
- Support cases
For more information about how to use the Cisco Bug Search Tool, including how to set email alerts for bugs and to save bugs and searches, see Bug Search Tool Help & FAQ.
Note |
You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. if you do not have one, you can register for an account. |
To use the Cisco Bug Search Tool:
- In your browser, navigate to the Cisco Bug Search Tool.
- If you are redirected to a Log In page, enter your registered Cisco.com username and password and then, click Log In.
- To search for a specific bug, enter the bug ID in the Search For field and press Enter.
- To search for bugs related to a
specific software release, do the following:
- In the Product field, choose Series/Model from the drop-down list and then enter the product name in the text field. If you begin to type the product name, the Cisco Bug Search Tool provides you with a drop-down list of the top ten matches. If you do not see this product listed, continue typing to narrow the search results.
- In the Releases field, enter the release for which you want to see bugs.
The Cisco Bug Search Tool displays a preview of the results of your search below your search criteria. You can mouse over bugs to see more content about a specific bug.
To see more content about a specific bug, you can do the following:
-
Mouse over a bug in the preview to display a pop-up with more information about that bug.
-
Click on the hyperlinked bug headline to open a page with the detailed bug information.
-
To restrict the results of a search, choose from one or more of the following filters:
Filter
Description
Modified Date
A predefined date range, such as last week or last six months.
Status
A specific type of bug, such as open or fixed.
Severity
The bug severity level as defined by Cisco. For definitions of the bug severity levels, see Bug Search Tool Help & FAQ
Rating
The rating assigned to the bug by users of the Cisco Bug Search Tool.
Support Cases
Whether a support case has been opened or not.
Your search results update when you choose a filter.
Resolved Bugs—Cisco IOS Release 15.9(3)M10
|
Caveat ID Number |
Description |
|---|---|
|
c900: Unexpected reload while using telnet with NAT overload configured. |
|
|
Porting SCADA fixes from IOS-XE to Classic IOS (IR8x9). |
|
|
BBUs In CGR running 15.9(3)M5 showing 4 instead of 3 BBUs. |
|
|
"tx-ring-limit 240" is configured as default when QOS is applied under an interface. |
|
|
BBUs in CGR running 15.9(3)M5 showing 4 instead of 3 BBUs. |
|
|
C888 VRRP IP address not reachable for some VRRP ID or backup. |
|
|
Cisco IOS and IOS XE software SNMP extended named Access Control List bypass vulnerability. |
Open Bugs—Cisco IOS Release 15.9(3)M10
|
Caveat ID Number |
Description |
|---|---|
|
C921 dead memory leak on SSH process. |
|
|
TACACS type 6 encrypted keys lost on bootup when AES key not configured. |
Resolved Bugs—Cisco IOS Release 15.9(3)M9
|
Caveat ID Number |
Description |
|---|---|
|
Traps are not sent when temperature returns to the normal range. |
|
|
CWMP is unexpectedly triggering DHCP discovery on the router every CWMP process run. |
|
|
Cellular modem is getting rebooted constantly. |
Open Bugs—Cisco IOS Release 15.9(3)M9
|
Caveat ID Number |
Description |
|---|---|
|
Unexpected reload while using telnet with NAT overload configured. |
|
|
tx-ring-limit 240 is configured as default when QOS is applied under an interface. |
|
|
VRF aware reverse DNS lookup is not working. |
Resolved Bugs—Cisco IOS Release 15.9(3)M8
|
Caveat ID Number |
Description |
|---|---|
|
PnP reset will erase the BOOT variable if images present on flash:/managed/images. |
|
|
IOS upgrade causes modem to reset resulting in a crash. |
|
|
C900 crypto policer causes low TCP throughput over VPN. |
|
|
BGP VPNv4 MPLS over DMVPN does not work - Address family VPNv4 unicast capability not accepted. |
|
|
Ignition off-timer values gets auto changed to random values. |
Open Bugs—Cisco IOS Release 15.9(3)M8
|
Caveat ID Number |
Description |
|---|---|
|
VRF aware reverse DNS lookup not working. |
|
|
Whenever acct-terminate-cause is 24 the duplicate set of traffic counts is sent as 0. |
Open Bugs—Cisco IOS Release 15.9(3)M7
|
Caveat ID Number |
Description |
|---|---|
|
Whenever Acct-terminate-cause is 24 the duplicate set of traffic counts is sent as 0. |
|
|
VRF aware reverse DNS lookup not working. |
|
|
IOS allows RC4-MD5 and RC4-SHA1 SSL ciphers to be negotiated by default. |
Resolved Bugs—Cisco IOS Release 15.9(3)M7
|
Caveat ID Number |
Description |
|---|---|
|
CGR2010 crashes when issuing the command 'sh interface transceiver'. |
|
|
Issue with automatic tcp-mss configuration based on negotiated MTU. |
|
|
Persistently high CPU seen with IR809 upgrade with FND using patch option enabled. |
|
|
C927 Controller going down when using port-tagging. |
|
|
Nat outside local ip address disappears in "show ip arp" when pppoe reconnection. |
|
|
IOS device crashes after issuing the command "logging persistent". |
|
|
C927 drops packets with MTU size > 1500. |
|
|
CGR2010 crashes when issuing the command 'sh interface transceiver' with port-channel. |
Resolved Bugs—Cisco IOS Release 15.9(3)M6
|
Caveat ID Number |
Description |
|---|---|
|
CWMP : Port mapping does not add VRF name to NAT rule. |
|
|
Low flash error when CGR has plenty of space. |
|
|
DNS servers learned via DHCP with interface in VRF do not get associated with VRF. |
|
|
Dialer callback cannot trigger on device. |
|
|
Configure replace crashes device with unexpected exception to CPU. |
|
|
Device- STP fails to register BPDU and block the ports creating broadcast storm. |
|
|
SNMP OID for SINR giving wrong (static) value of zero |
|
|
DHCPv6: Memory allocation of DHCPv6 relay option results in crash. |
|
|
Rollback (config replace) failed for non default line vty configurations on classic IOS device. |
|
|
Lack of MAC address in inform event message. |
|
|
Backoff algorithm not working as expected with dual stack for reject code 33. |
Open Bugs—Cisco IOS Release 15.9(3)M6
|
Caveat ID Number |
Description |
|---|---|
|
Router STP fails to register BPDU and block the ports creating broadcast storm. |
|
|
VRF aware reverse DNS lookup not working. |
|
|
IOS device crashes after issuing the command logging persistent. |
|
|
Device controller going down when using port-tagging. |
|
|
Secret sent in clear-text via TACACS+ command accounting/authorization with algorithm hashing config. |
|
|
Whenever acct-terminate-cause is 24 the duplicate set of traffic counts is sent as 0. |
Resolved Bugs—Cisco IOS Release 15.9(3)M6
|
Caveat ID Number |
Description |
|---|---|
|
CWMP : Port mapping does not add VRF name to NAT rule. |
|
|
Low flash error when CGR has plenty of space. |
|
|
DNS servers learned via DHCP with interface in VRF do not get associated with VRF. |
|
|
Dialer callback cannot trigger on device. |
|
|
Configure replace crashes device with unexpected exception to CPU. |
|
|
Device- STP fails to register BPDU and block the ports creating broadcast storm. |
|
|
SNMP OID for SINR giving wrong (static) value of zero |
|
|
DHCPv6: Memory allocation of DHCPv6 relay option results in crash. |
|
|
Rollback (config replace) failed for non default line vty configurations on classic IOS device. |
|
|
Lack of MAC address in inform event message. |
|
|
Backoff algorithm not working as expected with dual stack for reject code 33. |
Open Bugs—Cisco IOS Release 15.9(3)M5
|
Caveat ID Number |
Description |
|---|---|
|
CCP shows loading or 404 Not Found when using IOS 15.9.3M2 |
|
|
UDP Checksum could not be disabled for IPV4 packets on ISR4000 routers |
|
|
IR829- STP fails to register BPDU and block the ports creating broadcast storm |
|
|
VRF aware reverse DNS lookup not working |
|
|
CGR1120 port flaps seen |
|
|
CUBE media issue with signaling forking for disable-early-media 180 |
|
|
Secret sent in clear-text via TACACS+ command accounting/authorization with algorithm hashing config |
|
|
Whenever Acct-terminate-cause is 24 the duplicate set of traffic counts is sent as 0. |
|
|
IOS allows RC4-MD5 and RC4-SHA1 SSL ciphers to be negotiated by default |
Resolved Bugs—Cisco IOS Release 15.9(3)M5
|
Caveat ID Number |
Description |
|---|---|
|
Flow Record shows not configured even defined flow monitor |
|
|
HSRP standby switch unable to reach the VIP |
|
|
C921J-4P restart because of bus error |
|
|
[IR829]: Disabling dot1x command “authentication port-control force-auth” there is no MAC learned |
|
|
Incorrect temp from MCU causing false over temp alerts |
|
|
C9K - Encrypted preshared key not set when configured through PnP service |
|
|
during stateful ipsec failover, the standby node is crashing when becoming active |
|
|
c900 Series 'storm-control shutdown' unexpectedly configured on the interface after "clear counters" |
|
|
Crash due to DNS server |
Open Bugs—Cisco IOS Release 15.9(3)M4
|
Caveat ID Number |
Description |
|---|---|
|
IOS allows RC4-MD5 and RC4-SHA1 SSL ciphers to be negotiated by default |
|
|
NHRP should register network CIEs as part of registration |
|
|
VRF aware reverse DNS lookup not working |
|
|
Whenever Acct-terminate-cause is 24 the duplicate set of traffic counts is sent as 0 |
|
|
show crypto pki server shows wrong expire certificate date |
|
|
CCP shows loading or 404 Not Found when using IOS 15.9.3M2 |
|
|
CUBE media issue with signaling forking for disable-early-media 180 |
|
|
Secret sent in clear-text via TACACS+ command accounting/authorization with algorithm hashing config |
|
|
UDP Checksum could not be disabled for IPV4 packets on ISR4k routers |
|
|
On C5921, tunnel MTU not getting dynamically changed as per PMTUD process |
|
|
CISCO1921-SEC/K9 || Router crashing frequently |
|
|
4G LTE: IPV6 profile is not active after a modem reset |
|
|
during stateful ipsec failover, the standby node is crashing when becoming active |
|
|
C921J-4P restart because of bus error |
|
|
IOS Router cannot assign IP to Tunnel interface using DHCP Tunnel Support feature |
|
|
Thinks registered but FND still thinks it is configuring. Fails config DL |
|
|
Last reload reason: VDS communication failure |
Resolved Bugs—Cisco IOS Release 15.9(3)M4
|
Caveat ID Number |
Description |
|---|---|
|
Mishandling of dsmpSession pointer causes a crash |
|
|
Upon successful login, the network device must notify the administrator |
|
|
Router running IOS might have a crash with EEM and QoS configuration |
|
|
RootCA intermittently does not grant SubCA renewal request even with grant auto roll ca-cert |
|
|
AnyConnect fails to reconnect when original session expires |
|
|
Dynamic neighbor does not form when peer-group is shutdown in different vrf |
|
|
BGP: advertised community list is malformed due to GSHUT community |
|
|
WPAN interface missing |
|
|
Router hangs and reload with reload reason: error - FPGA IOS watchdog timer expired |
|
|
[CGR1K ]: TAM/ACT2 Write Object Corruption (WPAN and IOS GTK keys mismatch) |
|
|
C888 VRRP IP address not reachable for some VRRP ID |
|
|
DNS info received via Cellular link in VRF goes into default DNS view instead VRF Specific DNS view |
|
|
Log option cannot remove at 2nd time by override existing entry |
|
|
[SHELL:] Rx side changes Tracking Bug for Commit |
|
|
Cisco IOx Application Environment Path Traversal Vulnerability |
|
|
Evaluation of all for OpenSSL March 2021 vulnerabilities |
|
|
Communication by SVI does not recover even after the loop is resolved. |
|
|
[CGR1K]: Status of ACTd component stuck in Deployed state |
|
|
CGR 1xxx ciscoEnvMonSupplyState SNMP object returns Warning when DC supply is less than 12 volts |
|
|
Port status looped as listening - learning - blocking with enabled STP on C921J router |
Resolved Bugs—Cisco IOS Release 15.9(3)M3
|
Caveat ID Number |
Description |
|---|---|
|
CUBE fails to send outgoing SUBSCRIBE if egress dial-peer has session server-group configured |
|
|
VoIP Dial-peer up/down traps sent to SNMP server every interval |
|
|
CUBE - SDP version increment behavior creates cypto interworking issues |
|
|
SDP version was incremented due to misplace of PT 100 |
|
|
IOS router crashes with Crypto PAKs unavailable error from crypto engine |
|
|
Reflexive ACL does not work on PATed packets in specific situation on IOS 15.7(3)M4a |
|
|
MWI does not work for all shared lines |
|
|
Unexpected reboot observed while trying to relay the digit to opposite leg |
|
|
Traceback seen after show cellular on CGR |
|
|
AP 860VAE-W GUI does not reflect changes in WLAN Configuration |
|
|
After upgade to 15.9-3M1, GOS is using secondary IP on svcbr_0 for NAT |
|
|
Unexpected Reload after running show voice dsp command while an ISDN Call Disconnects |
|
|
Unexpected reload during a SIP call |
|
|
15.2(7)E2: PnP process hangs after rollback triggered |
|
|
RTP port leak |
|
|
CUBE accepts SDP with invalid port number |
|
|
Empty VoiceXML Property Value breaks Audio even when validating syntax success |
|
|
Traceback: Unexpected reload after IOS Zone-based Firewall configuration |
|
|
TACACS not working if TACACS group server has server-private <ip> key <passw> in 15.2(7)E3/3.11.3E |
|
|
PKI http client fails to handle 1xx and 2xx responses |
|
|
HSRP group id 11 can't create virtual MAC |
|
|
Cisco 3900 ISR fails to reset ROC on receiving new SDP parameters in SRTP hold/resume after 15 minutes |
Open Bugs—Cisco IOS Release 15.9(3)M3
|
Caveat ID Number |
Description |
|---|---|
|
IOS allows RC4-MD5 and RC4-SHA1 SSL ciphers to be negotiated by default |
|
|
NHRP should register network CIEs as part of registration |
|
|
VRF aware reverse DNS lookup not working |
|
|
Whenever Acct-terminate-cause is 24 the duplicate set of traffic counts is sent as 0 |
|
|
IR-829 h-QOS NULL pointer deference causing a crash |
|
|
CCP shows loading or 404 Not Found when using IOS 15.9.3M3 |
|
|
BGP: advertised community list is malformed due to GSHUT community |
|
|
CUBE media issue with signaling forking for "disable-early-media 180" |
|
|
NAT stopped working with multicast |
|
|
IR807: GPS module does not acquire coordinates after reload (instable state SWI) |
|
|
Secret sent in clear-text via TACACS+ command accounting/authorization with algorithm hashing config |
|
|
Router hangs and reload with reload reason: error - FPGA IOS watchdog timer expired |
|
|
[CGR1K ]: TAM/ACT2 Write Object Corruption (WPAN and IOS GTK keys mismatch) |
|
|
DNS info received via Cellular link in VRF goes into default DNS view instead VRF Specific DNS view |
|
|
Log option cannot remove at 2nd time by override existing entry |
|
|
Login prompt comes up when try to telnet even if access denied by access-class |
|
|
CTS credential password will be added to local keystore even if the password is longer than 24 char |
Resolved Bugs—Cisco IOS Release 15.9(3)M2
|
Caveat ID Number |
Description |
|---|---|
|
5900 Series: Running config get cleared with random power cycles |
|
|
NTP crash with empty peer list |
|
|
Mwheel Chunk leak |
|
|
SNMP ENGINE high CPU usage observed with 1.3.6.1.2.1.185.1.1.1(mgmdHostInterfaceEntry) |
|
|
MPLSoFlexVPN: Hub doesn't forward resolution req when default route is advertised to spokes |
|
|
PfRv3: Crash while Printing the Same TCA Message |
|
|
BFD flaps everytime with dynamic tunnel creation in DMVPN |
|
|
DTMF renegotiation from RFC2833 to OOB does not work |
|
|
Crash caused by a “TLB Modification exception” after processing a null chunk in “IP Input” process. |
|
|
IOS-XE DHCP server creates option 125 with invalid format |
|
|
Crash at Process = SCCP Auto Config |
|
|
HTTP defaults to IPv6 even though IPv4 is also configured |
|
|
Router crashes after snmpget to OID related to NHRP |
|
|
Performance Monitor crash |
|
|
Recording failures with XMF media forking and SIP preservation timer |
|
|
Packet drop in vdsl controller pppoe stuck in PADISNT |
|
|
Router reload due to command “show control-plane host open-ports” |
|
|
Crash on “BGP Router” process |
|
|
Cat4K sends RA with incorrect packet format |
|
|
EIGRP hello packets sourced from the tunnel ip address even the EIGRP is not enabled on interface |
|
|
IR829: “lte event rssi onset mib-trap” is not recognized |
|
|
Reload when applying event manager policy to the router. |
|
|
NAT address is deleted from route table after FTP passive mode communication |
|
|
CUBE is not able to transfer the call |
|
|
RTP/SRTP interworking fails when 180 and 183 have different to-tag |
|
|
Router crashed when attempting to remove a nonexistent trustpoint from dspfarm profile |
|
|
491 returned on midcall INVITE when peer leg is not pending a request |
|
|
PKI CLI - no warning that rsakeypair name starting from 0 (zero) is not working for cert regenerate |
|
|
ISR4K Unexpectedly Reboots with CENT-BR-0 |
|
|
CLI parser unexpectedly interprets backslash with octal numbers |
|
|
AAA configurations are missing after reload. |
|
|
IPV4 Multicast packets are unexpectedly replicated to underlay interface of mGRE tunnels |
|
|
After firmware upgrade to version 15.9(3)M1 , AP is not booting |
|
|
CUBE does not accept channel ID for MRCPv2 |
|
|
C800 with multiple ‘main’ regions do not successfully write all cores via ‘exception core-file’ |
|
|
C3900e platform running 15.7(3)M4b experienced a crash - previous bug CSCur96943 |
|
|
[C891F/15.9(3)M1] DMVPN after removing IPSec, packet drops continues at tunnel int |
|
|
C927/C926 “show controller vdsl 0” hangs when MAC address is confogured on Eth 0 interface |
|
|
Evaluation of CVE-2020-11868 for IOS |
|
|
“Error in encoded data” is shown by ip nat command |
|
|
Memory leak in STUN/MallocLite on ISRG2 CUBE/SIP GW routers leading to memory exhaustion over time. |
|
|
C841-WIM-1T DTE does not raise RTS signal |
|
|
Deleting a Voice Port on CUCM Shuts Down Additional Voice Ports on MGCP Gateway |
|
|
SRTP key not updated to DSP on re-INVITE |
|
|
I/O Memory Leak With Tunnel Config |
|
|
FAC custom alias starting with #key stop working after IOS upgrade |
Open Bugs—Cisco IOS Release 15.9(3)M2
|
Caveat ID Number |
Description |
|---|---|
|
IOS allows RC4-MD5 and RC4-SHA1 SSL ciphers to be negotiated by default |
|
|
ISM-VPN: double counting of SNMP ifInOctets on sub-int with crypto map |
|
|
CUBE fails to send outgoing SUBSCRIBE if egress dial-peer has "session server-group" configured |
|
|
CUBE - SDP version increment behaviour creates cypto interworking issues |
|
|
VRF aware reverse DNS lookup not working |
|
|
SDP version was incremented due to misplace of PT 100 |
|
|
Whenever Acct-terminate-cause is 24 the duplicate set of traffic counts is sent as 0. |
|
|
IR-829 Crashing with EEM Script Triggered |
|
|
SIP phone paging party hears own voice |
|
|
IOS router crashes with Crypto PAK's unavailable error from crypto engine. |
|
|
Reflexive ACL does not work on PATed packets in specific situation on IOS 15.7(3)M4a. |
|
|
MWI does not work for all shared lines |
|
|
Crash observed while trying to relay the digit to opposite leg |
|
|
Traceback seen after show celluar on CGR |
|
|
WCCP ACL programming issue - denied traffic is redirected |
|
|
AP 860VAE-W GUI doesn't reflect changes in WLAN Configuration. |
|
|
Router is generating tracebacks after GM registration |
|
|
[CGR1240] : The WIFI Interface Line State is Incorrect when compared to FSM Status |
|
|
After upgade to 15.9-3M1, GOS is using secondary IP on svcbr_0 for NAT |
|
|
Unexpected reload during a SIP call |
|
|
Not able to boot 159-3.0o.M1 IOS on C867VAE-POE-W-A-K9 router |
Resolved Bugs—Cisco IOS Release 15.9(3)M1
|
Caveat ID Number |
Description |
|---|---|
|
IP TUNNELS: Overlapping Loopback Interface Causes Incorrect Forwarding Decision with AppNav and PfR |
|
|
SNMP SMALL CHUN memory leak seen on KS while getvpn scale testing 300 group 4800 gm |
|
|
config revert Rollback visible in console and locks up config from VTY |
|
|
Memory leak VOIP *MallocLite* |
|
|
Prefixes are stuck indefinitely in the BGP pending-prefixes list |
|
|
Crash in XDR process: "fib_rp_table_broker_encode_buf.size <= FIB_RP_TABLE_BROKER_ENC_BUF_SZ" |
|
|
CME/BE4K: Corrupted config file for Auto Registered IP Phones after reload |
|
|
C897VAW-E-K9 // 15.7(3)M1 // Unable to disable lldp |
|
|
Observing Memory leak at Sip MPA |
|
|
Tunnel PMTUD not being aged out after PMTUD ager timer expires |
|
|
QSIG - SIP - Connected Number Missing leading digit when decoding raw QSIG |
|
|
CUBE changing the payload for content sharing packets, though it negotiate correctly |
|
|
CUBE DNS SRV Query is not performed for PRACK |
|
|
spurious accesses are seen in show alignment output with BGP |
|
|
IR829 4G: Inserting antenna/SIM in SLOT1 disables IP connectivity on a working intf Cell 0/0 |
|
|
MGCP GW doesn't reset SSRC/ROC on receiving MDCX with new IP/port/SDP parameter for SRTP call. |
|
|
OSPF summary-route (Type 5) redistribute into ospf via 'summary-address' cmd is not install in RIB |
|
|
SSH may crash due to a corrupt MAC |
|
|
BGP labels not propagated |
|
|
Secondary subnets not redistributed from OSPF into BGP |
|
|
BGP set wrong local preference for routes in RPKI invalid state |
|
|
Replaces string not passed on CUBE REFER consumption scenario when address-hiding is configured |
|
|
BGP/ expanded extcommunity regex filter is not working as expected |
|
|
SSH: host_key->name is not null after reload which prevents SSH from starting up |
|
|
CUBE router crashed due to memory corruption in subscription control block |
|
|
CGR1000 - FE LEDs and SVI incorrect behavior |
|
|
CUBE doesn't terminate the call after network failure |
|
|
CUBE ha crash of standby unit after call hold from video endpoint |
|
|
RLFA config causing OSPF to ignore backup path addition for NSSA prefix after primary link flap |
|
|
C841M (15.8(3)M2) stuck at Splash Screen when access GUI (3.5.3) via Google Chrome & Firefox. |
|
|
cat9300 hang and generate memory error when applying "privilege interface level 15 ospfv3" |
|
|
Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability |
|
|
LTE failover timer resets to 5 min after reload |
|
|
freed rpi_parent is hit when deleting parent route by route update event |
|
|
SIP phone paging party hears own voice on T-train |
|
|
VG450: SCCP crashing router while shutdown the process |
|
|
CGR1K_DOT11-3-RADIO_RESET |
|
|
DMVPN with shared ipsec protection profile on ipv4 and ipv6 tunnel, only one tunnel comes up |
|
|
KPML dialing fails after CSCvq20936 commit |
|
|
When user cancel Call Forward All from the analog phone, user can't hear the confirmation tone |
|
|
Unregistered supplicant can ping every re-authentication timer with mab when Spanning is disabled |
|
|
Router crashes due to Segmentation Fault when 'ccb' gives a NULL Pointer |
|
|
CGR1000 has SNMP queue length on 1 by default since 15.8(3)M2 |
|
|
router crash and reload due to freeblock magic number corruption |
|
|
c927 c926 c921 usb flash drive/memory Stick problem |
|
|
C3900-SPE250/K9 // memory leak in voice gateway |
|
|
IOS Firewall crash with video call |
|
|
SNMP cannot poll LLDP neighbors from the device |
|
|
XSVC SIP trunks are shown as DOWN |
|
|
ISR c800 is not giving DHCP address when port authentication failover from MAB to guest-vlan |
|
|
PoE stops working after upgrade on C881K9 |
|
|
C921J-4P: Layer3 port(Gi4 and Gi5) linkup failure when peer is in fixed mode(speed or duplexity) |
|
|
Trackbacks observed when querying DNS to ipv6 link local address. |
|
|
System power-off after removing CLI for ignition undervoltage threshold |
|
|
Ping Fails after SW-port is configured on interfaced |
Open Bugs—Cisco IOS Release 15.9(3)M1
|
Caveat ID Number |
Description |
|---|---|
|
IOS allows RC4-MD5 and RC4-SHA1 SSL ciphers to be negotiated by default |
|
|
ISM-VPN: double counting of SNMP ifInOctets on sub-int with crypto map |
|
|
Crash caused by a "TLB Modification exception" after processing a null chunk in "IP Input" process. |
|
|
CUBE fails to send outgoing SUBSCRIBE if egress dial-peer has "session server-group" configured |
|
|
CUBE - SDP version increment behaviour creates cypto interworking issues |
|
|
VRF aware reverse DNS lookup not working |
|
|
SDP version was incremented due to misplace of PT 100 |
|
|
SIP phone paging party hears own voice |
|
|
Packet drop in vdsl controller pppoe stuck in PADISNT |
|
|
Router reload due to command "show control-plane host open-ports" |
|
|
SNMP OID giving inaccurate/no updates for Cellular and interface OIDs |
|
|
Crash due to PIM process |
|
|
EIGRP hello packets sourced from the tunnel ip address even the EIGRP is not enabled on interface |
|
|
Block Overrun after NHRP-3-PAKERROR syslog message |
|
|
NAT address is deleted from route table after FTP passive mode communication |
|
|
After configuring the time based queue limit in ms complete packet drops in default class |
|
|
Reflexive ACL does not work on PATed packets in specific situation on IOS 15.7(3)M4a. |
|
|
CUBE is not able to transfer the call |
|
|
MWI does not work for all shared lines |
|
|
Dual SIM fast-switchover is not working |
|
|
491 returned on midcall INVITE when peer leg is not pending a request |
|
|
Crash due to memory corruption [SNA] |
Resolved Bugs—Cisco IOS Release 15.9(3)M0a
|
Caveat ID Number |
Description |
|---|---|
|
C897VAW-E-K9 // 15.7(3)M1 // Unable to disable lldp |
|
|
DHCP CLIENT not working when CWMP agent is enabled |
|
|
"Not supported for this platform" errro log when "show run" |
|
|
c927 c926 c921 usb flash drive/memory Stick problem |
Open Bugs—Cisco IOS Release 15.9(3)M0a
|
Caveat ID Number |
Description |
|---|---|
|
HCD_TRANS :VERBOSE error seen with USB OIR |
Resolved Bugs—Cisco IOS Release 15.9(3)M
|
Caveat ID Number |
Description |
|---|---|
|
OSPFv3 AUTH breaks IPv6 traffic intermittently |
|
|
SSL handshake failure when validating certification with name-constraints |
|
|
Y2.02K: self-signed cert expires after 31 Dec 2019, cannot be created after 1 Jan 2020 |
|
|
High CPU due to Alignment Corrections - SMEF & IWAN |
|
|
Rekey Timer are same for both the Server and Client |
|
|
Crash when entering username with aaa common-criteria policy password |
|
|
IPSEC NAT-T / transport mode: UDP checksum not updated on decryption |
|
|
Certificate map does not work always with UPN in SAN field |
|
|
Crash while processing ISIS updates when DiffServ-TE is enabled |
|
|
Layer 2 Neighbors Have No Connectivity Despite Authentication Open Being Configured |
|
|
bgp dynamic neighbor not up |
|
|
IS-IS needs to filter out Adjacency-SIDs for IPv6 address-family |
|
|
TCLSH: smtp_lib.tcl broken VRF support |
|
|
PKI "revocation check crl none" does not fallback if CRL not reachable |
|
|
PnP Agent should detect image upgrade scenario and configure dialer to bring up cellular interface |
|
|
Packet drop occurs after acl permit configurations |
|
|
9200L Day0 setup not working out of box. |
|
|
SNMP querry for local BGP AS "cBgpLocalAS" is failing |
|
|
PKI incorrect fingerprint calulation during CA authentication |
|
|
"%IR800_SPI_FLASH-3-VERIFY_ERROR: SPI Flash verification error at block 0x900000" |
|
|
CUBE picks incorrect interface for media after receiving c=IN IP4 0.0.0.0 |
|
|
Analog phones on VG310 play continious BEEP tone approx every 60 secs. |
|
|
BGP has VxLAN RNH "show bgp l2vpn evpn rnh" but missing entries in "show nve peers" |
|
|
Deleting one sip-copylist will remove all sip copy-lists from dialpeers |
|
|
IPSec-Session count in "show crypto eli" reaches max causing VPN failure |
|
|
Reverse SSH bringing down RTS on serial interface |
|
|
Flexible NetFlow Template ID is not getting exported |
|
|
Router crashes after running "show interfaces transceiver detail" |
|
|
Transcoder getting invoked for SRTP-SRTP calls. |
|
|
%PERF_MON_ASYNC-3-MEM: Memory cleanup failed - ssrc db cache results in PMI not created on BR |
|
|
Bytes output in show policy-map is incorrect on dialer interface |
|
|
Overlay BGP down when configured "ip nhrp server-only" |
|
|
Router loses "transport tcp tls v1.0" on reload |
|
|
"mac-address-table secure sticky <mac-add>" lost when configure "mac-address-table secure maximum" |
|
|
PNP profile using hostname is not working anymore |
|
|
Tail drops on IPSLA sender when using scaled udp-jitter probes |
|
|
ISR8xx TCAM limitation |
|
|
Async port counter doesn't increment with 'reverse telnet' |
|
|
Shut down interface Wlan-GigabitEthernet0 |
|
|
ESR crashed with Segmentation fault on Process Rate limit load process |
|
|
Source Filter and Voice RTP Source-Filter in IOS Routers should allow RTP when on Hold |
|
|
BGP sends malformed EVPN MAC/IP Advertisement Route |
|
|
VG3x0 - groundstart voice-port configuration removed after reload |
|
|
Reload when importing certificate from nvram: |
|
|
MED should be compared if the first AS number in AS-PATH is 2^16, i.e, 65536 |
|
|
Crash during SNMP Configuration, ospfv3_pdb_from_router_info |
|
|
IPsec SA installation fails with simultaneous negotiations despite fix for CSCve08418 |
|
|
After receiving 491, cube is not setting the media transcoder flag at SRTP leg |
|
|
Default-route is not installed in Local PE VRF if there is 0.0.0.0/X route present in routing table |
|
|
C5915 - NVRAM corrupts during bootup |
|
|
Crash after Media monitor look up. |
|
|
ISRG2: SRTP information not passed in Outgoing 183SP's SDP in external call forward scenario |
|
|
Split DNS not working in case of TCP query coming on WAN interface and destined to LAN interface |
|
|
ISDN memory leak |
|
|
C921 forward packets with a destination MAC address that is not the MAC Address of SVI |
|
|
[C900] traffic cannot be forwarded once storm-control changed from blocking to forwarding |
|
|
IR807G-LTE-GA-K9 is not recognized as Cisco genuine product |
|
|
C841M (15.8(3)M2) stuck at Splash Screen when access GUI (3.5.3) via Google Chrome & Firefox. |
|
|
When the traffic rate is increased , VDSL interface starts bouncing |
|
|
C926 and C927 will have VDSL down when mac address on Ethernet interface is changed |
Open Bugs—Cisco IOS Release 15.9(3)M
|
Caveat ID Number |
Description |
|---|---|
|
ISM-VPN: double counting of SNMP ifInOctets on sub-int with crypto map |
|
|
ASR920: EC-5-MINLINKS_MET syslog is not generated |
|
|
Port channels interface counters show decrement for CRC errors |
|
|
Memory leak VOIP *MallocLite* |
|
|
Crash caused by a "TLB Modification exception" after processing a null chunk in "IP Input" process. |
|
|
CUBE fails to send outgoing SUBSCRIBE if egress dial-peer has "session server-group" configured |
|
|
QSIG - SIP - Connected Number Missing leading digit when decoding raw QSIG |
|
|
CUBE changing the payload for content sharing packets, though it negotiate correctly |
|
|
CUBE - SDP version increment behaviour creates cypto interworking issues |
|
|
CUBE DNS SRV Query is not performed for PRACK |
|
|
tracebacks unqueue didn't find XX in queue XXX-Process= "MAB Framework", ipl= , pid= |
|
|
Disable MOP by default |
|
|
VRF aware reverse DNS lookup not working |
|
|
ISDN calls being picked in round robin manner instead of all happening at the same time |
|
|
SDP version was incremented due to misplace of PT 100 |
|
|
VRF routes disappeared after reload |
|
|
3945 CUBE / 15.7(3)M3 / Subscription control block corrupted ccsipSCB_t |
|
|
CUBE doesn't terminate the call after network failure |
|
|
SIP Profiles not properly modifying 400 responses |
|
|
Exporter Thread crash after low stack report |
|
|
C888 VIP not reachable for some VRRP ID |
|
|
SIP phone paging party hears own voice |
|
|
Packet drop in vdsl controller pppoe stuck in PADISNT |
|
|
Crash after configuring network statement under BGP |
|
|
SNMP OID giving inaccurate/no updates for Cellular and interface OIDs |
|
|
dACL Not Applied on Slave Switches in a stack |
Feedback