Table Of Contents
Release Notes for the Cisco 10000 Series Router for Cisco IOS Release 12.3(7)XI2
Contents
System Requirements
Route Processor Redundancy Mode
Before You Upgrade the Cisco IOS Software
Upgrading to a New Software Release
New Features—Cisco IOS Release 12.3(7)XI2
Define Interface Policy-Map AV Pairs AAA
Dynamic ATM VP and VC Configuration Modification
Local Template-Based ATM PVC Provisioning
MQC Policy Map Support on Configured VC Range ATM
RADIUS Attribute 31: PPPoX Calling Station ID
Scaling Enhancements
Queue Scaling
VC Scaling
Shaped UBR PVCs
Limitations and Restrictions
ATM PVC Autoprovisioning
Controlling the Rate of Logging Messages
Define Interface Policy-Map AV Pairs AAA
Dynamic ATM VP and VC Configuration Modification
Frame Relay
Local Template-Based ATM PVC Provisioning
MQC Policy Map Support on Configured VC Range ATM
PRE Network Management Ethernet Port
RADIUS Attribute 31: PPPoX Calling Station ID
Scalability
Shaped UBR PVCs
Testing Performance of High-Speed Interfaces
Important Notes
Configuring the aaa new-model Command
Enhancing Scalability of Per-User Configurations
Setting VRF and IP Unnumbered Interface Configurations in User Profiles
Setting VRF and IP Unnumbered Interface Configuration in a Virtual Interface Template
Redefining User Profiles to Use the ip:vrf-id and ip:ip-unnumbered VSAs
Inserting a New Line Card
Local AAA Server, User Database—Domain to VRF
Multilink PPP
Provisioning for Scaling
PPPoA Sessions with IP QoS Static Routes
AAA Authentication on the NME Port
Call Admission Control
Open Caveats—Cisco IOS Release 12.3(7)XI2
Resolved Caveats—Cisco IOS Release 12.3(7)XI2
Obtaining Documentation
Cisco.com
Ordering Documentation
Documentation Feedback
Obtaining Technical Assistance
Cisco TAC Website
Opening a TAC Case
TAC Case Priority Definitions
Obtaining Additional Publications and Information
Release Notes for the Cisco 10000 Series Router for Cisco IOS Release 12.3(7)XI2
November 11, 2004
These release notes provide information about Cisco IOS Release 12.3(7)XI2, which provides broadband aggregation and leased-line features for the Cisco 10000 series router.
These release notes are updated as needed to describe new features, memory requirements, hardware support, software platform deferrals, and changes to the microcode and related documents.
Cisco IOS Release 12.3(7)XI2 is based on the following releases:
•
Cisco IOS Release 12.2(16)BX
•Cisco IOS Release 12.3T
•Cisco IOS Release 12.3(7)XI1
To review the release notes for Cisco IOS Release 12.2(16)BX, go to the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/aggr/10000/10krn/122bx/index.htm
To review the release notes for Cisco IOS Release 12.3, go to the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123relnt/xprn123/index.htm
Contents
This document contains the following sections:
•System Requirements
•New Features—Cisco IOS Release 12.3(7)XI2
•Limitations and Restrictions
•Important Notes
•Open Caveats—Cisco IOS Release 12.3(7)XI2
•Obtaining Documentation
•Documentation Feedback
•Obtaining Technical Assistance
•Obtaining Additional Publications and Information
System Requirements
Cisco IOS Release 12.3(7)XI2 requires that you have the performance routing engine (PRE), Part Number ESR-PRE2 installed in the Cisco 10000 series router chassis. To verify which PRE is installed in the router, use the show version command.
Route Processor Redundancy Mode
The Cisco 10000 series router supports route processor redundancy (RPR) mode or RPR+ mode to provide fault resistance and to ensure high availability. In RPR mode, one supervisor engine is active and operational while the second supervisor engine is in standby mode waiting for the active supervisor to fail so that it can take over and maintain the operation of the router. In RPR+ mode, the standby supervisor engine is fully initialized and configured, which shortens the time needed to switch over to the standby supervisor.
When upgrading or downgrading the Cisco IOS software, the RPR mode used on the Cisco 10000 series router depends upon the Cisco IOS software currently running on the Cisco 10000 series router and the Cisco IOS software to which you want to upgrade or downgrade.
Table 1 lists the RPR modes used when upgrading or downgrading Cisco IOS software. For example, when upgrading to Cisco IOS Release 12.3(7)XI2 from Release 12.2(16)BX, the router uses RPR mode instead of RPR+ mode. When downgrading to Cisco IOS Release 12.2(16)BX from Cisco IOS Release 12.3(7)XI2, the router uses RPR mode.
Table 1 RPR Modes for Cisco IOS Software Releases
Releases
|
12.2(16)BX
|
12.3(7)XI2
|
12.2(16)BX
|
RPR+
|
RPR
|
12.3(7)XI2
|
RPR
|
RPR+
|
Before You Upgrade the Cisco IOS Software
Before you upgrade (or downgrade) the Cisco IOS software running on the Cisco 10000 series router, save the running configuration file. In RPR mode, the router synchronizes only the startup configuration.
Upgrading to a New Software Release
For specific information about upgrading your Cisco 10000 series router to a new software release, refer to the Cisco 10000 Series Router Software Configuration Guide.
For general information about upgrading to a new software release, refer to the product bulletin Cisco IOS Upgrade Ordering Instructions.
For additional information about ordering Cisco IOS software, refer to the Cisco IOS Software Releases.
New Features—Cisco IOS Release 12.3(7)XI2
The following new features and improvements are supported on the Cisco 10000 series router in Cisco IOS Release 12.3(7)XI2.
•Define Interface Policy-Map AV Pairs AAA
•Dynamic ATM VP and VC Configuration Modification
•Local Template-Based ATM PVC Provisioning
•MQC Policy Map Support on Configured VC Range ATM
•RADIUS Attribute 31: PPPoX Calling Station ID
•Scaling Enhancements
•Shaped UBR PVCs
For more information about the new features in Cisco IOS Release 12.3(7)XI2, refer to the following documentation:
•Cisco 10000 Series Broadband Aggregation and Leased-Line Configuration Guide
For information about new features supported on the Cisco 10000 series router in other releases, see the appropriate Release Notes at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/aggr/10000/10krn/index.htm
Define Interface Policy-Map AV Pairs AAA
The Define Interface Policy-Map AV Pairs AAA feature introduces two Cisco Remote Authentication Dial-In User Service (RADIUS) vendor-specific attributes (VSAs) that allow a policy map to be applied on the virtual circuit (VC) via RADIUS during a Point-to-Point Protocol over ATM (PPPoA) or Point-to-Point Protocol over Ethernet over ATM (PPPoEoA) session establishment.
The Define Interface Policy-Map AV Pairs AAA feature introduces two Cisco VSAs that allow you to apply a policy map at the ATM VC level using RADIUS. The purpose of the Cisco VSA (attribute 26) is to communicate vendor-specific information between the network access server (NAS) and the RADIUS server. The Cisco VSA encapsulates vendor specific attributes that allow vendors such as Cisco to support their own extended attributes.
The Define Interface Policy-Map AV Pairs AAA feature allows a policy map to be applied ("pulled") on the VC during a PPPoA or PPPoEoA session establishment.
In earlier releases a policy map could only be configured on a VC or ATM point-to-point subinterface by using modular QoS CLI (MQC). A service policy could be applied to the sessions on these VCs using RADIUS or manually with the virtual template. In this release, this feature allows a service policy to be applied on the VC using RADIUS for a PPPoA or PPPoEoA session. (However, configuring a service policy on the ATM subinterface still requires CLI configuration.)
In Cisco IOS Release 12.3(7)XI2, the Define Interface Policy-Map AV Pairs AAA feature allows a service policy to be applied on the VC using RADIUS for a PPPoA or PPPoEoA session. (However, configuring a service policy on the ATM subinterface still requires CLI configuration and enabling DBS
on the VC in particular.)
For more information about this feature, see the Define Interface Policy-Map AV Pairs AAA feature guide at http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123limit/123x/123xi7/123xiqos.htm#wp1043332
Dynamic ATM VP and VC Configuration Modification
In Cisco IOS Release 12.3(7)XI1, when you change the weight of a VC or the VP shaping parameters, the VC or VP gets torn down at the SAR and the session goes down. In Cisco IOS Release 12.3(7)XI2, the Dynamic ATM VP and VC Configuration Modification feature allows you to change the VC weight or VP shaping parameters without affecting the state of the VC or VP. In other words, the VC and VP remain up and operational.
The dynamic parameters include ATM VP parameters (PCR or CDVT) and VC parameters (weight, PCR, SCR, MBS, and CDVT). When you change VC parameters or the VP rate, there can be a momentary change in the VP's shaped rate, in which the rate cells are sent might be over or under the configured rates. The session stays up and no data is lost.
In Cisco IOS Release 12.3(7)XI2, the range of integer values supported by the weight-value parameter of the weight command is 1 to 255. In Cisco IOS Release 12.3(7)XI1, the range is 5 to 255.
Local Template-Based ATM PVC Provisioning
The Local Template-Based ATM PVC Provisioning feature supports PVC autoprovisioning for an infinite range of VPI/VCI combinations on an ATM interface.
The Local Template-Based ATM PVC Provisioning feature enables ATM permanent virtual circuits (PVCs) to be provisioned automatically as needed from a local configuration, making the provisioning of large numbers of digital subscriber line (DSL) subscribers easier, faster, and less prone to error. ATM PVC autoprovisioning can be configured on a PVC, an ATM PVC range, or a VC class. If a VC class configured with ATM PVC autoprovisioning is assigned to the main interface, all the PVCs on that main interface will be autoprovisioned; this configuration is sometimes referred to as an infinite range.
MQC Policy Map Support on Configured VC Range ATM
In releases prior to Cisco IOS Release 12.3(7)XI2, MQC policy maps on ATM VCs were supported, but to attach a service policy to an ATM VC you had to configure the service policy in PVC mode. The MQC Policy Map Support on Configured VC Range ATM feature simplifies this configuration by allowing you to implement a service policy under range PVC mode and under PVC in range mode.
RADIUS Attribute 31: PPPoX Calling Station ID
The RADIUS Attribute 31: PPPoX Calling Station ID feature enables service providers to provide more information about the call originator to the RADIUS server in a DSL environment, such as the physical lines on which customer calls originate. Specifically, this feature allows operators to track customers through the physical lines on which customer calls originate. Service providers can better maintain the profile database of their customers as they move from one physical line to another.
Because this feature provides a virtual port that does not change as customers move from one physical line to another, RADIUS attribute 31 (Calling-Station-ID) can also be used for additional security checks. The Calling-Station-ID attribute is included in both ACCESS-REQUEST and ACCOUNTING-REQUEST messages.
Scaling Enhancements
Cisco IOS Release 12.3(7)XI2 provides increased limits with queue scaling and VC scaling.
Queue Scaling
At least two queues are allocated for every interface or subinterface for which separate queues are created. The first queue is the default queue for normal traffic, and the second queue, known as the system queue, is used for a small amount of router-generated traffic that bypasses the normal drop mechanisms. For 32,000 VCs, this would require the allocation of a minimum of 64,000 queues. While Cisco IOS Release 12.3(7)XI1 added support for up to 128,000 queues, a more effective use of these limited resources is realized by having the subinterfaces on a given main interface share the single system queue of the main interface.
In Cisco IOS Release 12.3(7)XI2, the subinterfaces on a given main interface share the single system queue of the main interface, and this allows for 32,000 subinterfaces with a three-queue model that supports assured forwarding (AF) queues and expedited forwarding (EF) queues, in addition to the default best effort (BE) queues. Because there isn't a system queue for every subinterface, this frees up queues for a 4-queue model.
VC Scaling
When configured for hierarchical shaping, ATM line cards support the following number of VCs:
•OC-12 ATM line card supports a maximum of 16,384 VCs (previously 14,436)
•OC-3 ATM line card and the E3/DS3 line card support a maximum of 28,672 VCs (previously 8,192).
In atm pxf queuing mode, ATM line cards support the following number of VCs:
Line Card
|
Maximum VCs per Port
|
Maximum VCs per Module
|
VBR, CBR, Shaped UBR VCs
|
E3/DS3
|
4,096
|
32,768
|
28,672
|
OC-3
|
8, 192
|
32,768
|
28,672
|
OC-12
|
16,384
|
16,384
|
16,384
|
You can configure the maximum number of VCs across the ports in any fashion, provided that you do not exceed the per-port maximum.
Shaped UBR PVCs
Prior to Cisco IOS Release 12.3(7)XI2, you could configure shaped unspecified bit rate (UBR) PVCs but only when the no atm pxf queuing command was configured. In Cisco IOS Release 12.3(7)XI2, you can configure shaped UBR PVCs when the atm pxf queuing command is configured.
When shaped UBR is specified, the layer 3 scheduling for the UBR VC is set up in the same fashion as VBR and CBR VCs are set up. The VC has its own VTMS link and a set of queues assigned to it. The rate of the link is based on the PCR you specify. Flowbits are assigned to the VC. Unlike VBR and CBR VCs, only a single flowbit is assigned to the VC; it is not based on rate.
Like VBR and CBR VCs, the shaped UBR VCs can have queuing service policies applied to them. The UBR VCs are not subject to any CAC checks, but the number of shaped UBR VCs must be within existing limits. These limits include: the maximum number of VCs per system, maximum number of VCs per port, and maximum number of VCs with flowbits.
Limitations and Restrictions
This section describes limitations and restrictions for the following areas. Be sure to review the following limitations and restrictions before using the features in the Cisco IOS Release 12.3(7)XI2:
•ATM PVC Autoprovisioning
•Controlling the Rate of Logging Messages
•Define Interface Policy-Map AV Pairs AAA
•Dynamic ATM VP and VC Configuration Modification
•Frame Relay
•Local Template-Based ATM PVC Provisioning
•MQC Policy Map Support on Configured VC Range ATM
•PRE Network Management Ethernet Port
•RADIUS Attribute 31: PPPoX Calling Station ID
•Scalability
•Shaped UBR PVCs
•Testing Performance of High-Speed Interfaces
For more information about the restrictions for a specific feature, refer to the Cisco 10000 Series Broadband Aggregation and Leased-Line Configuration Guide.
ATM PVC Autoprovisioning
The following restrictions apply to the ATM PVC Autoprovisioning feature:
•The SAR translates the external VPI/VCI values into an internal 32-bit logical header. Router interfaces can support 510 unique bit field combinations in the 32-bit logical header. While there are 512 total SAR pages, page 0 is unused due to a hardware limitation and page 511 is reserved for tunnels.
Note Note: The limit of 510 usable SAR pages in Cisco IOS Release 12.3(7)XI2 represents a reduction from the limit of 512 usable SAR pages in earlier releases.
•The Local Template-Based ATM PVC Provisioning feature (infinite range) can be configured only on a main ATM interface; that is, it cannot be configured on a subinterface. When you use the class-int command to attach an ATM VC class to a subinterface, the create on-demand command is ignored.
•PVCs or PVCs within a range specified as create on demand PVCs, count against the interface limit for configured PVCs, regardless of whether the PVCs become active. These PVCs count against the maximum number of VCs allowed per interface port.
Controlling the Rate of Logging Messages
It is important that you limit the rate that system messages are logged by the Cisco 10000 series router. This helps to avoid a situation in which the router becomes unstable and the CPU is overloaded. To control the output of messages from the system, use the logging rate-limit command.
Cisco recommends that you configure the logging rate-limit command as follows. This limits the rate of all messages to the console to 10 per second, except for messages with critical priority (level 3) or greater.
Router(config)# logging rate-limit console all 10 except critical
For more information, refer to the logging rate-limit command in the Cisco IOS Configuration Fundamentals and Network Management Command Reference, Release 12.3.
Define Interface Policy-Map AV Pairs AAA
You cannot configure a service policy on a VC and on a session at the same time.
Dynamic ATM VP and VC Configuration Modification
The following restrictions apply to the Dynamic ATM VP and VC Configuration Modification feature:
•A weight of less than 10 should not be used, because it can adversely affect the performance of the ATM port.
•When you change VC parameters or the VP rate, there can be a momentary fluctuation in the VP's effective shaped rate, in which the rate that cells are sent might be over or under the configured rates.
•The Dynamic ATM VP and VC Configuration Modification feature does not allow you to dynamically change the queue depth or the type of VC (for example, from CBR to VBR-nrt).
Frame Relay
The following limitations apply to the Cisco 10000 series router implementation of Frame Relay:
•The ip rtp reserve command is not supported.
•Only one priority queue per VC is allowed.
Local Template-Based ATM PVC Provisioning
The Local Template-Based ATM PVC Provisioning feature (infinite range) can be configured only on a main ATM interface; that is, it cannot be configured on a subinterface. When you use the class-int command to attach an ATM VC class to a subinterface, the create on-demand command is ignored.
MQC Policy Map Support on Configured VC Range ATM
The MQC Policy Map Support on Configured VC Range ATM feature applies to ATM VCs only.
PRE Network Management Ethernet Port
Ensure that the Fast Ethernet NME port on the PRE is configured for auto-negotiation mode, which is the system default. Duplex mode can cause problems, such as flapping. If the port is experiencing such problems and has been configured for duplex mode, use the no half-duplex or no full-duplex command to disable duplex mode.
RADIUS Attribute 31: PPPoX Calling Station ID
The following limitations apply to the RADIUS Attribute 31: PPPoX Calling Station ID feature:
•Do not use the RADIUS Logical Line ID feature with the RADIUS Attribute 31: PPPoX Calling Station ID feature. Using both features causes two instances of the attribute in the RADIUS IOS database for a particular user.
•While this feature can be used with any vendor's RADIUS server, some RADIUS servers can require modifications to their dictionary files to allow the Calling-Station-ID attribute to be presented correctly in the RADIUS logs.
•This feature supports only RADIUS; TACACS+ is not supported.
•Currently, PPPoEoVLAN and PPPoEoQinQ do not provide information on VLAN tags; only the MAC address is provided to the RADIUS server.
•RADIUS attribute 31 (Calling-Station-ID) is not supported for L2TP Network Server (LNS) environments. If you enable this attribute on an LNS, the attribute is not sent to the RADIUS server.
Scalability
If you configure create on demand PVCs (individual and within a range) and PPP sessions, RP CPU utilization can be extremely high when bringing up and tearing down sessions and PVCs. This is only a concern when the configuration contains approximately 30,000 PPP sessions, and additional services are enabled such as DBS, ACLs, and service policies.
To reduce the RP CPU usage for PPPoA sessions, reduce the number of configured PVCs in a single subinterface. To reduce the RP CPU usage for PPPoEoA sessions, use call admission control (call admission limit command).
Shaped UBR PVCs
Only variable bit rate (VBR) VCs are allowed in the VP tunnel. You cannot configure unspecified bit rate (UBR) VCs or constant bit rate (CBR) VCs in the tunnels.
Testing Performance of High-Speed Interfaces
Cisco IOS software running on the Cisco 10000 series router has multiple queues for all classes of traffic over high-speed interfaces. The software selects a queue based on the source and destination address for the packet. This ensures that a traffic flow always uses the same queue and the packets are transmitted in proper order.
When the Cisco 10000 series router is installed in a real network, the high-speed interfaces work efficiently to spread traffic flow equally over the queues. However, using single traffic streams in a laboratory environment may result in less-than-expected performance.
Therefore, to ensure accurate test results, you should test the throughput of the gigabit Ethernet, Packet over SONET (POS), or ATM uplink with multiple source or destination addresses.
Tip To determine if traffic is being properly distributed, use the show hardware pxf cpu queue command.
Important Notes
This section provides important information about the following topics:
•Configuring the aaa new-model Command
•Enhancing Scalability of Per-User Configurations
•Inserting a New Line Card
•Local AAA Server, User Database—Domain to VRF
•Multilink PPP
•Provisioning for Scaling
Configuring the aaa new-model Command
The aaa new-model command is disabled by default on the Cisco 10000 series router. In previous releases, the default configuration did not appear in the running configuration file. However, in Cisco IOS Release 12.3(7)XI2 or later releases, the running configuration file now includes the no aaa new-model command. This is an intentional change in behavior for this command and is the first step in a three-step process to change the default configuration to aaa new-model.
Note This change in behavior differs from Cisco IOS software, which typically does not include default configurations in the running configuration file.
For example, when you enter the show running-config command, no aaa new-model appears in the configuration if either of the following conditions previously occurred:
•You did not configure the aaa new-model command on the router and instead accepted the default configuration of the file: no aaa new-model.
•You entered the no aaa new-model command to remove the previously configured aaa new-model command.
Enhancing Scalability of Per-User Configurations
To enhance scalability of per-user configurations without changing the router configuration, use the ip:vrf-id and ip:ip-unnumbered RADIUS attributes. These per-user vendor specific attributes (VSAs) are used to map sessions to VRFs and IP unnumbered interfaces. The VSAs apply to virtual access subinterfaces and are processed during PPP authorization.
In releases earlier than Cisco IOS Release 12.2(16)BX1, the lcp:interface-config RADIUS attribute is used to map sessions to VRFs. This per-user VSA applies to any type of interface configuration, including virtual access interfaces. Valid values of this VSA are essentially any valid Cisco IOS interface command; however, not all Cisco IOS commands are supported on virtual access subinterfaces. To accommodate the requirements of the lcp:interface-config VSA, the per-user authorization process forces the Cisco 10000 series router to create full virtual access interfaces, which consume more memory and are less scalable.
In Cisco IOS Release 12.2(16)BX1 and later releases, the ip:vrf-id is used to map sessions to VRFs. Any profile that uses the ip:vrf-id VSA must also use the ip:ip-unnumbered VSA to install IP configurations on the virtual access interface that is to be created. PPP that is used on a virtual access interface to be created requires the ip:ip-unnumbered VSA. An Internet Protocol Control Protocol (IPCP) session is not established if IP is not configured on the interface. You must configure either the ip address command or the ip unnumbered command on the interface so that these configurations are present on the virtual access interface that is to be created. However, specifying the ip address and ip unnumbered commands on a virtual template interface is not required because any pre-existing IP configurations are removed when the ip:ip-vrf VSA is installed on the virtual access interface. Therefore, any profile that uses the ip:vrf-id VSA must also use the ip:ip-unnumbered VSA to install IP configurations on the virtual access interface that is to be created.
These per-user VSAs can be applied to virtual access subinterfaces; therefore, the per-user authorization process does not require the creation of full virtual access interfaces, which improves scalability.
Setting VRF and IP Unnumbered Interface Configurations in User Profiles
Although the Cisco 10000 series router continues to support the lcp:interface-config VSA, the ip:vrf-id and ip:ip-unnumbered VSAs provide another way to set the VRF and IP unnumbered interface configurations in user profiles. The ip:vrf-id and ip:ip-unnumbered VSAs have the following syntax:
Cisco:Cisco-AVpair = "ip:vrf-id=vrf-name"
Cisco:Cisco-AVpair = "ip:ip-unnumbered=interface-name"
Specify only one ip:vrf-id and one ip:ip-unnumbered value in a user profile. However, if the profile configuration includes multiple values, the Cisco 10000 series router applies the value of the last VSA received, and creates a virtual access subinterface. If the profile includes the lcp:interface-config VSA, the router always applies the value of the lcp:interface-config VSA, and creates a full virtual access interface.
Whenever you specify a VRF in a user profile, but you do not configure the VRF on the Cisco 10000 series router, in Cisco IOS Release 12.2(15)BX, the router accepted the profile. However, in Cisco IOS Release 12.2(16)BX1 and later releases, the router rejects the profile.
Setting VRF and IP Unnumbered Interface Configuration in a Virtual Interface Template
You can specify one VSA value in the user profile on RADIUS and another value locally in the virtual template interface. The Cisco 10000 series router clones the template and then applies the values configured in the profiles it receives from RADIUS, resulting in the removal of any IP configurations when the router applies the profile values.
Redefining User Profiles to Use the ip:vrf-id and ip:ip-unnumbered VSAs
The requirement of a full virtual access interface when using the lcp:interface-config VSA in user profiles can result in scalability issues, such as increased memory consumption. This is especially true when the Cisco 10000 series router attempts to apply a large number of per-user profiles that include the lcp:interface-config VSA. Therefore, when updating your user profiles, we recommend that you redefine the lcp:interface-config VSA to the scalable ip:vrf-id and ip:ip-unnumbered VSAs.
Example 1 shows how to redefine the VRF named newyork using the ip:vrf-id VSA.
Example 1 Redefining VRF Configurations
Cisco:Cisco-Avpair = "lcp:interface-config=ip vrf forwarding newyork"
Cisco:Cisco-Avpair = "ip:vrf-id=newyork"
Example 2 shows how to redefine the Loopback 0 interface using the ip:ip-unnumbered VSA.
Example 2 Redefining IP Unnumbered Interfaces
Cisco:Cisco-Avpair = "lcp:interface-config=ip unnumbered Loopback 0"
Cisco:Cisco-Avpair = "ip:ip-unnumbered=Loopback 0"
Inserting a New Line Card
Unlike other Cisco routers, if you insert a new or different line card into a Cisco 10000 series router chassis slot that previously had a line card installed, the line card initially reports that it is administratively up.
Local AAA Server, User Database—Domain to VRF
The Local AAA Server, User Database—Domain to VRF feature is not working correctly in Cisco IOS Release 12.3(7)XI2. For more information, refer to CSCef83376 in Open Caveats—Cisco IOS Release 12.3(7)XI2.
Multilink PPP
Multilink PPP (MLPPP) is working correctly in Cisco IOS Release 12.3(7)XI2. (It was not working correctly in Cisco IOS Release 12.3(7)XI1).
Provisioning for Scaling
The following configuration parameters enhance scalability on the Cisco 10000 series router:
•PPPoA Sessions with IP QoS Static Routes
•AAA Authentication on the NME Port
•Call Admission Control
To configure the Cisco 10000 series router for high scalability, be sure to configure the configuration parameters as described in the sections that follow.
For more information, refer to the Cisco 10000 Series Broadband Aggregation and Leased-Line Configuration Guide.
PPPoA Sessions with IP QoS Static Routes
To scale to 32,000 PPPoA sessions with IP QoS enabled, you must limit the number of IP QoS static routes to 4,000 unidirectional QoS static routes.
AAA Authentication on the NME Port
If you use AAA authentication on the NME port, set both the in and out interface hold queues to 4096. For example:
Router(config)# int fa 0/0/0
Router(config-if)# hold-queue 4096 in
Router(config-if)# hold-queue 4096 out
Call Admission Control
We recommend that you set the Call Admission Control (CAC) to a maximum of 95. For example:
Router(config)# call admission limit 95
Open Caveats—Cisco IOS Release 12.3(7)XI2
Table 2 describes Open Caveats in Cisco IOS Release 12.3(7)XI2.
Table 2 Open Caveats in Cisco IOS Release 12.3(7)XI2
Caveat
|
Description
|
CSCdt94857
|
High impact commands or commands used in high scaling environments impact scaling by increasing CPU cycles, increasing boot time, and decreasing control plane run-time efficiency.
Workaround: There is no workaround for this problem.
|
CSCdy45049
|
When scaling over 3000 serial interfaces, line rate traffic may not be achieved. This problem occurs when thousands of serial interfaces (PPP or HDLC) are used on the port and line rate traffic is sent through all interfaces.
Workaround: There is no workaround for this problem.
|
CSCdz40002
|
When you remove APS and then re-activate it, traffic convergence after an APS switchover takes longer than 2 seconds.
Workaround: There is no workaround for this problem.
|
CSCea63115
|
When you enter the redundancy force-failover main-cpu privileged EXEC command on a router that is configured with two Performance Routing Engines (PREs), an automatic protection system (APS) switchover occurs on OC-12 Packet-over-SONET (POS) line cards, which is incorrect behavior.
This problem occurs when APS is configured on OC-12 POS line cards in two different Cisco 10000 series routers that are connected back-to-back and you enter the following sequence of commands:
1. Enter the aps force pos slot/subslot/port from working interface configuration command on both routers.
2. Enter the show aps EXEC command. The output displays the active channels for both routers.
3. Enter the redundancy force-failover main-cpu privileged EXEC command on one of the routers, causing an APS switchover to occur on this router.
Workaround: There is no workaround for this problem. However, when problem occurs, there is no loss of data.
|
CSCea63638
|
When Automatic Protection Switching (APS) is enabled, if you issue the hw-module reset command on the primary APS slot, no change is observed because the router does not switch to the secondary APS slot. This problem occurs when the hw-module reset command is issued.
Workaround: There is no workaround for this problem.
|
CSCec13372
|
The router can generate wrong or misleading sub-pool or global pool flooding messages when up or down thresholds for MPLS TE resource availability (bandwidth) are crossed. The configured thresholds for MPLS TE resource availability are crossed when defining bandwidth on the MPLS tunnel interface reserved on the physical interface/subinterface.
Workaround: There is no workaround for this problem.
|
CSCec37207
|
On Cisco 10000 series routers running in PTA mode, PPPoEoA sessions using bandwidth queues drop packets if a priority queue is also configured in the policy map. When there is traffic sent to priority queue, all other queues can drop packets below line rate if the traffic consists of small packets.
Workaround: There is no workaround for this problem.
|
CSCec42315
|
When scaling to 12000 Frame Relay DLCI interfaces, line rate traffic may not be achieved. This problem occurs when thousands of Frame Relay DLCIs are used on the port and line rate traffic is sent through all interfaces.
Workaround: There is no workaround for this problem.
|
CSCec42451
|
The RIP routing protocol does not function properly over VLAN interfaces with IP unnumbered.
Workaround: There is no workaround for this problem.
|
CSCec43937
|
When you run hierarchical shaping, a small number of UPC violations can occur on a DS3 ATM interface on an LS1010 that is connected to a LAC. The traffic shaped by the LAC is slightly above the tunnel PCR. The number of violations does not depend on the tunnel oversubscription but seems to be proportional to the tunnel PCR.
Workaround: There is no workaround for this problem.
|
CSCec48111
|
When sending 64 byte packets through 300 serial interfaces or more, line rate traffic may not be achieved. This problem occurs with 64 byte packets and a large number of interfaces.
Workaround: There is no workaround for this problem.
|
CSCec80927
|
Call setup rate slower is for a particular configuration running on a 12.3(6)TX image compared with 12.2(16)BX. If the mtu command is added to the vtemplate for sessions, the command processing for the command takes significantly longer on a 12.3(6)TX image as compared to a 12.3(16)BX image.
Workaround: Remove the mtu command from the vtemplate configuration.
|
CSCec85628
|
Outgoing traffic is above VP speed on an 8e3d3atm line card. For this problem to occur, the total SCR value of all VBR-nrt VCs in a VP is above 80 percent of the VPs PCR value but still smaller than the total VP bandwidth (PCR). All the VCs should be overdriven by outgoing traffic.
Workaround: There is no workaround for this problem.
|
CSCed03248
|
The CLI error "IP address is already defined as an interface" appears when the address is not used anywhere in the running configuration. The error occurs when the IP address was used by a serial interface and the interface was removed or unconfigured from the system.
Workaround: Use the no ip address command before removing a serial interface or use a different IP address (if possible).
|
CSCed17570
|
When using thousands of QoS queues with WRED configured in each queue, a traceback message can appear when you execute the microcode reload pxf command. The traceback message appears only when thousands of PXF queues are configured with random-detect enabled and the microcode reload pxf command is issued.
Workaround: There is no workaround for this problem.
|
CSCed20626
|
'Exec' process CPUHOG occurs. This is caused by the dir all command, probably due to the attempted accesses to the secondary's PCMCIA slots.
Workaround: None needed. The router continues to function, but the console is unusable for a short while(10-30 seconds). Alternatively, use the dir device commands only for known good device names.
|
CSCed29494
|
The maximum queue limit for a low -peed link is 4096, but the system allows you to set the queue limit to 8192.
Workaround: There is no workaround for this problem.
|
CSCed54867
|
The input service policy does not match traffic as shown by the show policy-map interface command if there is no action associated for that class.
Workaround: The workaround is to set up an action such as "set" or "police".
|
CSCed59185
|
When you apply the following example configuration to an output interface that is MPLS enabled, and send traffic from the CPU of the local router (ping other routers or hosts), the traffic is not policed by the policy map.
police 104000 5000 150800 conform-action transmit exceed-action drop
violate-action drop
This problem only affects the traffic from the router CPU, and does not affect traffic passing through the router.
Workaround: There is no workaround for this problem.
|
CSCed62503
|
When you apply a policy map to a tunnel interface on a router configured with a PRE2 processor, a traceback message appears. This problem occurs when the policy map is applied to a tunnel interface.
Workaround: There is no workaround for this problem.
|
CSCed65349
|
When you configure 2000 PPP interfaces, traffic does not reach 99percent of the line rate after performing 4 HA RPR switchovers. The traffic rates keep fluctuating.
Workaround: There is no workaround for this problem.
|
CSCed68868
|
A traceback message appears when you unconfigure the spoke PE router configured for half-duplex VRF over PPPoE. This problem occurs with 32k PPPoE sessions and 40 spoke VRF, therefore scaling to high values.
Workaround: There is no workaround for this problem.
|
CSCed70202
|
A traceback message appears when you unconfigure the hub PE router configured for half-duplex VRF. This problem occurs with 32k sessions, therefore scaling to high values.
Workaround: There is no workaround for this problem.
|
CSCed71107
|
When 2 time-based ACLs are configured to deny traffic at the same time and are applied to different interfaces, one of the ACLs fails to work properly.
Workaround: There is no workaround for this problem.
|
CSCed72023
|
Excessive CPU utilization is detected for 5 minutes after unconfiguring half-duplex VRF with a large number of PPPoE user sessions. This problem occurs with 32k PPPoE sessions, therefore scaling to high values.
Workaround: There is no workaround for this problem.
|
CSCed72338
|
The system allows non-nested queuing policy maps to be applied via the frame-relay map-class command on Frame Relay main interfaces and subinterfaces; it should not allow such policy maps to be configured.
Workaround: There is no workaround for this problem.
|
CSCed86371
|
Automation Protection Switching (APS) active state does not stay with the lowest active odd port after a PRE switchover.
Workaround: There is no workaround for this problem.
|
CSCed88782
|
The secondary port does not go to a working state during a signal degrade of the primary port using threshold SON ERR RAT 1e-6.
Workaround: Set the BIP threshold to 6; do not set the BIP threshold to 7.
|
CSCee02536
|
When configuring MPLS Layer 3 VPN, the PXF CEF/FIB table can hold up to 4085 VRFs, although it is designed to hold 4095 VRFs. If more than 4085 VRFs are configured, 10 of those VRFs do not have an entry in PXF CEF/FIB table, so traffic is not forwarded in those 10 VRFs.
Workaround: There is no workaround for this problem.
|
CSCee03801
|
After you issue the clear ip bgp * command, a Cisco 10000 series router takes longer than 30 minutes to achieve convergence. eBGP sessions between PE and CE routers can go up and down multiple times, and the IGP routing protocol and LDP session can also go down and up again.
These problems occur under the following conditions:
1. 4095 VRFs are configured on a router
2. 500 eBGP sessions are established between the router (PE) and CE routers
3. 540 VRF routes per VRF in the 500 VRFs that are running eBGP between PE and CE routers
4. 40 VRF routes per VRF in the rest of 3595 VRF
Workaround: There is no workaround for this problem.
|
CSCee06089
|
When you apply a nested policy map using the bandwidth command in the child policy map to a POS OC48 interface, PXF stops responding. This problem occurs when you allocate a small amount of bandwidth, and it only occurs on POS OC48 interfaces.
Workaround: Allocate more bandwidth in the child policy map.
|
CSCee14864
|
Policing under a created queue, when attached at an MLP interface, accounts for only 2 bytes of the L2 header, so that policing is done at a higher rate than configured. This can cause a problem with priority queue CBWFQ functionality because the priority queue is configured with policing and its dequeue rate can be higher than intended.
Workaround: Do not configure policing under a created queue.
|
CSCee15674
|
When broadband PTA is configured with 114,000 queues, executing the microcode reload pxf command causes the ATM interface to display a big number of total output drops.
Workaround: Clear the counters.
|
CSCee20418
|
If the you change the amount of intercepted streams from 8 to 2 streams, the wrong amount of packets is intercepted. This occurs in Lawful Interception scenarios.
Workaround: There is no workaround for this problem.
|
CSCee25615
|
This problem occurs when almost all the system resources (VCCI) are in use, after an OIR (slot reset) is issued, and in the OC3 ATM line card. The reason it occurs in the OC3 ATM line card is that it happens in an ATM line card with multiple ports. The symptom is that all the sessions in the same port stop passing traffic after OIR.
Workaround: There is no workaround for this problem.
|
CSCee27630
|
A low-bandwidth class can be allocated more than its share of bandwidth at the expense of a high-bandwidth class. This problem occurs when the ratio of the configured bandwidths between two data classes is high (8:1 or higher) and when there is a priority class that receives traffic at (at least) 20 percent of the line rate. The traffic that is received by the data classes should be in the ratio of the configured bandwidths.
Workaround: There is no workaround for this problem.
|
CSCee42746
|
When using multiple intercepts in Lawful Intercept mode, the MIB information is not completely cleared after intercepts are cleared from SNMP. This problem occurs when 35 or more streams are intercepted at the same time.
Workaround: Use Cisco IOS to delete the stream that was not deleted by SNMP.
|
CSCee44273
|
The show activity line card debug command shows the VC configuration from the perspective of the line card, but the autovc information is not shown. Also, after you delete or create an autovc, the counter is inaccurate.
Workaround: There is no workaround for this problem.
|
CSCee45306
|
With 40 or more intercept streams in Lawful Intercept mode, the LI engine fails to intercept correctly for UDP traffic. This problem occurs when 40 or more streams are intercepted at the same time.
Workaround: There is no workaround for this problem.
|
CSCee45378
|
When intercepting streams at 5 Mbps or above in Lawful Intercept, the router CPU runs at about 78 percent of capacity. This problem occurs when 35 or more streams are intercepted at the same time.
Workaround: There is no workaround for this problem.
|
CSCee50060
|
A Cisco 10000 series router with PPPoA VCs can, under abnormal conditions (such as a denial-of-service attack involving the sending of PPPoA data packets before the PPPoA session is up), experience heavy RP CPU use. The router with PPPoA VCs can forward PPPoA data packets for non-existent sessions.
This problem occurs when PPPoA data traffic is sent before the session reaches the PTA forwarded state. A normal PPPoA client does not send traffic before the session is up.
Workaround: Configure RPF on all ATM subinterfaces containing PPPoA sessions. The subinterface should have an RPF check in addition to using an RPF check in the virtual template. Configuring RPF on the subinterface forces all PPPoA data traffic to be dropped by the PXF before the session reaches the PTA forward state.
|
CSCee54408
|
When the 1choc12 line card uses SDH framing, the Path Trace Buffer is unstable for au3 mode. This problem occurs only with SDH framing; the Path Trace Buffer is stable with SONET framing.
Workaround: There is no workaround for this problem.
|
CSCee54426
|
When the 1choc12 line card uses SDH framing, the J1 Path trace message is not received. This problem occurs only with SDH framing; The J1 Path Trace message is received when SONET framing is used.
Workaround: There is no workaround for this problem.
|
CSCee54473
|
A loss of frame (LOF) alarm appears for a T1 when framing SF is configured on both ends. This problem occurs when you configure T1 1 framing sf under AU-3 on a 1 port channelized OC12 line card.
Workaround: There is no workaround for this problem.
|
CSCee54971
|
The show policy-map interface command output does not display the layer 2 frame size correctly. The actual output policing rate is 6.6 percent higher than the configured policing rate on gigabit Ethernet and POS OC48 interfaces. The problem occurs when a police command is configured in a policy map, and the policy map is applied to a gigabit Ethernet or POS OC48 interface as an output policy map.
Workaround: Use shaping instead of policing.
|
CSCee55828
|
You cannot configure t1 1 framing esf and t1 loopback remote at the same time on a 1-port channelized OC12 line card. This problem occurs when you configure t1 1 framing esf under an AU-4 on a 1-port channelized OC12 line card.
Workaround: Configure t1 1 framing esf without the loopback configured for the T1.
|
CSCee57219
|
The set cos command in an output policy map applied to a VLAN subinterface does not work if the outgoing traffic is MPLS packets (with MPLS labels). The problem occurs when outgoing traffic is MPLS packets.
Workaround: There is no workaround for this problem.
|
CSCee57357
|
When scaling Frame Relay DLCIs on routers running IOS version 12.3(7)XI, traceback messages can appear on the console when bringing up the high number of DLCIs. This problem occurs when there are more than 3000 DLCIs on the interface.
Workaround: There is no workaround for this problem.
|
CSCee58454
|
On a router running 12.3(7)XI, if the LAC tries to redirect a call to the bid-winning LNS and fails after three attempts, a new RADIUS disconnect cause code with the value as 608 is not being sent to RADIUS by the LAC.
Workaround: There is no workaround for this problem.
|
CSCee60038
|
When a proxy service profile defined with V & X attributes is configured locally on the router, which is enabled to run SSG, an SSG host cannot activate the service it has been subscribed to.
Workaround: There is no workaround for this problem.
|
CSCee60101
|
ALIGN-3 traceback messages are displayed while running regression tests on a channelized OC12 line card with sonet 768 encap with E1 framing. This problem does not seem to affect the functionality of the card.
Workaround: There is no workaround for this problem.
|
CSCee61067
|
In 2-level policy map configurations using a parent shaper, the shaped traffic rate might not be within plus or minus 1 percent of the configured value. This problem occurs with certain parent shaper values and mostly small packet sizes.
Workaround: There is no workaround for this problem.
|
CSCee61485
|
Several PIM-related messages appear on the console when you remove, then re-apply a PIM configuration on the interface. This problem occurs when the removal and re-application of the configuration is done in a rapid manner.
Workaround: There is no workaround for this problem.
|
CSCee61502
|
When configuring an MLPPP interface on a redundant system, the standby PRE adds the no ip route-cache cef interface command to multilink interfaces. This additional line causes the system to generate the following error when the new standby PRE is reloaded:
May 19 13:20:47.222 EDT: %REDUNDANCY-3-CONFIG_SYNC: Active and Standby
bulk configuration out of sync
Workaround: Remove the no ip route-cache cef command from each multilink interface.
|
CSCee62159
|
Actual output and expected output for packet 1 does not match at nibble 8. This packet (packet_no 1, fragment_no : 1) is received in the wrong order. Other packets are also received in the wrong order. This problem occurs with the bootflash:c10k2-p11-mz.v123_7_xi_throttle.040510 image and the test is passed with Feb17 bba image.
Workaround: There is no workaround for this problem.
|
CSCee63636
|
MPLS:Traceroute does not show Labels being switched-propagate-ttl ON.
Workaround: There is no workaround for this problem.
|
CSCee64067
|
Traffic is not forwarded to an RBE client in a VRF. This problem occurs when an RBE client that doesn't respond to ARP requests, exists in a MPLS VPN. A static ARP entry for the client must be configured on the access router but the traffic is still not forwarded due to this problem
Workaround: There is no workaround for this problem.
|
CSCee65789
|
A 4% packet drop is seen for various packet sizes over a 1choc12-sdh interface when running performance/scalability tests.
Workaround: There is no workaround for this problem.
|
CSCee66066
|
BERT testing over a clear channel DS3 interface for the 1CHOC12 line card fails as a result of the DS3 interface, which remains in a DOWN state.
Workaround: There is no workaround for this problem.
|
CSCee66091
|
During SNMP polling of the AAA Server MIB, the casDeadCount variable can cause a CPU hog on the router. This problem occurs with a large number of RBE interfaces (16K) and bi-directional traffic running.
Workaround: There is no workaround for this problem.
|
CSCee66314
|
In Lawful Intercept mode a traceback message might appear on the Intercept Access Point (IAP) router when the interface to the mediation router is shut down. This problem occurs when traffic is sent through the IAP and interception is turned on.
Workaround: There is no workaround for this problem.
|
CSCee68404
|
If a PRE2 is in the early process of booting up, sometimes the SEND-BREAK character sequence can cause the router to crash instead of gracefully dropping back into ROMMON. This problem occurs when the PRE2 is in the early stages of the boot process and the SEND-BREAK is issued. If the PRE2 is already booted up, this is not an issue.
Workaround: To gracefully drop the PRE2 into ROMMON, if the configuration register is set to accept SEND-BREAK, wait until the PRE2 is fully booted.
|
CSCee68480
|
Priority queue latency can exceed the threshold of 2MTU+6msec. This problem occurs when more than 3 queues are configured on a interface, in addition to the priority queue.
Workaround: There is no workaround for this problem.
|
CSCee72919
|
AAA accounting records for a PPPoA session terminated on a Cisco 10000 series router in a PTA fashion shows repeated entries for the Framed-Route attribute (attribute 22).
Workaround: There is no workaround for this problem.
|
CSCee72931
|
When a PPPoA session is cleared on the PTA router using the clear pppatm interface ATM X/Y/Z.A command or the clear int virtual-access command, the accounting stop record does not display the Octet and Packet counters. This problem occurs only when the session is cleared on the PTA router. If the user disconnects the session, the counters are displayed correctly.
Workaround: There is no workaround for this problem.
|
CSCee81270
|
When a source sends packets to a destination under the TCP protocol, the destination sends an echo response back to the sender. With the intercepting router configured to intercept "all", those echo packets should also be picked off. This does not occur.
Workaround: There is no workaround for this problem.
|
CSCee86091
|
The show version command does not display the bootloader image name.
Workaround: There is no workaround for this problem.
|
CSCee90904
|
In the presence of a large number of static routes (16k - 32k), line card flap/ router reload/OIR cause high CPU usage for a long period of time.
Workaround: There is no workaround for this problem.
|
CSCee93055
|
When clearing a PPPoE session using the clear pppoe all or clear interface virtual-access x.y command, the router displays the following messages:
XCM access error at ../toaster/c10k_rp/c10kds2_qos.c (4888) Jun 23
12:34:12.587: c10k_ttcm_read: Invalid Address 3FC110A4
This problem occurs when the ATM interface VC is configured with protocol pppoe and dbs enable (Dynamic Bandwidth Selection).
Workaround: There is no workaround for this problem.
|
CSCee94457
|
Actual throughput is lower than expected throughput (94% of expected throughput). This problem occurs when testing CAR (with MQC Policy command) on 4 Port OC3 ATM line card, packet size is 64 bytes, and encapsulation type is aal5snap. There is no problem with a packet size of 128 bytes or higher. If the encapsulation type is aal5mux, no problem is found.
Workaround: There is no workaround for this problem
|
CSCee95619
|
Attribute 1 User-Name is not included in Stop records from LNS. This problem occurs when the LNS router runs the 12.3(5a)B image.
Workaround: There is no workaround for this problem
|
CSCee96582
|
With broadband multipoint 31,500 PVCs with 30k sessions up, 126k queues, and you add a class with the set command in an output policy map on the fly, the router hangs for a long time then crashes. This problem occurs with broadband multipoint PVCs with 30k sessions up, 120k queues, then you add a class with the set command in a policy map on the fly.
Workaround: There is no workaround for this problem. With a large number of sessions and queue scaling, avoid changing policy map on the fly.
|
CSCef00808
|
The show pxf cpu stat security command shows incorrect statistics when Legal Intercept is configured along with time-based or regular access lists. This problem occurs only if Legal Intercept and access lists are configured and are interoperating.
Workaround: There is no workaround for this problem.
|
CSCef05454
|
In a router running 12.3(9), the PPPoA sessions can get stuck in LCP_NEGOTIATION. The problem also occurs in 12.2T. The output of the show atm pvc command shows the number of packet and cell drops incrementing continuously:
InPktDrops: 0, OutPktDrops: 13376/0/13376 (holdq/outputq/total)
InCellDrops: 0, OutCellDrops: 12178
InByteDrops: 0, OutByteDrops: 198692
The status of the sessions cycles between the following states and gets stuck in LCP_NEGOTIATION:
Jul 1 12:41:54.187: PPPATM: ATM2/0.1 1/176 [1220], State =
WAIT_FOR_CALL
Jul 1 12:41:55.139: PPPATM: ATM2/0.1 1/176 [1220], State =
INCOMING_CALL
Jul 1 12:41:55.139: PPPATM: ATM2/0.1 1/176 [1220], State =
NAS_PORT_POLICY_INQUIRY
Jul 1 12:41:55.139: PPPATM: ATM2/0.1 1/176 [1220], State = PPP_START
Jul 1 12:41:55.139: PPPATM: ATM2/0.1 1/176 [1220], State =
LCP_NEGOTIATION
Workaround: Reload the router.
|
CSCef08967
|
The WRED sampling frequency is too slow, which can cause jitter for the overall algorithm.
Workaround: There is no workaround for this problem.
|
CSCef09119
|
With broadband PTA 128k queue with input and output policy map, removing the input policy from Virtual-Template causes a CPUHOG traceback message. This occurs when configuring 31.5k ATM subinterfaces with output CBWFQ policy, and input police policy in Virtual-Template, bringing up 30k PPPoE sessions, and removing the input policy map.
Workaround: There is no workaround for this problem.
|
CSCef14249
|
When sending traffic with 1024 byte large size packets over 120k queues with 80 percent oc12atm line rate, traffic drops 10 percent due to buffer_low packet drop. This problem occurs when 120k queue scaling is configured with only large packet size traffic.
Workaround: There is no workaround for this problem. Send traffic with mixed size packets, tending to small packets.
|
CSCef15141
|
On Cisco 10000 routers running 12.3(7)XI, the Priority Queue latency values (in milliseconds) is higher than 2*MTU + 6ms on 4Mbps and 8Mbps subrates of the 8e3ds3 line card.
Workaround: There is no workaround for this problem.
|
CSCef17801
|
When configuring over 2000 Frame-Relay DLCI interfaces on a 1choc12 line card, the router's CPU runs over 30% of its capacity. This problem occurs only if the number of Frame-Relay sub-interfaces is over 2000.
Workaround: There is no workaround for this problem.
|
CSCef18947
|
The show vlans command does not report the correct statistics when a second CPU is enabled on 7301/NPPEG1 platforms.
Workaround: Disable the second CPU, however, this affects performance.
|
CSCef19259
|
If autovc is configured, tracebacks can occur when an ATM VC is deactivated.
Workaround: There is no workaround for this problem.
|
CSCef20523
|
PPPoEoA sessions using CBWFQ experience BQ drops. In some cases, when aggregate traffic is near the VC rate, the BQ tail drops packets. This problem appears with low bandwidth VCs, in this case 196 kbps.
Workaround: Changing the queue-limit via the policy map and/or the VC queue depth will improve the result.
|
CSCef24008
|
When using a 4choc3 line card and 300 or more VT T1 interfaces are configured with PPP encapsulation, some T1 links do not achieve full traffic line rate. This problem occurs when all 300+ interfaces are sending traffic at line rate concurrently.
Workaround: There is no workaround for this problem
|
CSCef24551
|
When running Automated Protection Switching (APS), the router can experience traffic loss after the hw-module slot x reset command is executed.
Workaround: Avoid executing hw-module slot x reset.
|
CSCef27202
|
On Cisco 10000 series routers running in PTA mode, a CPU hog message appears if you execute the show vpdn session command when there are more than 30,000 sessions active. This problem occurs if the number of active sessions is large.
|
