cc/td/doc/product/software
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Release Notes for Cisco IOS Release 11.2

Release Notes for Cisco IOS Release 11.2

July 19, 1999

These release notes describe the features and caveats for Cisco IOS Release 11.2, up to and including Release 11.2(19). They include all routing and access server features.

Cisco IOS Release 11.2(13) and all subsequent 11.2 releases are deemed "Generally Deployable." (For Cisco RSP7000/7500 images, 11.2(13a) is the "Generally Deployable" release number.) Cisco believes Release 11.2 is suitable for deployment anywhere in the network where the features and functionality of the release are required.

Introduction

These release notes discuss the following topics:

Documentation

For Cisco IOS Release 11.2, the Cisco IOS documentation set consists of eight modules, each module consisting of a configuration guide and a command reference. The documentation set also includes five supporting documents.

Note The most up-to-date Cisco IOS documentation can be found on the latest Documentation CD-ROM and on the Web. These electronic documents contain updates and modifications made after the paper documents were printed.

The books and chapter topics are as follows:

Books Chapter Topics

· Configuration Fundamentals Configuration Guide

· Configuration Fundamentals Command Reference

Access Server and Router Product Overview

User Interface

System Images and Configuration Files

Using ClickStart, AutoInstall, and Setup

Interfaces

System Management

· Security Configuration Guide

· Security Command Reference

Network Access Security

Terminal Access Security

Accounting and Billing

Traffic Filters

Controlling Router Access

Network Data Encryption with Router Authentication

· Access Services Configuration Guide

· Access Services Command Reference

Terminal Lines and Modem Support

Network Connections

AppleTalk Remote Access

SLIP and PPP

XRemote

LAT

Telnet

TN3270

Protocol Translation

Configuring Modem Support and Chat Scripts

X.3 PAD

Regular Expressions

· Wide-Area Networking Configuration Guide

· Wide-Area Networking Command Reference

ATM

Dial-on-Demand Routing (DDR)

Frame Relay

ISDN

LANE

PPP for Wide-Area Networking

SMDS

X.25 and LAPB

· Network Protocols Configuration Guide, Part 1

· Network Protocols Command Reference, Part 1

IP

IP Routing

· Network Protocols Configuration Guide, Part 2

· Network Protocols Command Reference, Part 2

AppleTalk

Novell IPX

· Network Protocols Configuration Guide, Part 3

· Network Protocols Command Reference, Part 3

Apollo Domain

Banyan VINES

DECnet

ISO CLNS

XNS

· Bridging and IBM Networking Configuration Guide

· Bridging and IBM Networking Command Reference

Transparent Bridging

Source-Route Bridging

Remote Source-Route Bridging

DLSw+

STUN and BSTUN

LLC2 and SDLC

IBM Network Media Translation

DSPU and SNA Service Point Support

SNA Frame Relay Access Support

APPN

NCIA Client/Server Topologies

IBM Channel Attach

· Cisco IOS Software Command Summary

· Access Services Quick Configuration Guide

· System Error Messages

· Debug Command Reference

· Cisco Management Information Base (MIB) User Quick Reference

These documents are available as printed manuals or electronic documents.

You can access the electronic documents either on the Cisco Documentation CD-ROM or at Cisco Connection Online (CCO) on the World Wide Web.

On the Documentation CD-ROM, go to the Cisco IOS Software Configuration database, select Cisco IOS Release 11.2, and follow the link to the Cisco IOS Configuration Guides and Command References.

Additional information about CCO and the Documentation CD-ROM is in the sections "Cisco Connection Online" and "Documentation CD-ROM" at the end of these release notes.

Platform Support for Release 11.2

Cisco IOS Release 11.2 supports the following router platforms:

Table 1 and Table 2 summarize the LAN interfaces supported on each platform.

Table 3 and Table 4 summarize the WAN data rates and interfaces supported on each platform.


Table 1: LAN Interfaces Supported by Router Platforms, Part 1
Interface Cisco 7500 Series Cisco 7200 Series Cisco 7000 Series Cisco 4000 Series Cisco 3000 Series1 Cisco 2500 Series

Ethernet (AUI)

Yes

Yes

Yes

Yes

Yes

Yes

Ethernet (10BaseT)

Yes

Yes

Yes

Yes

No

Yes (2505, 2507, 2516, 2518, 2520, 2522, and 2524 only)

Ethernet (10BaseFL)

Yes

Yes

Yes

No

No

No

Fast Ethernet (100BaseTX)

Yes

Yes

Yes

No

No

No

Fast Ethernet (100BaseFX)

Yes

Yes

Yes

No

No

No

4-Mbps Token Ring

Yes

Yes

Yes

Yes

Yes

Yes

16-Mbps Token Ring

Yes

Yes

Yes

Yes

Yes

Yes

FDDI DAS

Yes

Yes

Yes

Yes

No

No

FDDI SAS

Yes

No

Yes

Yes

No

No

FDDI multimode

Yes

Yes

Yes

Yes (DAS/
SAS)

No

No

FDDI single-mode

Yes

Yes

Yes

Yes

No

No

ATM Interface

Yes

No

Yes

Yes

No

No

Channel Interface

Yes

No

Yes

No

No

No

Second-Generation Channel Interface 2

Yes

No

Yes

No

No

No

Parallel Channel Adapter (Bus and Tag)

Yes

No

Yes

No

No

No

ESCON Channel Adapter (ECA)

Yes

No

Yes

No

No

No

Versatile Interface

Yes

No

Yes

No

No

No

Second-Generation Versatile Interface 2

Yes

No

Yes

No

No

No

MultiChannel Interface (Channelized E1/T1)

Yes

No

Yes

Yes

No

No

Packet-Over-SONET OC-3 Interface2

Yes

No

Yes

Yes

No

No

Synchronous Serial

Yes

Yes

Yes

Yes

Yes

Yes

1Except the Cisco 3202.
2In the Cisco 7000 series routers (Cisco 7000 and Cisco 7010), these interfaces require a Cisco 7000 with RP/SP or RP/SSP, or the 7000 Series Route Switch Processor (RSP7000) and the 7000 Series Chassis Interface (RSP7000CI). The RSP7000 and RSP7000CI are required for Cisco 7000 series routers with a VIP2.


Table 2: LAN Interfaces Supported by Router Platforms, Part 2
Interface Cisco 1003/
1004 		Cisco 1005 Cisco 1000 LAN Extender Access-
Pro PC Card 		AS5100 AS5200

Ethernet (AUI)

No

No

Yes

No

Yes

Yes

Ethernet (10BaseT)

Yes

Yes

Yes

Yes

No

No

Ethernet (10BaseFL)

No

No

No

No

No

No

Fast Ethernet (100BaseTX)

No

No

No

No

No

No

Fast Ethernet (100BaseFX)

No

No

No

No

No

No

4-Mbps Token Ring

No

No

No

Yes

No

No

16-Mbps Token Ring

No

No

No

Yes

No

No

FDDI DAS

No

No

No

No

No

No

FDDI SAS

No

No

No

No

No

No

FDDI multimode

No

No

No

No

No

No

FDDI single-mode

No

No

No

No

No

No

ATM Interface

No

No

No

No

No

No

Channel Interface

No

No

No

No

No

No

Second-Generation Channel Interface

No

No

No

No

No

No

Parallel Channel Adapter (Bus and Tag)

No

No

No

No

No

No

ESCON Channel Adapter (ECA)

No

No

No

No

No

No

Versatile Interface

No

No

No

No

No

No

Second-Generation Versatile Interface

No

No

No

No

No

No

MultiChannel Interface (Channelized E1/T1)

No

No

No

No

No

Yes

Packet-Over-SONET OC-3 Interface

No

No

No

No

No

No

Synchronous Serial

No

No

No

No

Yes

No


Table 3: WAN Data Rates and Interfaces Supported by Router Platforms, Part 1
Cisco 7500 Series Cisco 7200 Series Cisco 7000 Series Cisco 4000 Series Cisco 3000 Series1 Cisco 2500 Series
Data Rate

48/56/64 kbps

Yes

Yes

Yes

Yes

Yes

Yes

1.544/2.048 Mbps

Yes

Yes

Yes

Yes

Yes

Yes

34/45/52 Mbps

Yes

Yes

Yes

No

No

No

Interface

EIA/TIA-232

Yes

Yes

Yes

Yes

Yes

Yes

X.21

Yes

Yes

Yes

Yes

Yes

Yes

V.35

Yes

Yes

Yes

Yes

Yes

Yes

EIA/TIA-449

Yes

Yes

Yes

Yes

Yes

Yes

EIA-530

Yes

Yes

Yes

Yes

Yes

Yes

EIA/TIA-613 (HSSI)

Yes

No

Yes

No

No

No

ISDN BRI

No

No

No

Yes

Yes

Yes

ISDN PRI

Yes

No

Yes

Yes

No

No

E1-G.703/G.704

Yes

No

Yes

Yes

No

No

1Except the Cisco 3202.


Table 4: WAN Data Rates and Interfaces Supported by Router Platforms, Part 2
Cisco 1003/
1004 		Cisco 1005 Cisco 1000 LAN Extender Access-Pro PC Card AS5100 AS5200
Data Rate

48/56/64 kbps

Yes

Yes

Yes

Yes

Yes

Yes

1.544/2.048 Mbps

No

Yes

Yes

Yes

Yes

Yes

34/45/52 Mbps

No

No

No

No

No

No

Interface

EIA/TIA-232

No

Yes

No

Yes

Yes

Yes

X.21

No

Yes

Yes

Yes

Yes

Yes

V.35

No

Yes

Yes

Yes

Yes

Yes

EIA/TIA-449

No

Yes

No

Yes

Yes

Yes

EIA-530

No

Yes

No

Yes

Yes

Yes

EIA/TIA-613 (HSSI)

No

No

No

No

No

No

ISDN BRI

Yes

Yes

No

Yes

No

No

ISDN PRI

No

No

No

No

No

Yes

E1-G.703/G.704

No

No

No

No

No

Yes

Cisco IOS Packaging

In Cisco IOS Release 11.2, feature sets have been updated to make it easier to select the exact feature sets you need. Feature set names are simplified and are more consistent across Cisco hardware platforms. In addition, you can add options to the standard feature set offerings. These options provide additional features and value, based on the hardware platform selected. Cisco also continues to offer specialized feature sets for key applications.

Table 5 provides a matrix of the new feature set organization and shows which feature sets are available on the various hardware platforms. These feature sets only apply to Cisco IOS Release 11.2.

An explanation of the table entries follows:

Cisco IOS images with strong encryption (including, but not limited to 56-bit DES) are subject to U.S. Government export controls, and have a limited distribution. Images to be installed outside the U.S. require an export license. Customer orders may be denied or subject to delay due to U.S. Government regulations. Contact your sales representative or distributor for more information, or send e-mail to export@cisco.com.

Note Release 11.2 introduces new feature-set image names for several feature sets that were available in earlier releases. For example, the prefix "igs-" has been replaced with "c2500-." Image names have been changed to facilitate identifying the platform on which the image runs. See the section "Memory Requirements for Release 11.2" for more information.


Table 5: Cisco IOS Release 11.2 Feature Set Matrix
Feature Set Hardware Platform
Cisco 1000
Series 		Cisco 2500 Series and AS5100 Cisco 4000 Series Cisco 7000 Series1, 2 Cisco 7200 Series1 Cisco 7500 Series1 Cisco AS5200
Standard Feature Sets

IP

Basic

Basic, Plus, and
Encryption

Basic, Plus, and
Encryption

Basic

Basic

Basic and
Encryption

Basic and
Plus

Desktop (IP/IPX/AppleTalk/DEC)

-

Basic, Plus, and
Encryption

Basic, Plus, and
Encryption

Basic

Basic

Basic and
Encryption

Basic and
Plus

Enterprise

-

Basic, Plus, and
Encryption

Basic, Plus, and
Encryption

Basic

Basic

Basic and
Encryption

Basic and
Plus

Enterprise and APPN

-

Plus and
Encryption

Plus and
Encryption

Basic

Basic

Basic and
Encryption

-

IP/IPX/IBM and APPN

-

Basic

Basic

-

-

-

-

Desktop/IBM and APPN

-

-

-

Basic

Basic

Basic

-

Cisco 1000 Series Only Feature Sets

IP/IPX

Basic

-

-

-

-

-

-

IP/AppleTalk

Basic

-

-

-

-

-

-

IP/IPX/AppleTalk

Basic, Plus, and
Encryption

-

-

-

-

-

-

IP/OSPF/PIM

Basic

-

-

-

-

-

-

IP/Async

Basic

-

-

-

-

-

-

IP/IPX/Async

Basic

-

-

-

-

-

-

Special Applications

-

-

-

-

-

-

Layer 3 Bridging

-

-

-

-

Basic

-

-

CFRAD

-

Basic

-

-

-

-

-

LANFRAD

-

Basic

-

-

-

-

-

ISDN

-

Basic

-

-

-

-

-

Remote Access Server

-

Basic

-

-

-

-

-

1Basic images for the Cisco 7000 series, 7200 series, and 7500 series include additional functionality not found in the basic feature sets offered on the other hardware platforms.
2Both Versatile Interface Processor (VIP) and non-VIP options are available.

Feature Set Tables

The Cisco IOS software is available in different feature sets depending upon the platform. Table 6 lists the feature sets for the Cisco 7500 and Cisco 7000 series. Table 7 lists the feature sets for the Cisco 7200 series. Table 8 lists the optional feature set licenses for the Cisco 7000, Cisco 7200, and Cisco 7500 series. Table 9 lists the feature sets for the Cisco 2500 series, Cisco 4000, Cisco 4500, and Cisco 4700 series. Table 10 lists platform-specific feature sets for the Cisco 2500 series and Cisco AS5100. Table 11 lists the feature sets for the Cisco AS5200. Table 12 lists the software for the Cisco 1003 and Cisco 1004 ISDN routers and the Cisco 1005 router. Table 13 lists platform-specific software for the Cisco 1005 router.

The tables use the following conventions to identify features:

Note Encryption is not available on the Cisco AS5200, Cisco 7000 series, and Cisco 7200 series platforms.

Some Cisco platforms incorporate plus features into their basic feature sets.


Table 6: Cisco 7000 Series and Cisco 7500 Series Software Feature Sets
Feature Set
 Feature IP Routing Desktop/IBM1 Enterprise1
 LAN Support

Apollo Domain

---

---

Yes

AppleTalk 1 and 22

---

Yes

Yes

Banyan VINES

---

---

Yes

Concurrent routing and bridging (CRB)3

Yes

Yes

Yes

DECnet IV

---

Yes

Yes

DECnet V

---

---

Yes

GRE

Yes

Yes

Yes

Integrated routing and bridging (IRB)4

Yes

Yes

Yes

IP

Yes

Yes

Yes

LAN extension host

Yes

Yes

Yes

Multiring

Yes

Yes

Yes

Novell IPX5

---

Yes

Yes

OSI

---

---

Yes

Transparent and translational bridging

Yes

Yes

Yes

VLANs (ISL6 and IEEE 802.10)

Yes

Yes

Yes

XNS

---

---

Yes

 WAN Services

ATM LAN emulation: DECnet routing, XNS routing, and Banyan VINES support

Yes

Yes

Yes

ATM LAN emulation: Hot Standby Router Protocol (HSRP) and
Simple Server Redundancy Protocol (SSRP)

Yes

Yes

Yes

ATM: Rate queues for SVC per subinterface

Yes

Yes

Yes

ATM: UNI 3.1 signaling for ATM

Yes

Yes

Yes

Combinet Packet Protocol (CPP)

Yes

Yes

Yes

Dialer profiles

Yes

Yes

Yes

Half bridge/half router for CPP and PPP

Yes

Yes

Yes

HDLC

Yes

Yes

Yes

IPXWAN 2.0

---

Yes

Yes

ISDN7

Yes

Yes

Yes

Multichassis Multilink PPP (MMP)

---

---

Yes

NetBEUI over PPP

Yes (7000 series only)

Yes (7000 series only)

Yes

PPP8

Yes

Yes

Yes

Virtual Private Dial-up Network (VPDN)

Yes

Yes

Yes

 WAN Optimization

Bandwidth-on-demand

Yes

Yes

Yes

Custom and priority queuing9

Yes

Yes

Yes

Dial backup

Yes

Yes

Yes

Dial-on-demand

Yes

Yes

Yes

Header10, link and payload compression11

Yes

Yes

Yes

Named IP Access Control List

Yes

Yes

Yes

NetFlow Switching (NFS)12

Yes

Yes

Yes

Snapshot routing

Yes

Yes

Yes

Weighted fair queuing9

Yes

Yes

Yes

 IP Routing

Enhanced IGRP

Yes

Yes

Yes

Enhanced IGRP Optimizations

Yes

Yes

Yes

ES-IS

---

---

Yes

IGRP

Yes

Yes

Yes

IS-IS

---

---

Yes

Named IP Access Control List13

Yes

Yes

Yes

NHRP

Yes

Yes

Yes

Network Address Translation (NAT)14

Yes

Yes

Yes

On Demand Routing (ODR)

Yes

Yes

Yes

OSPF

Yes

Yes

Yes

OSPF Not-So-Stubby-Areas (NSSA)

Yes

Yes

Yes

OSPF On Demand Circuit (RFC 1793)

Yes

Yes

Yes

PIM

Yes

Yes

Yes

Policy-based routing

Yes

Yes

Yes

RIP

Yes

Yes

Yes

RIP Version 2

Yes

Yes

Yes

 Other Routing

AURP

---

Yes

Yes

IPX RIP

---

Yes

Yes

NLSP

---

Yes

Yes

RTMP

---

Yes

Yes

SMRP

---

Yes

Yes

SRTP

---

---

Yes

 Multimedia and Quality of Service

Generic traffic shaping

Yes

Yes

Yes

Random Early Detection (RED)

Yes

Yes

Yes

Resource Reservation Protocol (RSVP)

Yes

Yes

Yes

 Management

AutoInstall

Yes

Yes

Yes

Automatic modem configuration

Yes

Yes

Yes

HTTP Server

Yes

Yes

Yes

RMON events and alarms

Yes

Yes

Yes

SNMP

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

 Security

Access lists

Yes

Yes

Yes

Access security

Yes

Yes

Yes

Extended access lists

Yes

Yes

Yes

Kerberized login

---

---

Yes

Kerberos V client support

---

---

Yes

Lock and Key

Yes

Yes

Yes

MD5 routing authentication

Yes

Yes

Yes

Router authentication and network layer encryption (40-bit or export controlled 56-bit DES)15

 Encrypt

 Encrypt

 Encrypt

RADIUS

Yes

Yes

Yes

TACACS+16

Yes

Yes

Yes

 IBM Support

APPN (optional)1

---

Yes

Yes

BAN for SNA Frame Relay support

---

Yes

Yes

Caching and filtering

---

Yes

Yes

DLSW+17, 18

---

Yes

Yes

Downstream PU concentration (DSPU)

---

Yes

Yes

Frame Relay SNA support (RFC 1490)

---

Yes

Yes

Native Client Interface Architecture (NCIA) Server

---

Yes

Yes

NetView Native Service Point

---

Yes

Yes

QLLC

---

Yes

Yes

Response Time Reporter (RTR)

---

Yes

Yes

SDLC integration

---

Yes

Yes

SDLC transport (STUN)

---

Yes

Yes

SDLC-to-LAN conversion (SDLLC)

---

Yes

Yes

SNA and NetBIOS WAN optimization via local acknowledgment

---

Yes

Yes

SRB/RSRB19

---

Yes

Yes

SRT

---

Yes

Yes

TG/COS

---

---

Yes

TN3270 Server (CIP only)

---

Yes

Yes

 VIP and HSA

VIP and HSA20

Yes

Yes

Yes

VIP221

Yes

Yes

Yes

1Desktop/IBM and Enterprise are available with APPN in a separate feature set. In Cisco IOS Release 11.2, APPN includes APPN Central Registration (CRR) and APPN over DLSw+.
2Includes AppleTalk load balancing.
3Concurrent routing and bridging feature only applies to transparent bridging, not source-route bridging (SRB).
4IRB is not supported on the Cisco 7000 series. On the 7500 series, IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time.
5The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists.
6Note that the only IPX encapsulation supported in ISL is 802.3.
7ISDN support includes calling line identification (ANI), X.25 over the B channel, ISDN subaddressing, and applicable WAN optimization features. Asynchronous ISDN Access (V.120) is only supported in the Enterprise feature set.
8PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, and PPP compression.
9Custom and priority queuing is not currently supported on SMIP or MIP cards.
10IPX header compression (RFC 1553) is available in the feature sets that support IPX.
11X.25 and Frame Relay payload compression.
12NFS is supported on the Cisco 7500 series and Cisco 7000 series with a Route Switch Processor (RSP) only. NFS supports IP over all interfaces with optimal performance on Ethernet, FDDI, and HDLC.
13Named IP Access Control List can only be used by packet and route filters, it is not backward-compatible with earlier Cisco IOS releases, and is not supported with Distributed Fast Switching.
14On the Cisco 7000, NAT is supported with the RSP option only.
15For more details on the new data encryption options, see the beginning of the section "Cisco IOS Packaging." Encryption is not supported on the Cisco 7000.
16TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported.
17DLSw+ over TCP/IP is supported.
18Cisco IOS Release 11.2 introduces several DLSw+ enhancements. See the section "IBM Functionality" in the "New Features in Release 11.2(1)" section for more details.
19SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled.
20HSA support requires Cisco IOS Release 11.1(2) or later releases and is available on the Cisco 7500 series only.
21VIP2 support requires Cisco IOS Release 11.1(5) or later releases, and the RSP7000 for the Cisco 7000 series.


Table 7: Cisco 7200 Series Software Feature Sets
Feature Set
 Feature Network Layer 3 Switching IP Routing Desktop/IBM1 Enterprise1
 LAN Support

Apollo Domain

---

---

---

Yes

AppleTalk 1 and 22

---

---

Yes

Yes

Banyan VINES

---

---

---

Yes

Concurrent routing and bridging (CRB)3

Yes

Yes

Yes

Yes

DECnet IV

---

---

Yes

Yes

DECnet V

---

---

---

Yes

GRE

---

Yes

Yes

Yes

Integrated routing and bridging (IRB)4

---

---

---

---

IP

Yes

Yes

Yes

Yes

LAN extension host

Yes

Yes

Yes

Yes

Multiring

Yes

Yes

Yes

Yes

Novell IPX5

Yes

---

Yes

Yes

OSI

---

---

---

Yes

Transparent and translational bridging

Yes

Yes

Yes

Yes

VLANs (ISL6 and IEEE 802.10)

Yes

Yes

Yes

Yes

XNS

---

---

---

Yes

 WAN Services

Combinet Packet Protocol (CPP)

Yes

Yes

Yes

Yes

Dialer profiles

Yes

Yes

Yes

Yes

Half bridge/half router for CPP and PPP

Yes

Yes

Yes

Yes

HDLC

Yes

Yes

Yes

Yes

IPXWAN 2.0

Yes

---

Yes

Yes

ISDN7

---

Yes

Yes

Yes

Multichassis Multilink PPP (MMP)

---

Yes

Yes

Yes

NetBEUI over PPP

---

---

---

Yes

PPP8

---

Yes

Yes

Yes

Virtual Private Dial-up Network (VPDN)

---

Yes

Yes

Yes

 WAN Optimization

Bandwidth-on-demand

---

Yes

Yes

Yes

Custom and priority queuing

---

Yes

Yes

Yes

Dial backup

---

Yes

Yes

Yes

Dial-on-demand

---

Yes

Yes

Yes

Header9, link and payload compression10

---

Yes

Yes

Yes

NetFlow Switching (NFS)11

---

Yes

Yes

Yes

Snapshot routing

Yes

Yes

Yes

Yes

Weighted fair queuing

---

Yes

Yes

Yes

 IP Routing

Enhanced IGRP

Yes

Yes

Yes

Yes

Enhanced IGRP Optimizations

Yes

Yes

Yes

Yes

ES-IS

---

---

---

Yes

IGRP

Yes

Yes

Yes

Yes

IS-IS

---

---

---

Yes

Named IP Access Control List12

---

Yes

Yes

Yes

Network Address Translation (NAT)

Yes

Yes

Yes

Yes

NHRP

Yes

Yes

Yes

Yes

On Demand Routing (ODR)

Yes

Yes

Yes

Yes

OSPF

Yes

Yes

Yes

Yes

OSPF Not-So-Stubby-Areas (NSSA)

Yes

Yes

Yes

Yes

OSPF On Demand Circuit (RFC 1793)

Yes

Yes

Yes

Yes

PIM

Yes

Yes

Yes

Yes

Policy-based routing

Yes

Yes

Yes

Yes

RIP

Yes

Yes

Yes

Yes

RIP Version 2

Yes

Yes

Yes

Yes

 Other Routing

AURP

---

---

Yes

Yes

IPX RIP

Yes

---

Yes

Yes

NLSP

Yes

---

Yes

Yes

RTMP

Yes

Yes

Yes

Yes

SMRP

---

---

Yes

Yes

SRTP

---

---

---

Yes

 Multimedia and Quality of Service

Generic traffic shaping

Yes

Yes

Yes

Yes

Random Early Detection (RED)

Yes

Yes

Yes

Yes

Resource Reservation Protocol (RSVP)

Yes

Yes

Yes

Yes

 Management

AutoInstall

Yes

Yes

Yes

Yes

HTTP Server

Yes

Yes

Yes

Yes

RMON events and alarms

Yes

Yes

Yes

Yes

SNMP

Yes

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

Yes

 Security

Access lists

Yes

Yes

Yes

Yes

Access security

Yes

Yes

Yes

Yes

Extended access lists

Yes

Yes

Yes

Yes

Kerberized login

---

---

---

Yes

Kerberos V client support

---

---

---

Yes

Lock and key

Yes

Yes

Yes

Yes

MD5 routing authentication

Yes

Yes

Yes

Yes

RADIUS

Yes

Yes

Yes

Yes

TACACS+13

Yes

Yes

Yes

Yes

 IBM Support

APPN (optional)1

---

---

Yes

Yes

BAN for SNA Frame Relay support

---

---

Yes

---

Caching and filtering

---

---

Yes

Yes

DLSw+14, 15

---

---

Yes

Yes

Downstream PU concentration (DSPU)

---

---

Yes

Yes

Frame Relay SNA support (RFC 1490)

---

---

Yes

Yes

Native Client Interface Architecture (NCIA) Server

---

---

Yes

Yes

NetView Native Service Point

---

---

Yes

Yes

Response Time Reporter (RTR)

---

---

Yes

Yes

QLLC

---

---

Yes

Yes

SDLC integration

---

---

Yes

Yes

SDLC transport (STUN)

---

---

Yes

Yes

SDLC-to-LAN conversion (SDLLC)

---

---

Yes

Yes

SNA and NetBIOS WAN optimization
via local acknowledgment

---

---

Yes

Yes

SRB/RSRB16

Yes

---

Yes

Yes

SRT

Yes

---

Yes

Yes

TG/COS

---

---

---

Yes

1Desktop/IBM and Enterprise are available with APPN in a separate feature set. Use the product numbers that specify APPN. APPN includes APPN Central Registration (CRR) and APPN over DLSw+.
2Includes AppleTalk load balancing.
3Concurrent routing and bridging feature only applies to transparent bridging, not source-route bridging (SRB).
4Releases 11.2(1) through 11.2(3) do not support IRB. In a later maintenance release: IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time.
5The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists.
6Note that the only IPX encapsulation supported in ISL is 802.3.
7ISDN support includes calling line identification (ANI), X.25 over the B channel, ISDN subaddressing, and applicable WAN optimization features. Asynchronous ISDN Access (V.120) is only supported in the Enterprise feature set.
8PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, and PPP compression.
9IPX header compression (RFC 1553) is available in the feature sets that support IPX.
10X.25 and Frame Relay payload compression.
11NFS supports IP over all interfaces with optimal performance on Ethernet, FDDI, and HDLC.
12This feature can only be used by packet and route filters, it is not backward-compatible with earlier Cisco IOS releases, and is not supported with Distributed Fast Switching.
13TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported.
14DLSw+ over TCP/IP is supported.
15Cisco IOS Release 11.2 introduces several DLSw+ enhancements. See the section "IBM Functionality" in the "New Features in Release 11.2(1)" section for more details.
16SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled.


Table 8: Optional Feature Set Licenses---Cisco 7000 Series,
Cisco 7200 Series, and Cisco 7500 Series
 Cisco 7000 Series, Cisco 7200 Series, and Cisco 7500 Series
 Optional Feature Set Licenses
 WAN Packet Protocols

ATM DXI

Frame Relay

Frame Relay switching

Frame Relay SVC support (DTE)

Frame Relay traffic shaping

SMDS over ATM

X.25

X.25 switching

 Interdomain Routing1

BGP

BGP42

EGP for Internet scale routing

 VIP/VIP2 support3

Included automatically with VIP order

 CIP Support3, 4

SNA support

TCP/IP offload

 NetFlow Switching5

NetFlow Switching software

1Interdomain routing is automatically included with all Cisco 7000 series RPs with 16-MB RAM. However, this option is appropriate for all other Cisco 7000, 7200, and 7500 series system processors.
2BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps.
3Cisco 7000 and 7500 series only.
4CIP orders must include one or both of the licenses.
5Cisco 7200 series only.


Table 9: Cisco 2500 Series, Cisco 4000, Cisco 4500, and Cisco 4700 Software Feature Sets
Feature Set
 Feature IP Routing  IP/IPX/IBM/APPN1 Desktop
(IP/IPX/AppleTalk/DEC) 		Enterprise2
 LAN Support

Apollo Domain

---

---

---

Yes

AppleTalk 1 and 23

---

---

Yes

Yes

Banyan VINES

---

---

---

Yes

Concurrent routing and bridging (CRB)

Yes

Yes

Yes

Yes

DECnet IV

---

---

Yes

Yes

DECnet V

---

---

---

Yes

GRE

Yes

Yes

Yes

Yes

Integrated routing and bridging (IRB)4

Yes

Yes

Yes

Yes

IP

Yes

Yes

Yes

Yes

LAN extension host

Yes

Yes

Yes

Yes

Multiring

Yes

Yes

Yes

Yes

Novell IPX5

---

Yes

Yes

Yes

OSI

---

---

---

Yes

Source-route bridging6

---

---

---

---

Transparent and translational bridging

Yes

Yes

Yes

Yes

VLANs (ISL7 and IEEE 802.10) (Cisco 4500 only)

Plus

---

Plus

Plus

XNS

---

---

---

Yes

 WAN Services

ATM LAN emulation: DECnet routing, XNS routing, and Banyan VINES support (Cisco  4500 and 4700 only)8

---

---

Plus

Plus

ATM LAN emulation: Hot Standby Router Protocol (HSRP) and
Simple Server Redundancy Protocol (SSRP)
(Cisco 4500 and 4700 only)

Plus

---

Plus

Plus

ATM: Rate queues for SVC per subinterface (Cisco 4000, 4500, and 4700 only)

Plus

---

Plus

Plus

ATM: UNI 3.1 signaling for ATM
(Cisco 4500 and 4700 only)

Plus

---

Plus

Plus

Combinet Packet Protocol (CPP)

Yes

Yes

Yes

Yes

Dialer profiles

Yes

Yes

Yes

Yes

Frame Relay

Yes

Yes

Yes

Yes

Frame Relay SVC Support (DTE)

---

---

---

Yes

Frame Relay traffic shaping

Yes

Yes

Yes

Yes

Half bridge/half router for CPP and PPP

Yes

Yes

Yes

Yes

HDLC

Yes

Yes

Yes

Yes

IPXWAN 2.0

---

Yes

Yes

Yes

ISDN9

Yes

Yes

Yes

Yes

Multichassis Multilink PPP (MMP)

---

---

---

Yes

NetBEUI over PPP

---

---

---

Yes

PPP10

Yes

Yes

Yes

Yes

SMDS

Yes

Yes

Yes

Yes

Switched 56

Yes

Yes

Yes

Yes

Virtual Private Dial-up Network (VPDN)

Plus

---

Plus

Yes

X.2511

Yes

Yes

Yes

Yes

 WAN Optimization

Bandwidth-on-demand

Yes

Yes

Yes

Yes

Custom and priority queuing

Yes

Yes

Yes

Yes

Dial backup

Yes

Yes

Yes

Yes

Dial-on-demand

Yes

Yes

Yes

Yes

Header12, link and payload compression

Yes

Yes

Yes

Yes

Snapshot routing

Yes

Yes

Yes

Yes

Weighted fair queuing

Yes

Yes

Yes

Yes

 IP Routing

BGP

Yes

Yes

Yes

Yes

BGP413

Yes

Yes

Yes

Yes

EGP

Yes

Yes

Yes

Yes

Enhanced IGRP

Yes

Yes

Yes

Yes

Enhanced IGRP Optimizations

Yes

Yes

Yes

Yes

ES-IS

---

---

---

Yes

IGRP

Yes

Yes

Yes

Yes

IS-IS

---

---

---

Yes

Named IP Access Control List

Yes

Yes

Yes

Yes

Network Address Translation (NAT)

Plus

---

Plus

Plus

NHRP

Yes

Yes

Yes

Yes

On Demand Routing (ODR)

Yes

Yes

Yes

Yes

OSPF

Yes

Yes

Yes

Yes

OSPF Not-So-Stubby-Areas (NSSA)

Yes

Yes

Yes

Yes

OSPF On Demand Circuit (RFC 1793)

Yes

Yes

Yes

Yes

PIM

Yes

Yes

Yes

Yes

Policy-based routing

Yes

Yes

Yes

Yes

RIP

Yes

Yes

Yes

Yes

RIP Version 2

Yes

Yes

Yes

Yes

 Other Routing

AURP

---

---

Yes

Yes

IPX RIP

---

Yes

Yes

Yes

NLSP

---

Yes

Yes

Yes

RTMP

---

---

Yes

Yes

SMRP

---

---

Yes

Yes

SRTP

---

---

---

Yes

 Multimedia and Quality of Service

Generic traffic shaping

Yes

Yes

Yes

Yes

Random Early Detection (RED)14

Yes

Yes

Yes

Yes

Resource Reservation Protocol (RSVP)14

Yes

Yes

Yes

Yes

 Management

AutoInstall

Yes

Yes

Yes

Yes

Automatic modem configuration

Yes

Yes

Yes

Yes

HTTP Server

Yes

Yes

Yes

Yes

RMON events and alarms15

Yes

Yes

Yes

Yes

RMON full (Cisco 2500 only)

Plus

Plus

Plus

Plus

SNMP

Yes

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

Yes

 Security

Access lists

Yes

Yes

Yes

Yes

Access security

Yes

Yes

Yes

Yes

Extended access lists

Yes

Yes

Yes

Yes

Kerberized login

---

---

---

Yes

Kerberos V client support

---

---

---

Yes

Lock and key

Yes

Yes

Yes

Yes

MAC security for hubs16

Yes

Yes

Yes

Yes

MD5 routing authentication

Yes

Yes

Yes

Yes

Router authentication and network layer encryption (40-bit or export controlled 56-bit DES)17

Encrypt

---

Encrypt

Encrypt

RADIUS

Yes

Yes

Yes

Yes

TACACS+18

Yes

Yes

Yes

Yes

 IBM Support (Optional)

APPN (optional)2

---

Yes

---

Yes

BAN for SNA Frame Relay support

Plus

Yes

Plus

Yes

Bisync

Plus

Yes

Plus

Yes

Caching and filtering

Plus

Yes

Plus

Yes

DLSw+ 19

Plus

Yes

Plus

Yes

Downstream PU concentration (DSPU)

Plus

Yes

Plus

Yes

Frame Relay SNA support (RFC 1490)

Plus

Yes

Plus

Yes

Native Client Interface Architecture (NCIA) Server

Plus

Yes

Plus

Yes

NetView Native Service Point

Plus

Yes

Plus

Yes

QLLC

Plus

Yes

Plus

Yes

Response Time Reporter (RTR)

Plus

Yes

Plus

Yes

SDLC integration

Plus

Yes

Plus

Yes

SDLC transport (STUN)

Plus

Yes

Plus

Yes

SDLC-to-LAN conversion (SDLLC)

Plus

Yes

Plus

Yes

SNA and NetBIOS WAN optimization
via local acknowledgment

Plus

Yes

Plus

Yes

SRB/RSRB20

Plus

Yes

Plus

Yes

SRT

Plus

Yes

Plus

Yes

TG/COS

---

---

---

Yes

TN3270

---

---

---

Yes

 Protocol Translation

LAT

---

---

---

Yes

Rlogin

---

---

---

Yes

 Remote Node21

ARAP 1.0/2.022

---

---

Yes

Yes

Asynchronous master interfaces

Yes

Yes

Yes

Yes

ATCP

---

---

Yes

Yes

CPPP

Yes

Yes

Yes

Yes

CSLIP

Yes

Yes

Yes

Yes

DHCP

Yes

Yes

Yes

Yes

IP pooling

Yes

Yes

Yes

Yes

IPX and ARAP on virtual async interfaces

---

---

---

Yes

IPXCP12

---

Yes

Yes

Yes

MacIP

---

---

Yes

Yes

NASI

---

Yes

Yes

Yes

PPP

Yes

Yes

Yes

Yes

SLIP

Yes

Yes

Yes

Yes

 Terminal Services21

LAT23

---

---

---

Yes

Rlogin

Yes

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

Yes

TN3270

---

---

---

Yes

X.25 PAD

Yes

Yes

Yes

Yes

Xremote

---

---

---

Yes

1This feature set has no additional options. It offers a low-end APPN solution for this set of hardware platforms. This feature set is not available for AccessPro PC cards.
2Enterprise is available with APPN in a separate feature set. APPN includes APPN Central Registration (CRR) and APPN over DLSw+. APPN is not available on the AccessPro PC Card.
3Includes AppleTalk load balancing.
4IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time.
5The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists.
6Translational bridging is fast switched by default but can be disabled.
7Note that the only IPX encapsulation supported in ISL is 802.3.
8ATM LAN emulation for Banyan VINES is only supported in Enterprise. The Desktop feature set supports DECnet only.
9ISDN support includes calling line identification (ANI), X.25 over the B channel, ISDN subaddressing, and applicable WAN optimization features.
10PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, Multilink PPP, and PPP compression.
11X.25 includes X.25 switching.
12IPX header compression (RFC 1553) is available in the feature sets that support IPX.
13BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps.
14RED and RSVP are supported in IP/IPX/IBM/APPN for the Cisco 4000, 4500, and 4700 only.
15The RMON events and alarms groups are supported on all interfaces. Full RMON support is available with the Plus feature sets.
16MAC security for hubs is applicable to the following Cisco 2500 series Ethernet hub models: Cisco 2505, Cisco 2507, Cisco 2516, and Cisco 2518.
17For more details, see the description of the new data encryption options in the see the beginning of the section "Cisco IOS Packaging."
18TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported.
19Cisco IOS Release 11.2 introduces several DLSw+ enhancements available in the Plus, Plus 40, and Plus 56 feature sets.
20SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled.
21Supported on access severs (with limited support on router auxiliary ports).
22The Cisco 4000, Cisco 4500, and Cisco 4700 products do not support ARAP 1.0/2.0.
23Use of LAT requires terminal license (FR-L8-10.X= for an 8-user license or FR-L16-10.X= for a 16-user license).


Table 10: Platform-Specific Cisco 2500 Series and AS5100 Access Server Software Feature Sets
Feature Set
 Feature ISDN CFRAD LAN FRAD OSPF LANFRAD1 Remote Access Server
 Platforms Supported

 Cisco 2500 series routers: models 2501, 2502, 2505, 2507, 2509-2515, 2524

---

---

---

---

---

 Cisco 2503I,  Cisco 2504I

Yes

---

---

---

---

 Cisco 2501CF, Cisco 2502CF,
Cisco 2520CF-2523CF

---

Yes

---

---

---

 Cisco 2501LF, Cisco 2502LF,
Cisco 2520LF-2523LF

---

---

Yes

Yes

---

 Cisco 2509-2512,
Cisco AS5100

---

---

---

---

Yes

 LAN Support

AppleTalk 1 and 22

Yes

---

---

---

Yes

Concurrent routing and bridging (CRB)

---

---

---

---

---

DECnet IV

---

---

---

---

---

GRE

Yes

---

Yes

Yes

Yes

Integrated routing and bridging (IRB)3

Yes

Yes

Yes

Yes

Yes

IP

Yes

Yes

Yes

Yes

Yes

Multiring

Yes

---

Yes

Yes

Yes

Novell IPX4

Yes

---

Yes

Yes

Yes

Source-route bridging

---

Yes

Yes

Yes

---

Transparent bridging

---

Yes

Yes

Yes

Yes

Transparent and translational bridging5

Yes

Yes

Yes

Yes

Yes

 WAN Services

Combinet Packet Protocol (CPP)

Yes

Yes

Yes

Yes

Yes

Dialer profiles

Yes

Yes

Yes

Yes

Yes

Frame Relay

---

Yes

Yes

Yes

Yes

Frame Relay traffic shaping

Yes

Yes

Yes

Yes

Yes

Half bridge/half router for CPP and PPP

Yes

Yes

Yes

Yes

Yes

HDLC

---

---

---

---

Yes

IPXWAN 2.0

---

---

Yes

Yes

Yes

ISDN6

Yes

---

---

---

---

Multichassis Multilink PPP (MMP)

---

---

---

---

Yes

NetBEUI over PPP

---

---

---

---

Yes

PPP7

Yes

Yes

Yes

Yes

Yes

SMDS

---

---

---

---

---

Switched 56

---

---

---

---

Yes

Virtual Private Dial-up Network (VPDN)

---

---

---

---

Yes

X.258

---

---

---

---

Yes

 WAN Optimization

Bandwidth-on-demand9

Yes

---

---

---

Yes

Custom and priority queuing

Yes

Yes

Yes

Yes

Yes

Dial backup

Yes

---

---

---

Yes

Dial-on-demand

Yes

---

---

---

Yes

Header10, link and payload compression11

---

Yes

Yes

Yes

Yes

Header11 and link compression

Yes

---

---

---

---

Snapshot routing

Yes

---

---

---

Yes

Weighted fair queuing

Yes

Yes

Yes

Yes

Yes

 IP Routing

BGP

Yes

---

---

---

---

BGP412

Yes

Yes

---

---

---

EGP

Yes

---

---

---

---

Enhanced IGRP

Yes

Yes

Yes

Yes13

Yes

Enhanced IGRP Optimizations

Yes

Yes

Yes

Yes13

Yes

IGRP

Yes

Yes

Yes

Yes

Yes

NHRP

Yes

---

---

---

---

On Demand Routing (ODR)

Yes

Yes

Yes

Yes

Yes

OSPF

Yes

Yes

---

Yes

---

OSPF Not-So-Stubby-Areas (NSSA)

Yes

Yes

---

Yes

---

OSPF On Demand Circuit (RFC 1793)

Yes

Yes

---

Yes

---

PIM

Yes

---

---

---

Yes

Policy-based routing

Yes

---

---

---

Yes

RIP

Yes

Yes

Yes

Yes

Yes

RIP Version 2

Yes

Yes

Yes

Yes

Yes

 Other Routing

AURP

Yes

---

---

---

Yes

IPX RIP

Yes

---

Yes

Yes

Yes

NLSP

---

---

---

---

---

RTMP

Yes

---

---

---

Yes

 Multimedia and  Quality of Service

Generic traffic shaping

Yes

Yes

Yes

Yes

Yes

Random Early Detection (RED)

Yes

Yes

Yes

Yes

Yes

Resource Reservation Protocol (RSVP)

Yes

Yes

Yes

Yes

Yes

 Management

AutoInstall

---

Yes

Yes

Yes

Yes

Automatic modem configuration

---

---

---

---

Yes

HTTP Server

Yes

Yes

Yes

Yes

Yes

RMON events and alarms14

Yes

Yes

Yes

Yes

Yes

SNMP

Yes

Yes

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

Yes

Yes

 Security

Access lists

Yes

Yes

Yes

Yes

Yes

Access security

Yes

Yes

Yes

Yes

Yes

Extended access lists

Yes

Yes

Yes

Yes

Yes

Kerberos V client support

Yes

Yes

Yes

Yes

Yes

Lock and Key

Yes

Yes

Yes

Yes

Yes

MAC security for hubs15

---

---

---

---

---

MD5 routing authentication

Yes

Yes

Yes

Yes

Yes

RADIUS

---

---

---

---

Yes

TACACS+16

Yes

Yes

Yes

Yes

Yes

 IBM Support (Optional)

BAN for SNA Frame Relay support

---

Yes

Yes

Yes

---

Bisync

---

Yes

Yes

Yes

---

Caching and filtering

---

Yes

Yes

Yes

---

DLSw+17

---

Yes

Yes

Yes

---

Frame Relay SNA support (RFC 1490)

---

Yes

Yes

Yes

---

Native Client Interface Architecture (NICA) Server

---

---

---

---

---

NetView Native Service Point

---

Yes

Yes

Yes

---

Polled async (ADT, ADPLEX)

---

Yes

Yes

Yes

---

QLLC

---

Yes

Yes

Yes

---

DLSw (RFC 1795)

---

Yes

Yes

Yes

---

RSRB

---

Yes

---

---

---

SDLC integration

---

Yes

Yes

Yes

---

SDLC transport (STUN)

---

Yes

Yes

Yes

---

SDLC-to-LAN conversion (SDLLC)

---

Yes

Yes

Yes

---

SNA and NetBIOS WAN optimization
via local acknowledgment

---

Yes

Yes

Yes

---

SRB/RSRB18

---

---

Yes

Yes

---

SRT

---

---

Yes

Yes

---

 Protocol Translation

LAT

---

---

---

---

Yes

PPP

---

---

---

---

Yes

Rlogin

---

---

---

---

Yes

Telnet

---

---

---

---

Yes

TN3270

---

---

---

---

Yes

X.25

---

---

---

---

Yes

 Remote Node19

ARAP 1.0/2.020

---

---

---

---

Yes

Asynchronous master interfaces

---

---

---

---

Yes

ATCP

---

---

---

---

Yes

CPPP

---

---

---

---

Yes

CSLIP

---

---

---

---

Yes

DHCP

---

---

---

---

Yes

IP pooling

---

---

---

---

Yes

IPX and ARAP on virtual async interfaces

---

---

---

---

Yes

IPXCP21

---

---

---

---

Yes

MacIP

---

---

---

---

Yes

PPP

---

---

---

---

Yes

SLIP

---

---

---

---

Yes

 Terminal Services19

LAT22

---

---

---

---

Yes

Rlogin

---

---

---

---

Yes

Telnet

---

---

---

---

Yes

TN3270

---

---

---

---

Yes

X.25 PAD

---

---

---

---

Yes

Xremote

---

---

---

---

Yes

1The OSPF LANFRAD feature set is available in Release 11.2(4) and later. This feature set is not available in Release 11.2 F.
2Includes AppleTalk load balancing.
3IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time.
4The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists.
5Translational bridging is fast switched, but this can be disabled.
6ISDN support includes calling line identification (ANI), X.25 over the B channel, ISDN subaddressing, and applicable WAN optimization features.
7PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, PPP compression, and Multilink PPP.
8X.25 includes X.25 switching.
9Bandwidth-on-demand means two B channels calls to the same destination.
10IPX header compression (RFC 1553) is available in the feature sets that support IPX.
11X.25 and Frame Relay payload compression.
12BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps.
13Enhanced IGRP in the OSPF LANFRAD feature set is only available in Release 11.2(4). Cisco does not support this functionality in any releases of the  OSPF LANFRAD feature set, and this feature is subject to removal without notice.
14RMON events and alarms is supported on all interfaces.
15Applicable to the following Cisco 2500 series Ethernet hub models: Cisco 2505, Cisco 2507, Cisco 2516, and Cisco 2518.
16TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported.
17Cisco IOS Release 11.2 introduces several DLSw+ enhancements available in the Plus, Plus 40, and Plus 56 feature sets. See the section
"IBM Functionality" in the "New Features in Release 11.2(1)" section for more details.
18SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled.
19Remote node and terminal services supported on access servers (with limited support on router auxiliary ports).
20The Cisco 4000 series products do not support ARAP 1.0/2.0.
21IPX header compression (RFC 1553) is available in the feature sets that support IPX.
22Use of LAT requires terminal license (FR-L8-10.X= or FR-L16-10.X=).


Table 11: Cisco AS5200 Access Server Software Feature Sets
Feature Set
 Feature IP Routing Desktop
(IP/IPX/AppleTalk/DEC) 		Enterprise1
 LAN Support

Apollo Domain

---

---

Yes

AppleTalk 1 and 22

---

Yes

Yes

Banyan VINES

---

---

Yes

Concurrent routing and bridging (CRB)

Yes

Yes

Yes

DECnet IV

---

Yes

Yes

DECnet V

---

---

Yes

GRE

Yes

Yes

Yes

Integrated routing and bridging (IRB)3

Yes

Yes

Yes

IP

Yes

Yes

Yes

LAN extension host

Yes

Yes

Yes

Multiring

Yes

Yes

Yes

Novell IPX4

---

Yes

Yes

OSI

---

---

Yes

Source-route bridging (SRB)

---

---

Yes

Transparent and translational bridging

Yes

Yes

Yes

XNS

---

---

Yes

 WAN Services

ATM LAN emulation: Rate queues for SVC per subinterface

---

---

Yes

Combinet Packet Protocol (CPP)

Yes

Yes

Yes

Dialer profiles

Yes

Yes

Yes

Frame Relay

Yes

Yes

Yes

Frame Relay SVC Support (DTE)

---

---

Yes

Frame Relay traffic shaping

Yes

Yes

Yes

Half bridge/half router for CPP and PPP

Yes

Yes

Yes

HDLC

Yes

Yes

Yes

IPXWAN 2.0

---

Yes

Yes

ISDN5

Yes

Yes

Yes

Multichassis Multilink PPP (MMP)

---

---

Yes

NetBEUI over PPP

---

---

Yes

PPP6

Yes

Yes

Yes

SMDS

Yes

Yes

Yes

Switched 56

Yes

Yes

Yes

Virtual Private Dial-up Network (VPDN)

Plus

Plus

Yes

X.257

Yes

Yes

Yes

 WAN Optimization

Bandwidth-on-demand

Yes

Yes

Yes

Custom and priority queuing

Yes

Yes

Yes

Dial backup

Yes

Yes

Yes

Dial-on-demand

Yes

Yes

Yes

Header8, link and payload compression9

Yes

Yes

Yes

Snapshot routing

Yes

Yes

Yes

Weighted fair queuing

Yes

Yes

Yes

 IP Routing

BGP

Yes

Yes

Yes

BGP410

Yes

Yes

Yes

EGP

Yes

Yes

Yes

Enhanced IGRP

Yes

Yes

Yes

Enhanced IGRP Optimizations

Yes

Yes

Yes

ES-IS

---

---

Yes

IGRP

Yes

Yes

Yes

IS-IS

---

---

Yes

Named IP Access Control List

Yes

Yes

Yes

Network Address Translation (NAT)

Plus

Plus

Plus

NHRP

Yes

Yes

Yes

On Demand Routing (ODR)

Yes

Yes

Yes

OSPF

Yes

Yes

Yes

OSPF Not-So-Stubby-Areas (NSSA)

Yes

Yes

Yes

OSPF On Demand Circuit (RFC 1793)

Yes

Yes

Yes

PIM

Yes

Yes

Yes

Policy-based routing

Yes

Yes

Yes

RIP

Yes

Yes

Yes

RIP Version 2

Yes

Yes

Yes

 Other Routing

AURP

---

Yes

Yes

IPX RIP

---

Yes

Yes

NLSP

---

Yes

Yes

RTMP

---

Yes

Yes

SMRP

---

Yes

Yes

SRTP

---

---

Yes

 Multimedia and Quality of Service

Generic traffic shaping

Yes

Yes

Yes

Random Early Detection (RED)

Yes

Yes

Yes

Resource Reservation Protocol (RSVP)

Yes

Yes

Yes

 Management

AutoInstall

Yes

Yes

Yes

Automatic modem configuration

Yes

Yes

Yes

HTTP Server

Yes

Yes

Yes

Modem Management

Plus

Plus

Plus

RMON events and alarms11

Yes

Yes

Yes

RMON full

Plus

Plus

Plus

SNMP

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

 Security

Access lists

Yes

Yes

Yes

Access security

Yes

Yes

Yes

Extended access lists

Yes

Yes

Yes

Kerberized login

---

---

Yes

Kerberos V client support

---

---

Yes

Lock and key

Yes

Yes

Yes

MAC security for hubs

Yes

Yes

Yes

MD5 routing authentication

Yes

Yes

Yes

RADIUS

Yes

Yes

Yes

TACACS+12

Yes

Yes

Yes

 IBM Support (Optional)

APPN (optional)2

---

---

---

BAN for SNA Frame Relay support

Plus

Plus

Yes

Bisync

Plus

Plus

Yes

Caching and filtering

Plus

Plus

Yes

DLSw+ 13

Plus

Plus

Yes

Downstream PU concentration (DSPU)

Plus

Plus

Yes

Frame Relay SNA support (RFC 1490)

Plus

Plus

Yes

Native Client Interface Architecture (NCIA) Server

Plus

Plus

Yes

NetView Native Service Point

Plus

Plus

Yes

QLLC

Plus

Plus

Yes

Response Time Reporter (RTR)

Plus

Plus

Yes

SDLC integration

Plus

Plus

Yes

DLSw (RFC 1795)

Plus

Plus

Yes

SDLC transport (STUN)

Plus

Plus

Yes

SDLC-to-LAN conversion (SDLLC)

Plus

Plus

Yes

SNA and NetBIOS WAN optimization
via local acknowledgment

Plus

Plus

Yes

SRB/RSRB14

Plus

Plus

Yes

SRT

Plus

Plus

Yes

TG/COS

---

---

Yes

TN3270

---

---

Yes

 Protocol Translation

LAT

---

---

Yes

Rlogin

---

---

Yes

 Remote Node15

ARAP 1.0/2.0

---

Yes

Yes

Asynchronous master interfaces

Yes

Yes

Yes

ATCP

---

Yes

Yes

CPPP

Yes

Yes

Yes

CSLIP

Yes

Yes

Yes

DHCP

Yes

Yes

Yes

IP pooling

Yes

Yes

Yes

IPX and ARAP on virtual async interfaces

---

---

Yes

IPXCP

---

Yes

Yes

MacIP

---

Yes

Yes

NASI

---

---

---

SLIP

Yes

Yes

Yes

 Terminal Services15

LAT16

---

---

Yes

Rlogin

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

TN3270

---

---

Yes

X.25 PAD

Yes

Yes

Yes

Xremote

---

---

Yes

1Enterprise is available with APPN in a separate feature set. APPN includes APPN Central Registration (CRR) and APPN over DLSw+.
2Includes AppleTalk load balancing.
3IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time.
4The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists.
5ISDN support includes calling line identification (ANI), X.25 over the B channel, ISDN subaddressing, and applicable WAN optimization features.
6PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, and PPP compression, and Multilink PPP.
7X.25 includes X.25 switching.
8IPX header compression (RFC 1553) is available in the feature sets that support IPX.
9X.25 and Frame Relay payload compression are supported.
10BGP4 includes soft configuration, multipath support, and prefix filtering with inbound route maps.
11The RMON events and alarms groups are supported on all interfaces. Full RMON support is available with the Plus feature sets.
12TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported.
13Cisco IOS Release 11.2 introduces several DLSw+ enhancements available in the Plus, Plus 40, and Plus 56 feature sets. See the section "IBM Functionality" in the "New Features in Release 11.2(1)" section for more details.
14SRB/RSRB is fast switched. This enhancement is on by default, but can be disabled.
15Supported on access severs (with limited support on router auxiliary ports).
16Use of LAT requires terminal license (FR-L8-10.X= for an 8-user license or FR-L16-10.X= for a 16-user license).


Table 12: Cisco 1003, Cisco 1004, and Cisco 1005 Routers Software Feature Sets
Feature Set1
 Feature IP Routing2 IP/IPX Routing2 IP/AppleTalk Routing2 IP/IPX/AppleTalk Routing
 LAN Support

AppleTalk 1 and 21

---

---

Yes

Yes

GRE

Yes

Yes

Yes

Yes

Integrated routing and bridging (IRB)2

Yes

Yes

Yes

Yes

IP

Yes

Yes

Yes

Yes

Novell IPX3

---

Yes

---

Yes

Transparent and translational bridging4

Yes

Yes

Yes

Yes

 WAN Services5

Dialer profiles

Yes

Yes

Yes

Yes

Frame Relay (Cisco 1005 only)

Yes

Yes

Yes

Yes

Frame Relay SVC Support (DTE) (Cisco 1005 only)

Plus

Plus

Plus

Plus

Frame Relay traffic shaping
(Cisco 1005 only)

Yes

Yes

Yes

Yes

HDLC

Yes

Yes

Yes

Yes

ISDN (Cisco 1003 and Cisco 1004)6

Yes

Yes

Yes

Yes

PPP

Yes

Yes

Yes

Yes

SLIP (Cisco 1005 only)

Yes

Yes

---

---

SMDS (Cisco 1005 only)

Yes

Yes

Yes

Yes

Switched 56 (Cisco 1005 only)

Yes

Yes

Yes

Yes

Virtual Private Dial-up Network (VPDN)

---

---

---

Plus

X.25

Yes

Yes

Yes

Yes

 WAN Optimization

Bandwidth-on-demand
(Cisco 1003 and Cisco 1004)

Yes

Yes

Yes

Yes

Custom and priority queuing

Yes

Yes

Yes

Yes

Dial backup

Yes

Yes

Yes

Yes

Dial-on-demand7

Yes

Yes

Yes

Yes

Header8 and link compression9
(Cisco 1003 and Cisco 1004)

Yes

Yes

Yes

Yes

Payload compression (Cisco 1005 only)

Yes

Yes

Yes

Yes

Snapshot routing10

Yes

Yes

Yes

Yes

Weighted fair queuing

Yes

Yes

Yes

Yes

 IP Routing

Enhanced IGRP

Yes

Yes

Yes

Yes

Enhanced IGRP Optimizations

Yes

Yes

Yes

Yes

IGRP

Yes

Yes

Yes

Yes

Network Address Translation Table (NAT)

Plus

Plus

Plus

Plus

On Demand Routing (ODR)

Yes

Yes

Yes

Yes

OSPF

Plus

Plus

Plus

Plus

OSPF Not-So-Stubby-Areas (NSSA)

Plus

Plus

Plus

Plus

OSPF On Demand Circuit (RFC 1793)

Plus

Plus

Plus

Plus

PIM

Plus

Plus

Plus

Plus

RIP

Yes

Yes

Yes

Yes

RIP Version 2

Yes

Yes

Yes

Yes

 Other Routing

AURP

---

---

Plus

Plus

IPX RIP

---

Yes

---

Yes

NLSP

Plus

Plus

Plus

Plus

SMRP

Plus

Plus

Plus

Plus

RTMP

---

---

Yes

Yes

 Multimedia and Quality of Service

Random Early Detection (RED)

Plus

Plus

Plus

Plus

Resource Reservation Protocol (RSVP)

Plus

Plus

Plus

Plus

 Management

ClickStart

Yes

Yes

Yes

Yes

HTTP Server

Yes

Yes

Yes

Yes

SNMP

Yes

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

Yes

 Security

Access lists

Yes

Yes

Yes

Yes

Access security

Yes

Yes

Yes

Yes

Extended access lists

Yes

Yes

Yes

Yes

Lock and key

Yes

Yes

Yes

Yes

Router authentication and network layer encryption (40-bit or export controlled 56-bit DES)

Encrypt

Encrypt

Encrypt

Encrypt

TACACS+11

Yes

Yes

Yes

Yes

1Includes AppleTalk load balancing.
2IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time.
3The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists.
4Transparent and translational bridging is fast switched. This enhancement is on by default, but can be disabled.
5Cisco 1005 "WAN Services" offers three feature set options: Option 1 includes HDLC, PPP, SDMS, and Frame Relay, but not X.25, and is available on all feature sets; Option 2 includes X.25 only, and is available with the IP/IPX, IP/AppleTalk, and IP/IPX/AppleTalk feature sets; and Option 3 includes Async, PPP, and SLIP and is available with the IP, IP/IPX features sets.
6ISDN support includes calling line identification (CLI/ANI), ISDN subaddressing, and applicable WAN optimization features.
7Dial-on-demand is available for the Cisco 1005 with "WAN Services" Option only. See footnote 5 above.
8IPX header compression (RFC 1553) is available in the feature sets that support IPX.
9X.25 and Frame Relay payload compression. Payload compression is available for the Cisco 1005.
10Snapshot routing is not included for the Cisco 1005.
11TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported.


Table 13: Cisco 1005 Platform-Specific Software Feature Sets
Feature Set
 Feature IP/OSPF/PIM Routing1 IP/Async1 IP/IPX/Async1
 LAN Support

AppleTalk 1 and 2

---

---

---

GRE

Yes

Yes

Yes

Integrated routing and bridging (IRB)2

Yes

Yes

Yes

IP

Yes

Yes

Yes

Novell IPX3

---

---

Yes

Transparent and translational bridging4

Yes

Yes

Yes

 WAN Services5

Async

---

Yes

Yes

Dialer profiles

Yes

Yes

Yes

Frame Relay

Yes

---

---

Frame Relay traffic shaping

Yes

---

---

HDLC

Yes

---

---

PPP6

Yes

Yes

Yes

SLIP

---

Yes

Yes

SMDS

Yes

---

---

Switched 56

Yes

---

---

Virtual Private Dial-up Network (VPDN)

---

---

---

X.257

Yes

---

---

 WAN Optimization

Custom and priority queuing

Yes

Yes

Yes

Dial-on-demand8

Yes

Yes

Yes

Header9, link and payload compression 10

Yes

Yes

Yes

Snapshot routing11

Yes

Yes

Yes

Weighted fair queuing

Yes

Yes

Yes

 IP Routing

Enhanced IGRP

Yes

Yes

Yes

Enhanced IGRP Optimizations

Yes

Yes

Yes

IGRP

Yes

Yes

Yes

On Demand Routing (ODR)

Yes

Yes

Yes

OSPF

Yes

---

---

OSPF Not-So-Stubby-Areas (NSSA)

Yes

---

---

OSPF On Demand Circuit (RFC 1793)

Yes

---

---

PIM

Yes

---

---

RIP

Yes

Yes

Yes

RIP Version 2

Yes

Yes

Yes

 Other Routing

IPX RIP

---

---

Yes

 Management

ClickStart

Yes

Yes

Yes

HTTP Server

Yes

Yes

Yes

SNMP

Yes

Yes

Yes

Telnet

Yes

Yes

Yes

 Security

Access lists

Yes

Yes

Yes

Access security

Yes

Yes

Yes

Extended access lists

Yes

Yes

Yes

Kerberos V client support

---

---

---

Lock and key

Yes

Yes

Yes

TACACS+12

Yes

Yes

Yes

1These feature sets are not available with the Plus, Plus 40, or Plus 56 feature set options in Cisco IOS Release 11.2.
2IRB supports IP, IPX, and AppleTalk; it is supported for transparent bridging, but not for SRB; it is supported on all media-type interfaces except X.25 and ISDN bridged interfaces; and IRB and concurrent routing and bridging (CRB) cannot operate at the same time.
3The Novell IPX feature includes display SAP by name, IPX Access Control List violation logging, and plain-English IPX access lists.
4Transparent and translational bridging is fast switched. This enhancement is on by default, but can be disabled.
5Cisco 1005 "WAN Services" offers three feature set options: Option 1 includes HDLC, PPP, SDMS, and Frame Relay, but not X.25, and is available on all feature sets; Option 2 includes X.25 only, and is available with the IP/IPX, IP/AppleTalk, and IP/IPX/AppleTalk feature sets; and Option 3 includes async, PPP, and SLIP and is available with the IP, IP/IPX features sets.
6PPP includes support for LAN protocols supported by the feature set, address negotiation, PAP and CHAP authentication, Multilink PPP, and PPP compression.
7X.25 is available for the Cisco 1005 only and is available by itself in "WAN Services" Option 2 for the following feature sets: IP/IPX, IP/AppleTalk, and IP/IPX/AppleTalk.
8Dial-on-demand is available for the Cisco 1005 with "WAN Services" Option only. See footnote 5above.
9IPX header compression (RFC 1553) is available in the feature sets that support IPX.
10X.25 and Frame Relay payload compression.
11Snapshot routing is not included for the Cisco 1005.
12TACACS+ Single Connection and TACACS+ SENDAUTH enhancements are supported.

Memory Requirements for Release 11.2

Beginning with Cisco IOS Release 10.3, some software image sizes exceed 4 MB and, when compressed, exceed 2 MB. Also, some systems now require more than 1 MB of main system memory for data structure tables.

For Cisco routers to take advantage of the Release 11.2 features, you must upgrade the code or main system memory as listed in Table 16. Some platforms have specific chip or architecture requirements that affect what can be upgraded and in what increments.

Note For the Cisco 7000 and Cisco 7010 routers to recognize Flash memory cards, 11.0 boot ROMs (or later) are required.

Image Naming in Release 11.2

Release 11.2 introduces new feature-set image names for several feature sets that were available in earlier releases. For example, the prefix "igs-" has been replaced with "c2500-." Image names have been changed to facilitate identifying the platform on which the image runs. New prefixes are shown in Table 14.

Table 14: Old and New Image Name Prefixes
Old Prefix New Prefix in Release 11.2

igs

c2500

xx

c4000

as5200

c5200

gs7

c7000

The contents of feature sets for some platforms has changed in Release 11.2. Table 15 lists image names in Release 11.1 that have been replaced by new sets in Release 11.2. If you normally use an image from Release 11.1 or earlier that is not available in Release 11.2, use the equivalent image shown in Table 15. New images contain as many features as earlier ones, and include new features for Release 11.2.


Table 15: Image Name Mapping from Release 11.1 to Release 11.2
Image Name in Release 11.1 or Earlier Image Name in Release 11.2
Cisco 1005

c1005-bnxy-mz

c1005-bny-mz

c1005-bxy-mz

c1005-by-mz

c1005-nxy-mz

c1005-ny-mz

c1005-xy-mz

c1005-y-mz

c1005-xy2-mz

c1005-y2-mz

Cisco 2500 Series

igs-ainr-l

c2500-ainr-l

igs-aj-l

c2500-ajs-l

igs-c-l

c2500-c-l

igs-d-l

c2500-d-l

igs-dr-l

c2500-ds-l

igs-f-l

c2500-f-l

igs-fin-l

c2500-fin-l

igs-g-l

c2500-g-l

igs-i-l

c2500-i-l

igs-im-l

c2500-is-l

igs-imn-l

c2500-ds-l

igs-imnr-l

c2500-ds-l

igs-imr-l

c2500-is-l

igs-in-l

c2500-d-l

igs-ir-l

c2500-is-l

igs-inr-l

c2500-ds-l

igs-jm-l

c2500-js-l

igs-j-l

c2500-j-l

Cisco AS5200

as5200-iz-l

c5200-is-l

as5200-dz-l

c5200-ds-l

as5200-jmz-l

c5200-js-l

Cisco 4000 Series

xx-ainr-mz

c4000-ainr-mz

xx-aj-mz

c4000-ajs-mz

xx-d-mz

c4000-d-mz

xx-dr-mz

c4000-ds-mz

xx-i-mz

c4000-is-mz

xx-in-mz

c4000-d-mz

xx-inr-mz

c4000-ds-mz

xx-ir-mz

c4000-is-mz

xx-j-mz

c4000-j-mz

Cisco 4500 Series

c4500-aj-mz

c4500-ajs-mz

c4500-dr-mz

c4500-ds-mz

c4500-ir-mz

c4500-is-mz

c4500-in-mz

c4500-d-mz

c4500-inr-mz

c4500-ds-mz

Cisco 7000 Series

gs7-aj-mz

c7000-aj-mz

gs7-ajv-mz

c7000-ajv-mz

gs7-jv-mz

c7000-jv-mz

gs7-j-mz

c7000-j-mz

Cisco 7200 Series

c7200-aj-mz

c7200-ajs-mz

c7200-dr-mz

c7200-ds-mz

c7200-j-mz

c7200-js-mz

Cisco 7500 Series and Cisco 7000 with RSP7000

rsp-aj-mz

rsp-ajsv-mz

rsp-j-mz

rsp-jsv-mz

rsp-ajv-mz

rsp-ajsv-mz

rsp-jv-mz

rsp-jsv-mz


Table 16: Release 11.2 Memory Requirements
Router Minimum Required Code Memory Required Main Memory Release 11.2 Runs from
Cisco 1003 and Cisco 1004 ISDN Routers1

IP Set

2/4 MB optional Flash

8 MB RAM2

RAM

IP Plus3 Set

2/4 MB optional Flash

8 MB RAM

RAM

IP Plus 40 Set

2/4 MB optional Flash

8 MB RAM

RAM

IP Plus 56 Set

2/4 MB optional Flash

8 MB RAM

RAM

IP/IPX Set

2/4 MB optional Flash

8 MB RAM

RAM

IP/AT Set

2/4 MB optional Flash

8 MB RAM

RAM

IP/IPX/AT Set

2/4 MB optional Flash

8 MB RAM

RAM

IP/IPX/AT Plus Set

4 MB Flash4

8 MB RAM

RAM

IP/IPX/AT Plus 40 Set

4 MB Flash4

8 MB RAM

RAM

IP/IPX/AT Plus 56 Set

4 MB Flash4

8 MB RAM

RAM

Cisco 1005 Router1

IP Set

2/4 MB optional Flash

8 MB RAM2

RAM

IP Plus5 Set

4 MB Flash4

8 MB RAM

RAM

IP Plus 40 Set

4 MB Flash4

8 MB RAM

RAM

IP Plus 56 Set

4 MB Flash4

8 MB RAM

RAM

IP/IPX Set

2/4 MB optional Flash

8 MB RAM

RAM

IP/AT Set

2/4 MB optional Flash

8 MB RAM2

RAM

IP/IPX/AT Set

2/4 MB optional Flash

8 MB RAM

RAM

IP/IPX/AT Plus Set

4 MB Flash4

8 MB RAM

RAM

IP/IPX/AT Plus 40 Set

4 MB Flash4

8 MB RAM

RAM

IP/IPX/AT Plus 56 Set

4 MB Flash4

8 MB RAM

RAM

IP/OSPF/PIM Set

2/4 MB optional Flash

8 MB RAM

RAM

IP/Async Set

2/4 MB optional Flash

8 MB RAM2

RAM

IP/IPX/Async Set

2/4 MB optional Flash

8 MB RAM

RAM

Cisco 2500 Series

IP Set

8 MB Flash

4 MB RAM6

Flash

IP Plus7 Set

8 MB Flash

4 MB RAM

Flash

IP Plus 40 Set

8 MB Flash

4 MB RAM

Flash

IP Plus 56 Set

8 MB Flash

4 MB RAM

Flash

IP/IPX/IBM/APPN Set

8 MB Flash

8 MB RAM

Flash

IP/IPX/AT/DEC Set

8 MB Flash

4 MB RAM

Flash

IP/IPX/AT/DEC Plus Set

8 MB Flash

4 MB RAM

Flash

IP/IPX/AT/DEC Plus 40 Set

8 MB Flash

4 MB RAM

Flash

IP/IPX/AT/DEC Plus 56 Set

8 MB Flash

4 MB RAM

Flash

Enterprise Set

8 MB Flash

6 MB RAM

Flash

Enterprise Plus Set

8 MB Flash

6 MB RAM

Flash

Enterprise Plus 40 Set

8 MB Flash

6 MB RAM

Flash

Enterprise Plus 56 Set

8 MB Flash

6 MB RAM

Flash

Enterprise/APPN Plus Set

16 MB Flash

8 MB RAM

Flash

Enterprise/APPN Plus 40 Set

16 MB Flash

8 MB RAM

Flash

Enterprise/APPN Plus 56 Set

16 MB Flash

8 MB RAM

Flash

Cisco Frame Relay Access Device (CFRAD) Set

4 MB Flash

4 MB RAM6

Flash

Remote Access Server

8 MB Flash

4 MB RAM

Flash

ISDN Set

8 MB Flash

4 MB RAM

Flash

LAN FRAD Set

4 MB Flash

4 MB RAM

Flash

OSPF LANFRAD Set8

4 MB Flash

4 MB RAM

Flash

Cisco 2501 - Cisco 2508

IP Set

8 MB Flash

4 MB RAM

Flash

Cisco 2509 - Cisco 2512

IP Set

8 MB Flash

4 MB RAM

Flash

Remote Access Server

8 MB Flash

4 MB RAM

Flash

Cisco 2513 - Cisco 2519

IP Set

8 MB Flash

4 MB RAM

Flash

Cisco 2522 - Cisco 2523

IP Set

8 MB Flash

4 MB RAM

Flash

Cisco Frame Relay Access Device (CFRAD) Set

4 MB Flash

4 MB RAM

Flash

Cisco 2524- Cisco 2525

LAN FRAD Set

4 MB Flash

4 MB RAM

Flash

Cisco AS51009

IP Set

8 MB Flash per card

6 MB RAM per card

Flash

IP/IPX/AT/DEC Set

8 MB Flash

6 MB RAM

Flash

Remote Access Server

8 MB Flash

6 MB RAM

Flash

Enterprise Set

8 MB Flash

6 MB RAM

Flash

Cisco AS5200

IP Set

8 MB Flash

8 MB RAM

Flash

IP Plus10 Set

8 MB Flash

8 MB RAM

Flash

Desktop Set

8 MB Flash

8 MB RAM

Flash

Desktop Plus Set

8 MB Flash

8 MB RAM

Flash

Enterprise Set

8 MB Flash

8 MB RAM

Flash

Enterprise Plus Set

8 MB Flash

8 MB RAM

Flash

Cisco 3101,
Cisco 3102,
Cisco 3103

8 MB Flash

6 MB RAM

Flash

8 MB Flash

16 MB RAM

RAM

Cisco 3104,
Cisco 3204

8 MB Flash

6 MB RAM

Flash

8 MB Flash

6 MB RAM11

RAM12

Cisco 4000/4000-M

Cisco 4000 Cisco 4000-M

IP Set

4 MB Flash

16 MB RAM

8 MB RAM

RAM

IP Plus13 Set

4 MB Flash

16 MB RAM

8 MB RAM

RAM

IP Plus 40 Set

4 MB Flash

16 MB RAM

8 MB RAM

RAM

IP Plus 56 Set

4 MB Flash

16 MB RAM

8 MB RAM

RAM

IP/IPX/AT/DEC Set

4 MB Flash

16 MB RAM

8 MB RAM

RAM

IP/IPX/AT/DEC Plus Set

4 MB Flash

16 MB RAM

16 MB RAM

RAM

IP/IPX/AT/DEC Plus 40 Set

4 MB Flash

16 MB RAM

16 MB RAM

RAM

IP/IPX/AT/DEC Plus 56 Set

4 MB Flash

16 MB RAM

16 MB RAM

RAM

IP/IPX/IBM/APPN Set

4 MB Flash

32 MB RAM

32 MB RAM

RAM

Enterprise Set

4 MB Flash

16 MB RAM

16 MB RAM

RAM

Enterprise Plus Set

8 MB Flash

16 MB RAM

16 MB RAM

RAM

Enterprise Plus 40 Set

8 MB Flash

16 MB RAM

16 MB RAM

RAM

Enterprise Plus 56 Set

8 MB Flash

16 MB RAM

16 MB RAM

RAM

Enterprise/APPN Plus Set

8 MB Flash

32 MB RAM

32 MB RAM

RAM

Enterprise/APPN Plus 40 Set

8 MB Flash

32 MB RAM

32 MB RAM

RAM

Enterprise/APPN Plus 56 Set

8 MB Flash

32 MB RAM

32 MB RAM

RAM

Cisco 4500/4500-M

Cisco 4500 Cisco 4500-M

IP Set

4 MB Flash

32 MB RAM

16 MB RAM14

RAM

IP Plus15 Set

4 MB Flash

32 MB RAM

16 MB RAM

RAM

IP Plus 40 Set

4 MB Flash

32 MB RAM

16 MB RAM

RAM

IP Plus 56 Set

4 MB Flash

32 MB RAM

16 MB RAM

RAM

IP/IPX/AT/DEC Set

4 MB Flash

32 MB RAM

16 MB RAM

RAM

IP/IPX/AT/DEC Plus Set

4 MB Flash

32 MB RAM

16 MB RAM

RAM

IP/IPX/AT/DEC Plus 40 Set

4 MB Flash

32 MB RAM

16 MB RAM

RAM

IP/IPX/AT/DEC Plus 56 Set

4 MB Flash

32 MB RAM

16 MB RAM

RAM

IP/IPX/IBM/APPN Set

8 MB Flash

32 MB RAM

32 MB RAM

RAM

Enterprise Set

8 MB Flash

32 MB RAM

16 MB RAM

RAM

Enterprise Plus Set

8 MB Flash

32 MB RAM

16 MB RAM

RAM

Enterprise Plus 40 Set

8 MB Flash

32 MB RAM

16 MB RAM

RAM

Enterprise Plus 56 Set

8 MB Flash

32 MB RAM

16 MB RAM

RAM

Enterprise/APPN Plus Set

8 MB Flash

32 MB RAM

32 MB RAM

RAM

Enterprise/APPN Plus 40 Set

8 MB Flash

32 MB RAM

32 MB RAM

RAM

Enterprise/APPN Plus 56 Set

8 MB Flash

32 MB RAM

32 MB RAM

RAM

Cisco 4700/4700-M

IP Set

4 MB Flash

16 MB RAM

RAM

IP Plus15 Set

4 MB Flash

16 MB RAM

RAM

IP Plus 40 Set

4 MB Flash

16 MB RAM

RAM

IP Plus 56 Set

4 MB Flash

16 MB RAM

RAM

IP//IPX/AT/DEC Set

4 MB Flash

16 MB RAM

RAM

IP//IPX/AT/DEC Plus Set

4 MB Flash

16 MB RAM

RAM

IP//IPX/AT/DEC Plus 40 Set

4 MB Flash

16 MB RAM

RAM

IP//IPX/AT/DEC Plus 56 Set

4 MB Flash

16 MB RAM

RAM

IP/IPX/IBM/APPN Set

8 MB Flash

32 MB RAM

RAM

Enterprise Set

8 MB Flash

16 MB RAM

RAM

Enterprise Plus Set

8 MB Flash

16 MB RAM

RAM

Enterprise Plus 40 Set

8 MB Flash

16 MB RAM

RAM

Enterprise Plus 56 Set

8 MB Flash

16 MB RAM

RAM

Enterprise/APPN Plus Set

8 MB Flash

32 MB RAM

RAM

Enterprise/APPN Plus 40 Set

8 MB Flash

32 MB RAM

RAM

Enterprise/APPN Plus 56 Set

8 MB Flash

32 MB RAM

RAM

Cisco 700016,
Cisco 7010

IP Set

8 MB Flash

16 MB RAM

RAM

IP/Basic VIP Set

8 MB Flash

16 MB RAM

RAM

Desktop/IBM Set

8 MB Flash

16 MB RAM

RAM

Desktop/IBM/Basic VIP Set

8 MB Flash

16 MB RAM

RAM

Desktop/IBM/APPN Set

8 MB Flash

16 MB RAM

RAM

Desktop/IBM/APPN/
Basic VIP Set

8 MB Flash

16 MB RAM

RAM

Enterprise Set

8 MB Flash memory card

16 MB RAM

RAM

Enterprise/Basic VIP Set

8 MB Flash

16 MB RAM

RAM

Enterprise/APPN Set

8 MB Flash

16 MB RAM

RAM

Enterprise/APPN/Basic VIP Set

8 MB Flash

16 MB RAM

RAM

Source-Route Switch

4 MB Flash

16 MB RAM

RAM

Cisco 7200 Series

IP Set

8/16/20 MB Flash memory card

16 MB RAM

Flash

Desktop/IBM/APPN Set

8/16/20 MB Flash memory card

24 MB RAM

Flash

Enterprise Set

8/16/20 MB Flash memory card

16 MB RAM

Flash

Enterprise/APPN Set

8/16/20 MB Flash memory card

24 MB RAM

Flash

Desktop/IBM Set

8/16/20 MB Flash memory card

16 MB RAM

Flash

Network Layer 3 Switching Set

8/16/20 MB Flash memory card

16 MB RAM

Flash

Cisco 7500 Series and Cisco 7000 with RSP700017



Cisco 7513 only



All Others

IP Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

IP/Encryption 40 Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

IP/Encryption 56 Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Desktop/IBM Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Desktop/IBM/APPN Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Desktop/IBM/
Encryption 40 Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Desktop/IBM/
Encryption 56 Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Enterprise Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Enterprise/Encryption 40 Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Enterprise/Encryption 56 Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Enterprise/APPN Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Enterprise/APPN/
Encryption 40 Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

Enterprise/APPN/
Encryption 56 Set

16/20 MB Flash memory card

32 MB RAM

32 MB RAM

RAM

1If you need to upgrade the main memory for your Cisco 1003, Cisco 1004, or Cisco 1005 router, be sure to order the upgrade specific to your router.
2Only 4 MB DRAM is required for releases 11.2(1) through 11.2(6).
3Plus for the Cisco 1003 and Cisco 1004 includes OSPF, PIM, SMRP, NLSP, ATIP, AppleTalk AURP, RSVP, and NAT.
4Only 2 MB Flash is required for releases 11.2(1) through 11.2(6).
5Plus for the Cisco 1005 includes OSPF, PIM, NLSP, SMRP, AppleTalk IP, AppleTalk AURP, Frame Relay SVC, RSVP, and NAT.
6For Cisco 2509 through Cisco 2512 access servers, and the Cisco 2522 and Cisco 2523 routers, 4 MB DRAM is the minimum recommended.
7Plus for the Cisco 2500 Series includes NAT, RMON, and IBM (if IBM is not already included).
8The OSPF LANFRAD feature set is available in Release 11.2(4) and later.
9Memory requirements listed are per card. Each AS5100 supports up to three cards, so that the maximum memory needed for any AS5100 is three times the listed number.
10Plus for the Cisco AS5200 includes protocol translation, V.120, RMON, Managed Modems, and IBM (if IBM is not already included).
11The memory requirement for the Enterprise feature set is 16 MB.
12The Enterprise feature set must be uncompressed to run from RAM on the Cisco 3104 and Cisco 3204.
13Plus for the Cisco 4000 and Cisco 4000-M includes NAT and IBM (if IBM is not already included).
14The Cisco 4500 requires 16 MB DRAM when two NP-CT1 or two NP-CE1 Network Processor Modules are installed in the chassis.
15Plus for the Cisco 4500, Cisco 4500-M, Cisco 4700, and Cisco 4700-M includes NAT, ISL, LANE, and IBM (if IBM is not already included).
16Except the Cisco 7000 with RSP7000. For a Cisco 7000 with an RSP7000 card, refer to the memory requirements for Cisco 7500 series platforms.
17All feature sets for the Cisco 7500 Series and Cisco 7000 with RSP7000 include VIP support.

Microcode Software

Table 17 lists the current microcode versions for the Cisco 7000 series. Table 18 lists the current microcode versions for the Cisco 7500 series. Note that for the Cisco 7000 and Cisco 7500 series, microcode software images are bundled with the system software image---with the exception of the Channel Interface Processor (CIP) microcode (all system software images) and Versatile Interface Processor (VIP) microcode (certain system software images). Bundling eliminates the need to store separate microcode images. When the router starts, the system software unpacks the microcode software bundle and loads the proper software on all the interface processor boards. Versatile Interface Processor (VIP and VIP2) microcode is bundled into all Cisco 7500 series feature sets listed in Table 16.

Note For the Cisco 7000 series, all boards must use the Level 10 (or greater) microcode that is bundled (except CIP) with the system image.


Table 17: Bundled Microcode Versions, by Release, for the Cisco 7000 Series
Processor or Module1
Cisco IOS Release AIP EIP FEIP FIP FSIP HIP MIP SP SSP TRIP VIP2

Minimum Version Required

10.15

10.1

10.4

10.2

10.18

10.2

12.0

11.15

11.15

10.3

22.20

11.2(1)

10.15

10.1

10.4

10.2

10.18

10.2

12.0

11.15

11.15

10.3

22.20

11.2(2)

10.15

10.1

10.4

10.2

10.18

10.2

12.0

11.15

11.15

10.3

22.20

11.2(3)

10.17

10.1

10.4

10.2

10.18

10.2

12.2

11.15

11.15

10.4

22.20

11.2(4)

10.17

10.1

10.4

10.2

10.19

10.2

12.2

11.15

11.15

10.4

22.20

11.2(5)

10.18

10.1

10.5

10.2

10.19

10.2

12.2

11.15

11.15

10.4

22.20

11.2(6)

10.19

10.1

10.6

10.2

10.19

10.2

12.2

11.15

11.15

10.4

22.20

11.2(7)

10.20

10.1

10.6

10.2

10.19

10.2

12.2

11.15

11.15

10.4

22.20

11.2(8)

10.20

10.1

10.6

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(9)

10.20

10.1

10.7

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(10)

10.22

10.1

10.7

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(11)

10.22

10.1

10.7

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(12)

10.23

10.1

10.7

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(13)

10.23

10.1

10.7

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(14)

10.23

10.1

10.7

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(15)

10.25

10.1

10.7

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(16)

10.25

10.1

10.7

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(17)

10.25

10.2

10.7

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

11.2(18)

10.25

10.2

10.9

10.2

10.19

10.3

12.2

11.15

11.15

10.4

22.20

1AIP (ATM Interface Processor), EIP (Ethernet Interface Processor), FEIP (Fast Ethernet Interface Processor), FIP (FDDI Interface Processor), FSIP (Fast Serial Interface Processor), HIP (HSSI Interface Processor), MIP (MultiChannel Interface Processor), SP (Switch Processor), SSP (Silicon Switch Processor), TRIP (Token Ring Interface Processor), VIP (Versatile Interface Processor).
2VIP microcode resides within the Cisco IOS software; it is not "bundled" in.

Table 18: Bundled RSP Microcode Versions, by Release, for the Cisco 7500 Series
Processor or Module1
Cisco IOS Release AIP EIP FEIP FIP FSIP HIP MIP POSIP RSP22 TRIP VIP2 VIP22 VIP2C2,3

Minimum Version Required

20.8

20.2

20.3

20.1

20.4

20.0

22.0

20.0

20.0

20.0

22.20

22.20

22.20

11.2(1)

20.8

20.2

20.3

20.1

20.4

20.0

22.0

20.0

20.0

20.0

22.20

22.20

---

11.2(2)

20.8

20.2

20.3

20.1

20.4

20.0

22.0

20.0

20.0

20.0

22.20

22.20

22.20

11.2(3)

20.10

20.2

20.3

20.1

20.4

20.0

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(4)

20.10

20.2

20.3

20.1

20.6

20.0

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(5)

20.12

20.3

20.4

20.1

20.6

20.0

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(6)

20.12

20.3

20.5

20.1

20.6

20.0

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(7)

20.13

20.3

20.5

20.1

20.6

20.0

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(8)

20.13

20.3

20.5

20.1

20.8

20.1

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(9)

20.13

20.3

20.6

20.1

20.8

20.1

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(10)

20.15

20.3

20.6

20.1

20.8

20.1

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(11)

20.15

20.3

20.6

20.1

20.8

20.1

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(12)

20.16

20.3

20.6

20.1

20.8

20.1

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(13)

20.16

20.3

20.6

20.1

20.9

20.1

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(14)

20.16

20.3

20.6

20.1

20.9

20.1

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(15)

20.18

20.3

20.6

20.4

20.9

20.2

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(16)

20.18

20.3

20.6

20.4

20.9

20.2

22.2

20.0

20.0

20.1

22.20

22.20

22.20

11.2(17)

20.18

20.6

20.6

20.4

20.9

20.2

22.2

20.0

20.0

20.1

22.20

22.20

22.20

Channel Interface Processor (CIP) Microcode

Beginning with Cisco IOS Release 11.1, the CIP microcode is no longer bundled with the Cisco IOS software image. You must have Flash memory installed on the Route Processor (RP) card and 8 MB RAM installed on your CIP card to use the IBM channel attach features in Cisco IOS Release 11.1 and later. See the "Important Notes" section for more information about CIP microcode.

New Feature Set in Release 11.2(4)

A new feature set, OSPF LANFRAD, is available in Release 11.2(4) for Cisco 2500 series platforms. Table 10 shows the features available in this new feature set. Table 16 shows the memory requirements for this new feature set. No new functionality is contained in this feature set. This feature set is not available in Release 11.2 F.

New Features in Release 11.2(1)

Previously, maintenance releases of major Cisco IOS software releases were used to deliver additional new features. Beginning with Cisco IOS Release 11.2, Cisco Systems provides as many as three software release "trains" based on a single version of Cisco IOS software. Maintenance releases of the Major train software deliver fixes to software defects only, thus providing the most stable software for your network, for the features you need. In addition to the Major train, there are up to two Early Deployment (ED) trains. One ED train delivers both fixes to software defects and support for new Cisco platforms. The other ED train delivers fixes to software defects, new platform support, and new cross-platform functionality. Software releases from the ED trains typically lag the maintenance releases of the Major train by a few weeks.

Caution
When determining whether to deploy software from the Major or Early Deployment release train, you should weigh the importance you place on maximizing product capability versus maximizing operational stability. Regardless of the train you choose, an early release of software should always be tried in a test network before being deployed in a production network.

The following software enhancements have been added to Release 11.2. These features are available in all software trains of Release 11.2. Separate documentation that is available with each release of the ED software trains describes the additional functionality that is available in ED software releases.

This section is divided into the following subjects:

Routing Protocols

This section describes routing protocol features that are new in the initial release of Cisco IOS Release 11.2.

IP Protocol and Feature Enhancements

The following new IP protocol software features are available:

A stub router is the peripheral router in a hub-and-spoke network topology. Stub routers commonly have a WAN connection to the hub router and a small number of LAN network segments (stub networks) that are connected directly to the stub router. To provide full connectivity, the hub routers can be statically configured to know that a particular stub network is reachable via a specified access router. However, if there are multiple hub routers, many stub networks, or asynchronous connections between hubs and spokes, the overhead required to statically configure knowledge of the stub networks on the hub routers becomes too great.
ODR simplifies installation of IP stub networks in which the hub routers dynamically maintain routes to the stub networks. This is accomplished without requiring the configuration of an IP routing protocol at the stub routers. With ODR, the stub advertises IP prefixes corresponding to the IP networks that are configured on its directly connected interfaces. Because ODR advertises IP prefixes, rather than IP network numbers, ODR is able to carry Variable Length Subnet Mask (VLSM) information.
Once ODR is enabled on a hub router, the router begins installing stub network routes in the IP forwarding table. The hub router can also be configured to redistribute these routes into any configured dynamic IP routing protocols. IP does not need to be configured on the stub router. With ODR, a router is automatically considered to be a stub when no IP routing protocols have been configured on it.
The routing protocol that ODR generates is propagated between routers using Cisco Discovery Protocol (CDP). Thus, ODR is partially controlled by the configuration of CDP. Specifically,
It is recommended that IP filtering be used to limit the network prefixes that the hub router will permit to be learned dynamically through ODR. If the interface has multiple logical IP networks configured (via the IP secondary command), only the primary IP network is advertised through ODR.
Open Shortest Path First (OSPF) Enhancements

The following features have been added to Cisco's OSPF software:

The feature allows the consolidation on a single routing protocol and the benefits of the OSPF routing protocol across the entire network, without incurring excess connection costs.
If the router is part of a point-to-point topology, only one end of the demand circuit needs to be configured for OSPF On-Demand Circuit operation. In point-to-multipoint topologies, all appropriate routers must be configured with OSPF On-Demand Circuit. All routers in an area must support this feature---that is, be running Cisco IOS Software Release 11.2 or greater.
OSPF Not-So-Stubby-Areas (NSSA) defines a more flexible, hybrid method, whereby stub areas can import external OSPF routes in a limited fashion, so that OSPF can be extended across the stub to backbone connection.
NSSA enables OSPF to be extended across a stub area to backbone area connection to become logically part of the same network.
Border Gateway Protocol version 4 (BGP4) Enhancements

The following features have been added to Cisco's BGP4 software:

BGP4 Multipath Support can support up to six paths.

Network Address Translation

Network Address Translation (NAT) provides a mechanism for a privately addressed network to access registered networks, such as the Internet, without requiring a registered subnet address. This eliminates the need for host renumbering and allows the same IP address range to be used in multiple intranets.

With NAT, the privately addressed network (designated as "inside") continues to use its existing private or obsolete addresses. These addresses are converted into legal addresses before packets are forwarded onto the registered network (designated as "outside"). The translation function is compatible with standard routing; the feature is required only on the router connecting the inside network to the outside domain.

Translations can be static or dynamic in nature. A static address translation establishes a one-to-one mapping between the inside network and the outside domain. Dynamic address translations are defined by describing the local addresses to be translated and the pool of addresses from which to allocate outside addresses. Allocation is done in numeric order and multiple pools of contiguous address blocks can be defined.

NAT:

Because the addressing scheme on the inside network may conflict with registered addresses already assigned within the Internet, NAT can support a separate address pool for overlapping networks and translate as appropriate.

Applications that use raw IP addresses as a part of their protocol exchanges are incompatible with NAT. Typically, these are less common applications that do not use fully qualified domain names.

Named IP Access Control List

The Named IP Access Control List (ACL) feature gives network managers the option of using names for their access control lists. Named IP ACL function similarly to their numbered counter-parts, except that they use names instead of numbers.

This feature also includes a new configuration mode, which supports addition and deletion of single lines in a multiline access control list.

This feature eliminates some of the confusion associated with maintaining long access control lists. Meaningful names can be assigned, making it easier to remember which service is controlled by which access control list. Moreover, this feature removes the limit of 100 extended and 99 standard access control lists, so that additional IP access control lists can be configured.

The new configuration feature allows a network manager to edit access control lists, rather than re-creating the entire list.

Currently, only packet and route filters can use Named IP ACL. Also, named IP ACLs are not backward-compatible with earlier releases of Cisco IOS software.

Named IP ACLs are not currently supported with Distributed Fast Switching.

Multimedia and Quality of Service

The following features have been added to Cisco's multimedia and quality of service software:

RSVP requires both a network implementation and a client implementation. Applications need to be RSVP-enabled to take advantage of RSVP functionality. Currently, Precept provides an implementation of RSVP for Windows-based PCs. Companies such as Sun and Silicon Graphics have demonstrated RSVP on their platforms. Several application developers are planning to take advantage of RSVP in their applications.
RED is enabled on a per-interface basis. It "throttles back" lower-priority traffic first, allowing higher-priority traffic (as designated by an RSVP reservation or the IP precedence value) to continue unabated.
RED works with RSVP to maintain end-to-end quality of service during peak traffic loads. Congestion is avoided by selectively dropping traffic during peak load periods. This is performed in a manner designed to damp out waves of sessions going through TCP slow start.
Existing networks can be upgraded to better handle RSVP and priority traffic. Additionally, RED can be used in existing networks to manage congestion more effectively on higher-speed links where fair queuing is expensive.
Exercise caution when enabling RED on interfaces that support multiprotocol traffic (in addition to TCP/IP), such as IPX or AppleTalk. RED is not designed for use with these protocols and could have deleterious affects.
RED is a queuing technique; it cannot be used on the same interface as other queuing techniques, such as Standard Queuing, Custom Queuing, Priority Queuing, or Fair Queuing.
Topologies that have high-speed links feeding into lower-speed links---such as a central site to a remote or branch sites---often experience bottlenecks at the remote end because of the speed mismatch. Generic Traffic Shaping helps eliminate the bottleneck situation by throttling back traffic volume at the source end.
Routers can be configured to transmit at a lower bit rate than the interface bit rate. Service providers or large enterprises can use the feature to partition, for example, T1 or T3 links into smaller channels to match service ordered by customers.
Generic Traffic Shaping implements a Weighted Fair Queuing (WFQ) on an interface or subinterface to allow the desired level of traffic flow. The feature consumes router memory and CPU resources, so it must be used judiciously to regulate critical traffic flows while not degrading overall router performance.

Multiprotocol Routing

The following enhancement has been made to Cisco's multiprotocol routing:

These enhancements are particularly applicable in networking environments having many low-speed links (typically in hub-and-spoke topologies); in Non-Broadcast-Multiple-Access (NBMA) wide-area networks such as Frame Relay, ATM, or X.25 backbones; and in highly redundant, dense router-router peering configurations. It should be noted that the basic Enhanced IGRP routing algorithm that exhibits very fast convergence and guaranteed loop-free paths has not changed, so there are no backwards compatibility issues with earlier versions of Cisco IOS software.

Switching Features

The following feature has been added to Cisco's switching software:

The ability to route and bridge the same protocol on multiple independent sets of interfaces of the same Cisco IOS software-based router makes it possible to route between these routed and the bridged domains within that router. IRB provides a scalable mechanism for integration of Layer 2 and Layer 3 domains within the same device.
Integrated routing and bridging provides:
Note that:

Desktop Protocols

This section describes the desktop protocol features that are new in the initial release of Cisco IOS Release 11.2.

AppleTalk Features

The following feature has been added to Cisco's AppleTalk software:

AppleTalk load balancing can reduce network costs by allowing more efficient use of network resources. Network reliability is improved because the chance that network paths between nodes will become overloaded is reduced. For convenience, load balancing is provided for networks using native AppleTalk routing protocols such as Routing Table Maintenance Protocol (RTMP) and Enhanced IGRP.
AppleTalk load balancing operates with process and fast switching.

Novell Features

The following features have been added to Cisco's Novell software:

This feature allows logging of:
Matching packets and logging-enabled ACLs are sent at the process level. Router logging facilities use the IP protocol.
Protocol types supported include RIP, SAP, NCP, and NetBIOS. Supported socket types include Novell Diagnostics Packet Enhanced IGRP, and NLSP.
Plain English IPX Access Lists greatly reduce the complexity and increase the readability of IPX extended access control lists, reducing network management expense by making it easier to build and analyze the access control mechanisms used in IPX networks.

Wide-Area Networking Features

This section describes the wide-area networking features that are new in the initial release of Cisco IOS Release 11.2.

ISDN/DDR Enhancements

The following features have been added to Cisco's ISDN and DDR software:

MMP is based on the concept of a stackgroup---a group of routers or access servers that operate as a group when receiving MLP calls. Any member of the stackgroup can answer any call into the single access number applied to all WAN interfaces. Typically, the access number corresponds to a telco hunt group.
Cross-platform aggregation is performed via tunneling between members of a stackgroup using the Level 2 Forwarding (L2F) protocol, a draft IETF standard.
MMP is flexible and scalable. Because the L2F protocol is IP-based, members of a stackgroup can be connected over many types of LAN or WAN media. Stackgroup size can be increased by increasing the bandwidth available to the L2F protocol---for example, by moving from shared to switched Ethernet.
With Multichassis Multilink PPP:
Universal access servers such as the Cisco 5200 should not be combined with ISDN-only access servers such as the Cisco 4000 series router in a MMP stackgroup. Because calls are allocated by the central office in an arbitrary manner, it is possible that this scenario could lead to an analog call being delivered to a digital-only access server.
Service providers who wish to offer private dial-up network services can use VPDN to provide a single telephone number for all their client organizations. A customer can use dial-up access to a local point of presence where the access server identifies the customer by PPP user name. The PPP username is also used to establish a home gateway destination. Once the home gateway is identified, the access server builds a secure tunnel across the service provider's backbone to the customer's home gateway. The PPP session is also transported to this home gateway, where local security measures can ensure the person is allowed access to the network behind the home gateway.
Of special interest to service providers is VPDN's independence of WAN technology. Since L2F is TCP/IP-based, it can be used over any type of service provider backbone network.
Dialer profile extends the flexibility of current dial-up configurations. For example, on a single ISDN PRI or PRI rotary group it is now possible to allocate separate profiles for different classes of user. These profiles may define normal DDR usage or backup usage.
Each dialer profile uses an Interface Descriptor Block (IDB) distinct from the IDB of the physical interface used to place or receive calls. When a call is established, both IDBs are bound together so that traffic can flow. As a result, dialer profiles use more IDBs than normal DDR.
This initial release of dialer profiles does not support Frame Relay, X.25, or LAPB encapsulation on DDR links or Snapshot Routing capabilities.
A large installed base of early Combinet product users cannot upgrade to later software releases that support interoperability standards such as PPP. With CPP support, these users can integrate their existing product base into new Cisco IOS-based internetworks.
CPP does not provide many of the functions available in Cisco's implementation of the PPP standards. These functions include address negotiation and support for protocols like AppleTalk. Where possible, Cisco recommends that customers migrate to software that supports PPP.
This feature is process switched.

Frame Relay Enhancements

The following features have been added to Cisco's Frame Relay software:

Frame Relay SVCs offer cost savings via usage-based pricing instead of fixed pricing for a PVC connection, dynamic modification of network topologies with any-to-any connectivity, dynamic network bandwidth allocation or bandwidth-on-demand for large data transfers such as FTP traffic, backup for PVC backbones, and conservation of resources in private networks.
To use Frame Relay SVCs, Frame Relay SVC must be supported by the Frame Relay switches used in the network. Also, a Physical Local Loop Connection, such as a leased or dedicated line, must exist between the router (DTE) and the local Frame Relay switch.
The Frame Relay protocol defines several parameters that are useful for managing network traffic congestion. These include Committed Information Rate (CIR), Forward/Backward Explicit Congestion Notification (FECN/BECN), and Discard Eligibility (DE) bit. Cisco already provides support for FECN for DECnet and OSI, BECN for SNA traffic using direct LLC2 encapsulation via RFC 1490, and DE bit support. The Frame Relay Traffic Shaping feature builds upon this support by providing the following three capabilities:
Frame Relay Traffic Shaping:
The three capabilities of the Traffic Shaping for Frame Relay feature require the router to buffer packets to control traffic flow and compute data rate tables. Because of this router memory and CPU utilization, these features must be used judiciously to regulate critical traffic flows while not degrading overall Frame Relay performance.

ATM Enhancements

The following features have been added to Cisco's Asynchronous Transfer Mode (ATM) software:

LAN Emulation uses one LES/BUS per emulated LAN and one LECS per multiple emulated LANs. These service components represent single points of failure for each emulated LAN. SSRP removes these single points of failure, providing network managers the redundancy they need for campus ATM backbones with LAN Emulation without adding administrative overhead. A completely redundant, dual-homed ATM backbone can be built without any failure points when SSRP is combined with Hot Standby Router Protocol (HSRP), the dual-phy LANE card for the Catalyst 5000, and support for Spanning Tree on a per VLAN-basis.
Full implementation of SSRP requires Cisco platforms. Currently, LECS and LES/BUS are available on the Cisco 7000 series, Cisco 7500 series, Cisco 4000 series routers, and the Catalyst 5000. Any LAN Emulation Client (LEC), such as an ATM adapter from one of Cisco's interoperability partners, can take advantage of the LES/BUS redundancy without additional capability. To fully implement LECS redundancy, a LEC must also:
The Catalyst 5000 LAN Emulation module will support SSRP when configured to run the LECS and LES/BUS in LS1010 software Release 3.1.
Non-Cisco LECs that can only communicate to the well-known LECS address can also take advantage of SSRP, provided:
HSRP provides inter-ELAN (or inter-VLAN) routing redundancy. HSRP over LANE is transparent to hosts expecting to always to be able to reach their default gateway (router). Without HSRP, IP hosts would need to be configured with RIP to recover from a failure of its default gateway. This method can result in a 10-minute delay before the host can use its second default gateway. A completely redundant, dual-homed ATM backbone can be built without any failure points when HSRP is combined with Simple Server Redundancy Protocol (SSRP), the dual-phy LANE card for the Catalyst 5000, and support for Spanning Tree on a per VLAN-basis.
HSRP is a unique protocol developed by Cisco and used only by Cisco IOS software-based routers. HSRP over LAN Emulation is available in Cisco devices that support ATM interfaces such as the Cisco 7000 series, Cisco 7500 series, and Cisco 4000 series routers.
When DECnet routing is configured, there is a one-time reset of the interface so that the MAC address of the interface can reflect the DECnet Phase IV MAC address conventions. If SSRP is also configured, there is a switchover to the secondary LECS and back as a result of configuring DECnet.
AToM MIB instrumentation is used by network management applications, such as Cisco's AtmDirector, to perform topology auto-discovery and status checking.

Core Enhancements

The following feature has been added to the Cisco 7000 series, Cisco 7200 series, and Cisco 7500 series routers:

With NetFlow Switching, network users can extend their use of existing Cisco IOS services, such as security access lists or the collection of traffic statistics, without paying the performance penalty usually associated with such processing-intensive functions. This increase in performance allows these services to be used in more places within the network and on a larger scale. Extending network security is increasingly important as networks need to support access from remote users and across public Internet services. Detailed information on traffic flows helps network managers to grow their networks in the most cost-effective way.
NetFlow Switching provides increased performance for the application of existing Cisco IOS services such as security access lists and accounting. Previously, system performance could be affected by as much as 30 percent for each service invoked. With NetFlow Switching, system switching performance can be maintained within 10 to 15 percent of optimum levels for all supported services. As with any connection-oriented technique, the performance of NetFlow Switching is affected by the total number of active flows.
Cisco's initial implementation of NetFlow Switching supports Internet Protocol (IP) traffic over all interface types and provides optimal performance with Ethernet, Fiber Distributed Data Interface (FDDI), and High-Level Data Link Control (HDLC) serial interfaces.
NetFlow Switching is supported on the Cisco 7500 series and Cisco 7000 series routers with a Route Switch Processor (RSP). On these routers, NetFlow Switching can operate on the master RSP or on a distributed basis on individual Versatile Interface Processors (VIPs).

IBM Functionality

This section describes the IBM network software features and support that are new in the initial release of Cisco IOS Release 11.2.

New Features

The following new IBM software features are available:

The NCIA Server supports SNA and NetBIOS sessions over a variety of LAN and WAN connections, including dial-up connections. The NCIA architecture supports clients with full SNA stacks---providing all advanced SNA capabilities, unlike some split-stack solutions.
NCIA Server enhancements provide:
Note that each client is a full SNA PU with one or more LUs. As such, each device requires one LLC connection at the central site router. The Cisco 4700 currently supports 3000-4000 LLC connections.
The TN3270 Server on the CIP supports up to 8000 concurrent sessions on a CIP and up to 16000 concurrent sessions on a CIP2 card. The TN3270 Server offers the following advanced capabilities:
TN3270 Server requires 32 MB of CIP DRAM to support up to 4000 sessions, 64 MB to support 8000 sessions, and 128 MB to support 16000 sessions. TN3270 Server can run concurrently with any of the other CIP applications (IP Datagram, TCP/IP Off-load, or CSNA), but operation of any of these features will affect the total number of sessions supported due to contention for CIP processor cycles.
Fast Switched SR/TLB improves performance on all platforms by a factor of at least 2; for the Cisco 4500 and Cisco 4700, by a factor of 3. It is ideal for IBM environments (for example, where low-cost Ethernet adapters are being installed on campus, but Token Ring connectivity to a FEP is still required) and for campus environments with a mix of Token Ring and Ethernet LANs and/or switches that rely on the Cisco IOS software for translational bridging.
RTR enables the following functions to be performed:
The RTR feature is currently available only with feature sets that include IBM support. A CiscoWorks Blue network management application will be available to support the RTR feature. Both the CiscoWorks Blue network management application and the router use the Cisco Round Trip Time Monitor (RTTMON) MIB. This MIB is also available with Release 11.2.

APPN Enhancements

The following features have been added to Cisco's APPN software:

The CDS reduces broadcast traffic in the network. Without an active CDS on ACF/VTAM, the NN must send a broadcast message to the network to locate nonlocal resources required for a session. With an active CDS, the NN sends a single request directly to the CDS for the location of the resource. A network broadcast is used only if the resource has not registered with the CDS.
ACF/VTAM must be configured as a CDS. The Cisco IOS NN learns of the capability when network topology is exchanged. To most effectively use the CDS, ENs should register the resources with the NN. Depending on the EN implementation, registration may occur automatically, may require configuration on the EN, or may not be a function of the EN.
With the APPN DLUR MIB, users have access to information collected about the DLUR function in the Cisco IOS NN and the DLUs attached to it for more complete network management information.

Data Link Switching+ (DLSw+) Features and Enhancements

The following features have been added to Cisco's DLSw+ software. These features had previously been available with Remote Source-Route Bridging (RSRB). To provide these features for DLSw+, the Cisco IOS software uses a component known as Virtual Data Link Control (VDLC) that allows one software component to use another software component as a data link.

With this feature, LNM can be used to manage Token Ring LANs, Control Access Units (CAUs), and Token Ring attached devices over a DLSw+ network. All management functions continue to operate as they would in an RSRB network or source-route bridged network.
With this feature, NSP can be configured in remote routers, and DLSw+ can provide the path for the remote service point PU to communicate with NetView. This allows full management visibility of resources from a NetView 390 console, while concurrently offering the value-added features of DLSw+ in an SNA network.
DSPU concentration consolidates the appearance of up to 255 physical units into a single PU appearance to VTAM, minimizing memory and cycles in central site resources (VTAM, NCP, and routers) and speeding network startup. Used in conjunction with DLSw+, network availability and scalability can be maximized.
With this feature, DLSw+ can be used as a low-cost way to access an APPN backbone or APPN in the data center. In addition, DLSw+ can be used as a transport for APPN, providing nondisruptive recovery from failures and high speed intermediate routing. In this case, the DLSw+ network appears as a connection network to the APPN network nodes (NNs).
This feature allows SRB over FDDI to provide the highest speed access between campus resources, while concurrently allowing DLSw+ for access to remote resources.
Currently, SRB over FDDI is supported by the Cisco 7000 and Cisco 7500 series platforms only.

Security Features

This section describes the security features that are new in the initial release of Cisco IOS Release 11.2.

New Features

This feature can be used to build multiprotocol Virtual Private Networks (VPNs), using encrypted Generic Routing Encapsulation (GRE) tunnels. It can also be used to deploy secure telecommuting services, Intranet privacy, and virtual collaborative or community-of-interest networks.
All components of this feature are subject to U.S. Department of Commerce export regulations. Encryption is currently IP only, though it does support multiprotocol GRE tunnels. This feature is most appropriately deployed in a relatively small number of routers, with a logically flat or star-shaped encryption topology. Load-sharing of the encryption/decryption function is not supported. Without a Certification Authority (CA), the one-time authentication effort increases exponentially with the number of routers. Router authentication requires the network administrator to compare the hashes produced by the routers, once during initial configuration. This version of encryption is not IPSEC compliant.
Systems with existing Kerberos V infrastructures can use their Key Distribution Centers (KDCs) to authenticate end-users for network or router access.
This is a client implementation, not a Kerberos KDC. Kerberos is generally considered a legacy security service and is most beneficial in networks already using Kerberos.

TACACS+ Enhancements

The following features have been added to Cisco's TACACS+ software:

Single Connection is an optimization whereby the network access server maintains a single TCP connection to one or more TACACS+ daemons. The connection is maintained in an open state for as long as possible, instead of being opened and closed each time a session is negotiated. It is expected that Single Connection will yield performance improvements on a suitably constructed daemon.
Currently, only the CiscoSecure daemon V1.0.1 supports Single Connection. The network access server must be explicitly configured to support a Single Connection daemon. Configuring Single Connection for a daemon that does not support this feature will generate errors when TACACS+ is used.
The network access server can support both SENDAUTH and SENDPASS simultaneously. It detects if the daemon is able to support SENDAUTH and, if not, will use SENDPASS instead. This negotiation is virtually transparent to the user, with the exception that the down-rev daemon may log the initial SENDAUTH packet as unrecognized.
SENDAUTH functionality requires support from the daemon, as well as the network access server.

Network Management

This section describes the network management features that are new in the initial release of Cisco IOS Release 11.2.

New Features

MIBs Supported

The following MIB support has been added:

See the "APPN Enhancements" section for details.
See the "ATM Enhancements" section for details.
See the "New Features" subsection in the "IBM Functionality" section for details.

Important Notes

This section describes warnings and cautions about using the Cisco IOS Release 11.2 software. It discusses the following topics:

Upgrading to a New Software Release

If you are upgrading to Cisco IOS Release 11.2 from an earlier Cisco IOS software release, you should save your current configuration file before installing Release 11.2 software on your router.

Traffic Shaping over Frame Relay in Release 11.2(1)

Traffic shaping over Frame Relay is not available in Release 11.2(1). This feature will be available in a subsequent maintenance release of Release 11.2. Refer to software defect ID CSCdi60734.

LAN Extension in Release 11.2(1)

The LAN extension interface does not function correctly in Release 11.2(1). The behavior is that the LAN extension NCP negotiates and sets the LAN extension interface state to "up" and the show controller lex number command displays the message "No inventory message received from LAN Extender." Turning on the LAN extension RCMD debugging shows that every remote command is being rejected with the message "LEX-RCMD: encapsulation failure." There is no workaround. This problem is being tracked as bug ID CSCdi66478.

Changes to LANE Commands

The commands lane auto-config-atm-address, lane fixed-config-atm-address, and lane config-atm-address have been changed. Previously, the effect of these commands depended on whether they were used on a major interface or on a subinterface. In Release 11.2(1) and later releases, an optional keyword config indicates that the command causes the configuration server to listen on the designated address. If the keyword is not used, the command causes the other LANE clients and servers on the interface to use the designated address to locate the configuration server. Refer to the Wide-Area Networking Command Reference publication for more information about these commands.

Channel Interface Processor (CIP) Microcode

CIP microcode is now available as a separate image, unbundled from the Cisco IOS image. CIP microcode (for the CIP or Second-Generation CIP [CIP2] card) resides only in router Flash memory as multiple files. The router loads a "kernel" to the CIP (based upon hardware revision), and the CIP selectively loads and relocates the software it requires from the router's Flash memory. The CIP image is available on pre-loaded Flash memory cards, on floppy diskette, or via FTP from Cisco. Every version of Cisco IOS Release 11.2 has a corresponding version of CIP microcode. Refer to the Channel Interface Processor (CIP) Microcode Release Note and Microcode Upgrade Requirements publication (Document Number 78-4715-xx) for information about the recommended pairs of Cisco IOS Release 11.2 and CIP microcode.

Consider the following before using Cisco IOS Release 11.2 and CIP microcode:

When the CIP image is copied to an existing Flash memory card, the existing flash copy commands are used, just as before. If a CIP image other than the default for the release is being used, then the microcode cip flash configuration command must be issued.

The show microcode command has been expanded to display the default CIP image name for the Cisco IOS release.

Note The router must already be running Cisco IOS Release 11.2 before performing a copy of the CIP image to Flash memory because the CIP image must be "exploded" from the single image file on the TFTP server to multiple files in Flash memory. This capability was first available in Release 11.1.

There are a number of ways to determine what is loaded on each CIP:

Multiple CIP cards of different hardware revisions can run in the same router.

Cisco 7500 Series High System Availability (HSA)

To successfully use the HSA feature, you should take note of the following:

Netbooting from VIP

To netboot from Ethernet or Fast Ethernet ports on a VIP, the system must contain version 11.1 boot ROMs. If the system contains version 11.0 boot ROMs, you can work around this requirement by using the boot bootldr device:filename global configuration command to load a bootstrap image from Flash memory.

Source-Route Bridging (SRB) over FDDI

This feature supports forwarding of source-route bridged traffic between Token Ring and FDDI interfaces on the Cisco 7000, Cisco 7010, and Cisco 7500 series routers. Previously, the only way to transport SNA and NetBIOS over FDDI was with remote source-route bridging (RSRB), which is either fast switched (direct or Fast-Sequence Transport (FST) encapsulation) or process-switched (TCP encapsulation). With SRB over FDDI, traffic can be autonomously switched, greatly improving performance for SRB traffic that uses FDDI as a backbone. This feature eliminates the need for RSRB peer definitions to connect Token Ring networks over the FDDI backbone.

Note SRB over FDDI does not support RSRB traffic forwarded to RSRB peers. Routers that have connections to local Token Ring networks as well as RSRB connections to remote networks cannot use this feature. The workaround is to move the RSRB connections to routers that are not connected to the FDDI backbone.

Enabling IPX Routing

The Token Ring interface is reset whenever IPX routing is enabled on that interface.

Using AIP Cards

Cisco 7000 series ATM Interface Processor (AIP) cards that support E3, DS3, or Transport Asynchronous Transmitter/Receiver Interface (TAXI) connections and that were shipped after February 22, 1995, require Cisco IOS Release 10.0(9), 10.2(5), 10.3(1), or later.

Booting Cisco 4000 Routers

You must use the Release 9.14 rxboot image for Cisco 4000 routers because the Release 11.0 rxboot image is too large to fit in the ROMs. (Note that rxboot image size is not a problem for Cisco 4500 routers.) However, because the Release 9.14 rxboot image does not recognize new network processor modules, such as the Multiport Basic Rate Interface (MBRI), its use causes two problems:

Bad interface specification
No interface specified - IP address
Bad interface specification
No interface specified - IP address

Using LAN Emulation (LANE)

Note the following information regarding the LAN Emulation (LANE) feature in Cisco IOS Release 11.2:

Forwarding of Locally Sourced AppleTalk Packets

Our implementation of AppleTalk does not forward packets with local-source and destination network addresses. This behavior does not conform to the definition of AppleTalk in Apple Computer's Inside AppleTalk publication. However, this behavior is designed to prevent any possible corruption of the AppleTalk Address Resolution Protocol (AARP) table in any AppleTalk node that is performing MAC-address gleaning.

Using Source-Route Transparent Bridging (SRT) and Source-Route Bridging (SRB) on Cisco 2500 and Cisco 4000 Routers

Certain products containing the Texas Instruments TMS380C26 Token Ring controller do not support SRT. SRT is the concurrent operation of SRB and transparent bridging on the same interface. The affected products, shipped between March 30, 1994, and January 16, 1995, are the Cisco 4000 NP-1R, Cisco 4000 NP-2R, Cisco 2502, Cisco 2504, Cisco 2510, Cisco 2512, Cisco 2513, and Cisco 2515.

Units shipped before March 30, 1994, or after January 16, 1995, are not affected. They use the Texas Instruments TMS380C16 Token Ring controller, which supports SRT.

SRT support is necessary in two situations. In one, Token Ring networks are configured to SRB protocols such as SNA and NetBIOS, and they transparently bridge other protocols, such as IPX. In the other situation, SNA or NetBIOS uses SRB and Windows NT is configured to use NetBIOS over IP. Certain other configuration alternatives do not require SRT (contact the Technical Assistance Center for more information).

As of Release 10.3(1), SRB in the following Cisco IOS features sets is no longer supported: IP, IP/IPX, and Desktop. To use SRB, you need one of the following feature sets: IP/IBM base, IP/IPX/IBM base, IP/IPX/IBM/APPN, Desktop/IBM base, Enterprise, or Enterprise/APPN. In most non-IBM Token Ring environments, the multiring feature in IP, IP/IPX, and Desktop eliminates the need for IP/IBM base, IP/IPX/IBM base, IP/IPX/IBM/APPN, Desktop/IBM base, Enterprise, or Enterprise/APPN.

Release 11.2(7a) Fixes Caveats CSCdj24132 and CSCdj21944

Cisco IOS software releases 11.2(7) and 11.2(7)P were deferred due to two severe defects. It was determined that these caveats were significant enough to merit a software rebuild. The rebuild includes the caveat fixes and is renumbered to 11.2(7a).

These defects are bugs CSCdj24132 and CSCdj21944 and are described as follows:

A router may also crash if the clear interface bri command is issued. This problem only affects net3, vn2/vn3, and ts013 switch types. [CSCdj24132]
The following are indicators that may be used to determine if the AS5200 is encountering this problem:
%SYS-2-MALLOCFAIL: Memory allocation of 1056 bytes failed from 0x2214E776, pool Processor, alignment 0
-Process= "Net Periodic", ipl= 0, pid= 34
-Traceback= 2214D3E0 2214E542 2214E77E 2214BEC6 2214C12A 22159466 2215E86E 22140BDE 2213B688 2213B6E0
[CSCdj21944]

Release 11.2(7a) and all subsequent releases of Cisco IOS software include the fix for these caveats.

ATM Multipoint Signaling

Prior to Cisco IOS Release 11.1(13) and 11.2(8), the atm multipoint-signaling command was used on the main interface and affected all subinterfaces. For Release 11.1(13), 11.2(8) and later releases, explicit configuration on each subinterface is required to obtain the same functionality. Refer to bug CSCdj20944, which is described as follows:

Clients on different subinterfaces can have different behavior. Specifically 1577 requires point-to-point, and PIM allows point-to-multipoint. The command should be on a per subinterface basis.
Users will have to enable the atm multipoint-signaling command on all subinterfaces that require it. Previously, they only needed to enable it on the main interface.

Release 11.2(10a) Fixes Caveats CSCdj58676 and CSCdj60533

Cisco IOS software Releases 11.2(10) and 11.2(10)P were deferred due to two severe defects. It was determined that these caveats were significant enough to merit a software rebuild. The rebuild includes the caveat fixes and is renumbered to 11.2(10a).

These defects are bugs CSCdj58676 and CSCdj60533 and are described as follows:

The nature of the defect is that it will only occur after a dynamic event. If redistribution is manually configured, EIGRP will initially reflect correct information in the topology table. However, after any sort of dynamic event the topology table becomes invalid and routing updates sent are inaccurate. [CSCdj58676]
Note The code changes committed by CSCdj58676 resolved some issues but created the symptoms reported in CSCdj65737. The code changes for CSCdj58676 were only committed to releases 11.2(10a), 11.2(10a)BC and 11.2(10a)P, therefore they are the only ones affected by CSCdj65737. See the section "Release 11.2(11) Reintroduces Caveat CSCdj28874" for more information related to CSCdj58676 and CSCdj65737.

Release 11.2(11) Reintroduces Caveat CSCdj28874

CSCdj65737 was introduced by code changes associated with CSCdj58676. The issue is that routes are not being redistributed into Enhanced IGRP from other routing protocols if both protocols are routing for the same major network.

The code changes for CSCdj58676 were only applied to 11.2(10a), 11.2(10a)BC and 11.2(10a)P releases, therefore, those releases are the only ones impacted by CSCdj65737. The fix to CSCdj65737 will be to back out the code changes committed by CSCdj58676 and CSCdj28874. That change will have the effect of reintroducing the behavior reported by CSCdj28874, which is described as follows:

If the interface connecting that network goes down, only one of the two entries will be removed from the topology table. The entry learned via redistribution will remain in the topology table and be advertised, even though it is no longer valid. [CSCdj28874]

The code back-outs of CSCdj65737 and reintroduction of CSCdj28874 will appear in the following releases:

All defect resolution information pertaining to CSCdj58676 is superseded by the details relating to CSCdj65737.

The symptoms of CSCdj28874 may be avoided by not using the redistributed connected command and instead specifying the individual networks to be redistributed into Enhanced IGRP.

Some 40-bit Encryption Images are Unavailable

Cisco is conducting an internal review of the build and distribution processes associated with its 40-bit IOS cryptographic products. So that we may provide you with seamless access to IOS 40-bit encryption capability, Cisco will provide access to the most current 40-bit encryption images, beginning with 11.2 (12), 11.2(12)P, and 11.3(2). The following 40-bit encryption images will be indefinitely unavailable: 11.2(1) - 11.2(11.2), 11.2(2)P - 11.2(11.1)P, 11.2(1)F - 11.2(4)F, 11.3(1).

This review is not related to any new or previously unreported bugs. The information gathered in the review will be used to implement new automated development, and order processing applications.

Release 11.2(12a) Fixes Caveat CSCdj52309

Cisco IOS software Release 11.2(12) was deferred due to two severe defects. It was determined that this caveat was significant enough to merit a software rebuild. The rebuild includes the caveat fix and is renumbered to 11.2(12a).

The defect is caveat CSCdj52309 and is described as follows:

Tunneling is being used as an abbreviation in this context to refer to a specific fast-switch to process-level code path traversed by translational bridging (TLB), source route bridging (SRB), and remote source route bridging (RSRB).
When the packet tunneling logic on RSP or RSM-equipped systems causes datagrams to be copied from SRAM to DRAM, an arithmetic error results in more bytes being copied than is remembered for cleanup processing. Reuses of the tunneling logic, in certain rare combinations of timing, packet-sizes, and buffer-usages, may result in those unaccounted bytes causing several anomalous system behaviors including packet errors.
This software defect is exposed to all RSP and RSM images in the following Cisco IOS software releases: 11.2, 11.2P, 11.2BC, 11.3, 11.3T.
Solution: To eliminate the problems mentioned in the preceding section, we strongly recommend that you download and install one of the following Cisco IOS software release updates: 11.2(12a), 11.2(12a)P, 11.3(2a), 11.3(2a)T.
Workarounds: There are two possible workarounds. CSCdj33812 provides a configuration command to avoid the software defect. This workaround is available in the following Cisco IOS Releases: 11.2(11.5), 11.2(11.5)P, 11.2(11.5)BC, 11.3(2.1), and 11.3(2.1)T. If you are using an earlier release, use the second workaround.
Other considerations: Cisco IOS Releases 10.3, 11.0, and 11.1 Major and ED releases are not exposed to CSCdj52309. Though these releases share the same arithmetic problem, the tunneling software is different, and there is no known or predicted combination of timing, packet-sizes, and buffer-usages that results in the same or different anomalous behaviors associated with Cisco IOS Releases 11.2, 11.2P, 11.2BC, 11.3, and 11.3P. Cisco is using CSCdj52309 to repair the arithmetic problem in Releases 10.3, 11.0, and 11.1; however, no special images are being created because the anomalous behaviors are not present in those releases.
[CSCdj52309]

Release 11.2(12a) and all subsequent releases of Cisco IOS software include the fix for this caveat.

Release 11.2(13a) Fixes Caveat CSCdj94374

The solution for software defect CSCdj31419 was improperly integrated in Release 11.2. CSCdj94374 resolves this issue and completes the integration for CSCdj31419. CSCdj94374 applies to Release 11.2 only. In all other releases, CSCdj31419 was correctly integrated.

This caveat applies to all RSP images, (RSP7000/7500), running Cisco IOS Release 11.2(10.4) - 11.2(13). Cisco strongly recommends that you download and install Cisco IOS software Release 11.2(13a) if you are affected by this caveat.

Release 11.2(15a) and 11.2(15a) P

After the release of Cisco IOS Release 11.2(15) and 11.2(15) P, a serious defect (caveat CSCdk33475) was identified that impacts Enhanced IGRP for Cisco IOS Releases 11.2(14.1) through 11.2(15.2) and Releases 11.2(14.1) P through 11.2(15.2) P. It was determined that this defect was significant enough to merit a software rebuild. The rebuild includes the caveat fix and is renumbered to 11.2(15a) and 11.2(15a) P.

Caveat CSCdk33475 causes a router to fail after the command show ip eigrp events is issued. While this show command is not required for normal operation, it is used often enough by TAC personnel and customers to cause major havoc to customers who are running images with this defect.

Release 11.2(15a) and 11.2(15a) P and all subsequent releases of Cisco IOS software, including Release 11.2(16) and 11.2(16) P, include the fix for this caveat.

Cisco IOS Release 11.2 Switches to Long-Cycle Maintenance Releases

Beginning with Cisco IOS Release 11.2(15) and 11.2(15) P, all subsequent 11.2 and 11.2 P releases switch to Long-Cycle Maintenance Releases. A new 11.2 and 11.2 P maintenance release is scheduled to be available every thirteen weeks during the Long-Cycle Maintenance Release period. Interim builds will be available approximately every two weeks.

Caveats for Release 11.2(1) through 11.2(19)

This section describes possibly unexpected behavior by Release 11.2(19). Unless otherwise noted, these caveats apply to all 11.2 releases up to and including 11.2(19).

Access Server

The cable length options for a T1 line on a Cisco 5200 router are missing. These options are present for a Cisco 5300 router in the Cisco IOS Release 11.2 and 11.3. The cablelength long command does not work satisfactorily, so an external channel service unit (CSU) must be employed.
A Cisco AS-2509-RJ access server connected back-to-back with a Cisco 2503 router cannot establish a connection through its serial 0 interface when an X.21 DCE cable is used. The workaround is to use a RS449 DCE + cable converter.

Basic System Services

The output from the show version command on an RSP router with an HSA configuration fails to differentiate between a reload caused by a power-cycle on the router and reload initiated by a user. The router identified both situations with the following text string:
System restarted by reload
In addition, if the reload failure is caused by the failure of master RSP such that the router reloads using the former slave RSP, then the cause of the failure from the master is not visible unless you look at the output of the show stacks command.
An authenticated user may see a different username associated with the current connection displayed in the output of the who command.
The proper buffer size should be determined before clearing out the buffer.
Under rare conditions, a Cisco 7000 series router with an RP processor may clip part of the payload portion of an IPX packet.
A Cisco 3640 router crashed with the following stack trace:
tcp_unread
telnetBLOCK
scheduler main
_start
etext 
etext
etext

IBM Connectivity

A Cisco 3600 series router may restart with either a bus error or a software-forced crash when running BSTUN, on Cisco IOS Release 11.3 T. No workaround is available.
Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3640-IS-M), Version 11.3(4), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1998 by cisco Systems, Inc.
Compiled Tue 16-Jun-98 04:43 by phanguye
Image text-base: 0x600088E0, data-base: 0x60656000
 
ROM: System Bootstrap, Version 11.1(19)AA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc 1)
 
HO_BRANCH uptime is 6 minutes
System restarted by error - a Software forced crash, PC 0x601C4398
System image file is "flash:c3640-is-mz.113-4", booted via flash
An APPN router may run out of memory because of unnecessary LFSID table expansion for some DLUR links to downstream PU2.0s. This problem can occur after DLUR takeover or if the DLUR-PU had previously received a "dactpu not final use" message from the DLUS.
Output from the show buffer command indicates a large and increasing number of small buffers allocated. Dumping these packets indicates that they are SNA notify slu-disabled packets. The router is configured for APPN and DLSw.
A Cisco 4700 series router configured for DLSw/DLUR and APPN reloaded with the following bus error:
System restarted by bus error at PC 0x6075C200, address 0xB8BE27F0

Interfaces and Bridging

The FDDI interface driver can interact poorly with OSPF during OIR, causing SPF recalculations. This occurs only when OSPF is running on an FDDI interface that is not being inserted or removed. This fix eliminates the spurious indication from the driver that the SPF recalculation needs to take place.
When running Cisco IOS Release 11.2(13) with transparent bridging configured on an interface, the output queue may wedge.
A Cisco 7200 router running Release 11.2(15)P with 1xCE1 (serial 5/0:1 and 5/1:1) experiences output drops when using the two ports (serial 5/0 and serial 5/1).
Serial interfaces and line protocols on high-end Cisco routers might be down with all physical control signals up, including data carrier detect (DCD). Workaround: reload the microcode.
The Ethernet interface on an EIP card goes into an up/down state, requiring a microcode reload to return the interface to an up/up state.
When a Cisco 4500 series router boots with the two channelized E1/PRI ports, it crashes with a memory allocation error. The workaround is to boot without the PRI connection and then plug in the cable once the router has fully booted.
On a WAN, the active router and standby router are both the same router. The only workaround is to shutdown the standby interface for thirty minutes.
The following output from the show standby fiddi 3/0 command shows this problem:
Fddi3/0 - Group 1
Local state is Listen, priority 100, may preempt
Hellotime 2 holdtime 6 configured hellotime 2 sec holdtime 6 sec 
Mac cache refresh 10
Hot standby IP address is 166.44.51.254 configured
Active router is 166.35.195.253 expires in 00:00:05 
Standby router is 166.35.195.253 expires in 00:00:05
Fddi3/0 - Group 2 
Local state is Listen, priority 100, may preempt 
Hellotime 2 holdtime 6 configured hellotime 2 sec holdtime 6 sec
Mac cache refresh 10 
Hot standby IP address is 166.44.55.254 configured
Active router is 166.35.195.253 expires in 00:00:05
Standby router is 166.35.195.253 expires in 00:00:05 
Fddi3/0 - Group 3
Local state is Listen, priority 100, may preempt 
Hellotime 2 holdtime 6 configured hellotime 2 sec holdtime 6 sec
Mac cache refresh 10 
Hot standby IP address is 166.35.195.254 configured 
Active router is 166.35.195.253 expires in 00:00:05 
Standby router is 166.35.195.253 expires in 00:00:05
Activating CRB to bridge between an ATM interface (LANE client) and Ethernet interface 1/5 on a Cisco 7000 series router causes routing problems to other Ethernet interfaces.

IP Routing Protocols

Outbound Cisco OSPF has a fixed 1500-byte MTU size, which is not the same as Bay Networks' MTU size. This difference in MTU size causes minor inefficiency. Cisco's Token Ring MTU size is also smaller than Bay's Token Ring MTU size, which causes the Cisco router to drop the update from the Bay router. The workaround is to configure the Bay router for the 1500-byte MTU size.
When running the Inter-Switch Link (ISL) subinterface and network address translation (NAT) on a router, if the main interface is not configured with NAT either inside or out, but the subsequent subinterfaces are correctly configured for NAT, the router will not translate eligible packets.
A router running Cisco IOS Release 11.2(9) and configured for dynamic address translation experiences the following problem: If another router uses static or dynamic mapping, then the original router may assign more than one inside local address to the same inside global address.
NAT configuration causes a memory leak with Cisco IOS Release 11.2(17) on a Cisco 4500-M router.
EIGRP does not trigger the selection of a new route when one of the lesser or equal paths is removed from the routing table. The route disappears, but no new route is selected from the topology table.
Cisco IP access lists always permit IP fragments. There is no workaround.

ISO CLNS

When running the Intermediate System-to-Intermediate System (IS-IS) protocol using an AVL tree, failure was caused by an AVL node that was freed but still accessed during tree traversing. This occurred when the node was deleted and freed in the middle of a tree walk.
A router can intermittently lose CLNS connectivity to a directly connected ES neighbor. The workaround is to remove and reconfigure ESIS static adjacency.
Under certain conditions, a Cisco 7000 series router running Cisco IOS Release 11.2(18) may corrupt CLNS packets received on an ATM interface. This happens only when the packets are fast switched.
The workaround is to turn off fast-switching for CLNS packets.
When redistributing OSPF routes into any other routing protocol, the new routes do not include NSSA External routes. There is no workaround.

LAT

LAT group code service filtering appears to not be functioning.

Miscellaneous

The Packet OC-3 Interface Processor does not work with encryption GRE tunneling. There is no workaround.
When you exchange keys between two peers with the command crypto key-exchange, there is a problem aborting the exchange. One peer is set to passive and waits for a connection from the other peer. The router output says to enter the escape character to abort the connection, but this does not work with a Telnet session, only when the system is connected to the console. A workaround that avoids reloading the router is to clear the session by issuing the commands show tcp bri then clear tcp tcb value.
router(config)# crypto key-ex passive 
Enter escape character to abort if connection does not complete. 
Wait for connection from peer[confirm] 
Waiting ....
telnet> quit 
Connection closed. 
myhost:/home/johndoe> telnet router 
Trying 172.21.114.199... 
Connected to router.cisco.com. 
Escape character is '^]'.
User Access Verification
Password: 
router>en 
Password:
router#conf t 
Enter configuration commands, one per line. End with CNTL/Z. 
router(config)# crypto key-ex passive 
TCP bind failed: Address already in use
router(config)#exit 
router#show tcp bri 
TCB      Local Address       Foreign Address        (state) 
60C3DF74 router.cisco.com.23 myhost.43972           ESTAB 
60A23A24 router.cisco.com.23 myhost.43971           CLOSEWAIT 
router#clear tcp tcb 60A23A24 
[confirm]
[OK] 
router#conf t 
Enter configuration commands, one per line. End with CNTL/Z. 
router(config)# crypto key-ex passive 
Enter escape character to abort if connection does not complete. 
Wait for connection from peer[confirm] n 
router(config)#

A Cisco router configured to route IPX traffic through an encrypted tunnel interface may reset unexpectedly. There are two workarounds to this problem:
The MBRI gets stuck in "awaiting establishment" and "tei assigned" modes. Issuing the clear interface bri interface number command establishes multiple frames on the port, so that another ISDN call can be made.
When tunneling IPX over an IP tunnel, and when using an extended inbound access list for IP on the tunnel interface, IPX traffic is blocked by the access list. A workaround is to add a permit gre statement to the extended access-list.
A Cisco 4500 series router running Cisco IOS Release 11.2(16) with 56-bit encryption may crash. Cisco IOS Release 11.2(18) is not affected by this bug.
Encryption over a GRE tunnel fails on an intermittent basis when you have poor underlaying IP connectivity.
If Token Ring is the endpoint of an encrypted tunnel, extra packets are generated.
Symptoms are a high CPU load (mainly caused by the Crypto Engine) and bogus addresses when enabling the debug tunnel command.
The workaround is to use the interface tunnel sequence-datagrams command on both endpoints of the tunnel.
Resource pooling becomes stuck after the encapsulation and routing protocol configurations are changed a few times. The router only responded after a power cycle. The problem is only encountered after the router is repeatedly configured and unconfigured.
Receiving data while running encryption on a Cisco 2500 series router running Cisco IOS Release 11.2 causes the router to reload. There is no workaround.
A race condition can occur between the processes that tried to get connection status and dropped packet information from the VIP. A workaround is to put in a semaphore to prevent multiple processes from accessing the globals used at the same time.
The line on a Cisco 400 access server goes down when it is connected to a Cisco 3600 series router's serial interface. Debug output on the Cisco 400 shows one or two XID frames from the host, and then the line goes down. There is no workaround, but a solution is to use a Cisco IOS release with this fix and configure idle character marks in the router's interface.
A router crashed with the following information displayed in output from the show version command:
System was restarted by error - Software forced crash, PC 0xF9128 
4000 Software (C4000-JS-M), Version 11.2(17), RELEASE SOFTWARE (fc1)^M
RA: 0xFFC9A[_validate_sum(0xffbe6)+0xb4] RA:
0xE9936[_checkheaps_process(0xe9894)+0xa2] RA:
0xFCC46[_process_hari_kari(0xfcc46)+0x0]
A router with the following configuration crashes after custom queuing is enabled:
interface Serial4/1 
description AT&T
no ip address 
encapsulation frame-relay
no ip route-cache optimum 
ip ospf cost 100 
bandwidth 384 
custom-queue-list 1
The router crashes after an indeterminate amount of time---typically overnight. The router works fine in default queueing mode, WFQ.
Spurious accesses and router hangs can occur when using fair queuing.
When there is traffic (such as a ping) on the network, the IP cache entries for one network that is reachable through two equal cost paths are deleted (STALE RECURSIVE) and recreated every minute.
The following output from the debug ip cache command shows this behavior:
IP: deleted cache entry for 173.23.176.1/32 (interface invalidation)
!!!!!! we now start pinging the destination 173.23.176.20 !!!!!!
 IP: created cache entry for 173.23.176.20/32
 173.23.176.20/32        00:00:07  Ethernet1       173.23.168.125
 173.23.176.20/32        00:00:17  Ethernet1       173.23.168.125
 173.23.176.20/32        00:00:28  Ethernet1       173.23.168.125
 173.23.176.20/32        00:00:40  Ethernet1       173.23.168.125
 173.23.176.20/32        00:00:49  Ethernet1       173.23.168.125
 IP: deleted cache entry for 173.23.176.20/32 (stale recursive)
 IP: created cache entry for 173.23.176.20/32
If a router running CET encryption has many connection setup attempts happening at once, some may time out prematurely. Also, some connection setup attempts may not set up properly.
A Cisco router hangs periodically at netbios_name_cache_update. A workaround is to power cycle the router.

Novell IPX, XNS, and Apollo Domain

Routers running IPX and EIGRP on IOS Release 11.2 or higher sometimes crash when there is high interface up/down activity, especially with dial-up interfaces. The workaround is to disable IPX and EIGRP.
IPX connectivity problems between FDDI and other interfaces (such as serial and FastEthernet) are seen when a router is upgraded from Cisco IOS Release 10.3 to 11.2.
The console from a client on an FDDI ring cannot connect to servers on Ethernet segments (either local or remote) and cannot browse the NDS server object for those servers.

Protocol Translation

Translation to X.29 is not performed until a data packet is sent on X.25 to Telnet protocol translation with stream option.

Wide-Area Networking

No packets can be forwarded over synchronized dial-on-demand routing (DDR) lines using X.25/X.25-IETF encapsulation. There is no workaround.
A router crashed with the following stack trace:
_pak_dequeue
_fr_vcq_reset
_fr_vcq_queue_setup
_fr_vcq_queue_add
_fr_shape_setup
_fr_idb_config_shape
_fr_traffic_mapclass_parse 
_registry_listro_host#sh tech
A Cisco 7000 series router running Cisco IOS Release 11.2(15) with an RFC1483(SVC) configuration using an AIP, may experience an AIP looped condition if this AIP was inserted in a slot occupied by a previous line card. This appears to be affecting recently inserted and removed AIPs.
A Cisco 7500 series router with certain port adapters may not respond to SSCOP POLL PDUs for around 20 seconds, every 14-15 minutes. This behavior has been observed with Bay Centillian switches, and may cause LANE clients to go down.
On a Cisco 2516 router with a Frame Relay connection that is attempting to use ISDN as a backup, the BRI becomes administratively shutdown. Using the no-shut BRI command causes the router to hang and Frame Relay DLCI to become inactive. The router operates normally again after the BRI cable is removed. The following error message appears when the router hangs:
 %ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 92 changed to down

XRemote

If a Telnet connection is made to a reverse XRemote port on a device, and no password is answered in response to the prompt presented, the IOS device will eventually fall into an infinite loop in which it prints repeated error messages to the Telnet client. The loop continues until the client disconnects the session.

Caveats for Release 11.2(1) through 11.2(18)

This section describes possibly unexpected behavior by Release 11.2(18). Unless otherwise noted, these caveats apply to all 11.2 releases up to and including 11.2(18). For additional caveats applicable to Release 11.2(18), see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 11.2(19).

Basic System Services

When performing an SNMP walk to find a CDP neighbor, an alignment error will happen if the CDP neighbor entry does not have a Layer 3 address such as an IP address.
Currently generic traffic shaping and Frame Relay traffic shaping are not supported with Optimum/CEF switching modes. Therefore, these switching modes must be disabled to make traffic shaping work over the interface.
IPX EIGRP topology and routing tables do not show entries for routes that are showing on IPX EIGRP neighbors. The affected router shows it is receiving updates when the debug ipx eigrp command is used. But the entries are never added to the topology table.
You cannot enter a write network command when you use the TFTP-source interface.

EXEC and Configuration Parser

A bus error occasionally occurs when using the show running-config command.

IBM Connectivity

The dlsw icanreach sap command is an implicit deny to all SAPs not listed. When implemented it checks DSAP in both directions. It should check DSAP inbound and SSAP outbound.
A DLUR router may reload with the following stack trace.
RA: 0x6070294C[mu_processor(0x60702630)+0x31c]
RA: 0x60702F84[remote_path_control(0x60702e50)+0x134]
RA: 0x607044D0[pc_mainline(0x60703d60)+0x770] 
RA: 0x606FF3B8[xxxpcasm(0x606ff000)+0x3b8]
A crash occurs in a APPN (Advanced Peer-to-Peer Networking) router with SegV exception. The stack trace is:
0x606C30CC:process_purged_ips(0x606c3060)+0x6c
0x606C3024:hsp04(0x606c2dd0)+0x254
0x606C2DAC:hsp00(0x606c2d80)+0x2c
If a BIND arrives at a Cisco NN/DLUR and is destined for a SLU beneath that DLUR, and the PLU name is not qualified, the BIND is rejected with sense code 0x0835001B. The 1B in the sense code is the offset into the BIND of the PLU name field.
APPN/DLUR experiences corruption when the total number of PUs and LUs approaches 8000. This problem occurs after one of the spurious memory accesses listed in the DDTS description. Failures that can result include:
In a DLSw environment with a large number of unpaced SNA frames (frames using DSPU with many LUs defined), high CLS congestion can result in a ZWO being sent followed by an RWO without waiting for an FCA response. This causes the circuit to hang at Cw:0. The circuit must be cleared to restore communications.
cowboyneal#show dlsw circuits detail sap-value
Indexlocal addr(lsap)remote addr(dsap)state
8556382034034.0935.d100(F4)4034.1001.0000(04) CONNECTED
PCEP: 22DEACUCEP: 2417E0
Port:VDLC3935peer 10.144.128.1(2065)
Flow-Control-TxCW:21, Permitted:35; Rx CW:0, Granted:13; Op: Incr Congestion: Low(02), Flow Op: Half: 6/2 Reset 2/0
RIF = --no rif--
A router crashed from a bus error at PC _lnm_add_entry. This is probably because it received a frame on its Token Ring interface that pertains to LNM, and also has its RIF length greater than 7 hops.
The workaround maybe to use the no lnm rem command.
A Cisco 7500 series router with RSP Software (RSP-DW-M) running Cisco IOS Release 11.2(17)P was restarted by an Illegal Opcode exception, PC 0x60AE87E4. The stack decode pointed to tcpdriver and stun_background.

Interfaces and Bridging

Cisco 7500 series routers may display spurious memory access messages. If the output of show align command decodes to "s4t_rx_interrupt", this caveat may apply.
The bridge filter does not filter out all the MAC addresses it is supposed to.

IP Routing Protocols

Some types of incorrectly formed DNS packets may cause the system to reload.
On a Cisco 2600 series router running the c2600-is-mz_113-3a_T1 image and the NAT protocol, NAT works until the translation table times out. The only workaround is to reload the router every 24 hours.
Cisco IOS NAT socket translation only works for connections initiated from outside to inside. Without sockets, translation works on the IP address; however, with a socket, translation does not work.
When configuring an X.25 line as a passive interface for open shortest path first (OSPF), it might stay in OSPF down state after a line flap, even though the line protocol is up. You can check the OSPF state using the show ip ospf interface command. As a result, this line's network number will not be advertised by OSPF. A workaround is not to make this interface passive for OSPF.
ICMP redirects can overwhelm process switching. The workaround is to use the clear ip redirect or reload the router.
ARP to a Cisco 2500 series router running Cisco IOS Release 11.2(17) or 12.0(3.7) fails on the serial interface when bridging is enabled and the router is reloaded. This problem was seen on the following topology:
----Ethernet----Cisco 2500 series router---serial interface---Cisco 2500 series router---Ethernet---
The workaround is to remove and reenter the IP address on the serial interface.
Some IP fragments may be incorrectly filtered out by access lists.

Miscellaneous

If two Cisco 7500 series routers are connected to many Ethernet interfaces with EIP interface processors and are running HSRP on many of these interfaces, the HSRP configuration may take an excessively long time (several minutes) to determine the active and standby routers after a router reloads. During this period of instability, the CPU load on the router approaches 100 percent.
The workaround is to replace the EIP interface processors with VIP interface processors and Ethernet port adapters.
Less effective workaround are to reduce the number of HSRP groups or to increase the HSRP hello and hold time.
We recommend that you to have no more than 24 HSRP EIP interfaces or 80 HSRP VIP interfaces running simultaneously.
Encryption may cease to work after some time (depending on whether CET or IPSec is being used and how long the key timeouts are). The symptoms include a lack of debugs from one of the crypto modules, as well as an interruption of the flow of encrypted data.
A Cisco 3620 router configured for encryption over asynchronous dialup may crash when the crypto-map is removed from the dialer interface.
Under stress conditions (if the ESA is bringing up a large number of crypto sessions simultaneously), the router may either enter a race condition or wedge the crypto initiation messages in the input-queue of the interface performing encryption.
A VIP interface needs to use a crypto map with a name that is not a subset of other crypto maps. For example, crypto map "testtag1," "testtag10," and "testtag100" are all treated as the same crypto map.

Novell IPX, XNS, and Apollo Domain

On rare occasions a network may be unreachable even though it is active in the RIP table and displayed in output from the show ipx route command. This condition is seen when all (or most) routes are learned through a specific interface and that interface or its neighbor goes down long enough for the majority of the route to reach the holddown time (4 minutes). If the neighbor/routes then come back up before the route is removed from the table, there is a rare chance that some of the routes may be active but unreachable.
Symptoms of this condition are a "uses" counter (on the show ipx route detailed command) of zero even though devices are trying to reach this network. If services are associated with this network, the services associated with it will time out of the service table and SAP entries received for these services will be reject with a "no network found," which can be seen by enabling the debug ipx sap event command.
The workaround is either to clear the specific route entry using the clear ipx route command or clear the entire route table using the clear ipx route * command.
Under certain conditions, IPX-EIGRP is leaking memory via "IPX USV" and "IPX SAP PH." This leak happens on slow or congested WAN links with large numbers of IPX services (SAPs) being advertised where IPX-EIGRP neighbors are flapping. These conditions are evident by the constant short "Uptime" and constant non-zero "Q Cnt" in output from the show ipx eigrp neighbors command.
The workarounds are to increase the interface bandwidth (using the bandwidth command) and/or increase the EIGRP bandwidth for that interface (using the ipx bandwidth-percent eigrp command). By default, EIGRP gets the maximum of fifty percent of the interface bandwidth.
In Cisco IOS Release 11.2, if SAP passive update is configured on an interface, the services learned on that interface never age out of the table. In Cisco IOS Release 11.3 and later, this also occurs for networks learned on RIP passive interfaces.

TCP/IP Host-Mode Services

A bus error crash occurs at null pointer (0x0) with a message "System restarted by bus error at PC 0x27BD0060, address 0x0." Replacing the hardware did not solve the issue.
This problem happens under rare unknown conditions when multiple Telnet sessions are run from the router.
This crash occurred on a Cisco 7500 series routers running Cisco IOS Release 11.1 (20)CA and 11.2(17)P. The only workaround is to not run Telnet sessions from the router.
If the number of UDP echo requests from different source/port pairs causes the router to activate more than a certain number of UDP echo daemons, the remaining UDP echoes will not be replied to. There is no known workaround.
If RCP is configured on the routers and is used on hosts and routers separated by a firewall (with strict access controls lists, such as allowing only loopback addresses), the RCP sessions fail when multiple interfaces are used on the router and a second interface, other than the primary interface, is configured for RCP sessions (using the ip rcmd source-interface command). The workaround is to not use "loopback" or secondary IP addresses for the RCMD source-interface. Use only the primary (default) interface.

Wide-Area Networking

DDR using the dialer dtr command does not reset DTR to a down state after an unsuccessful call attempt. (Unsuccessful in this case means that DDR is triggered, DTR is raised, but the modem/TA attached to the serial port never connects so that DCD does not come up.)
This can be verified by viewing output of the show dialer command to ensure that the dialer state is idle and the show interface serial command to check the state of DTR.
This problem does not occur in Cisco IOS Release 11.1.

Caveats for Release 11.2(1) through 11.2(17).

This section describes possibly unexpected behavior by Release 11.2(17). Unless otherwise noted, these caveats apply to all 11.2 releases up to and including 11.2(17). For additional caveats applicable to Release 11.2(17), see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 11.2(18).

Access Server

Basic System Services

%ETHERNET-1-TXERR: Ethernet0: Fatal transmit error. Restarting... %QUICC-5-COLL: Unit 0, excessive collisions. Retry limit 15 exceeded
All router hardware was tested, but the errors continued. [CSCdk11908]

IBM Connectivity

[Mfree+0x14] [destroy_cp_status+0x24] [newdss00+0xf8] [CSCdk00974] 
%SYS-2-BADSHARE: Bad refcount in datagram_done may be reported by the router
There is no workaround. [CSCdk30352] 
Broadcast locates rcvd/sent                9499/1395 
Directed/Broadcast locate negative replies 3/152 
Outstanding locates                        1213
[CSCdk78105] 
%DSPU-3-LSConnInFailedNoMem: Connect in from remote address 00104b0a60e0 failed; insufficient memory. 
%DSPU-3-LSConnInFailedNoMem: Connect in from remote address 00105a00e326 failed; insufficient memory.
[CSCdk86081] 
Jan 25 12:51:18: %APPN-7-APPNETERROR: TP(RCA) - Proto error: rcv_and_wait with NETA.ENCP1 rc=F, 0
[CSCdk88194] 
0xRA:0x60757578:Qdeq(0x6075756c)+0xc 0xRA:0x606FBA6C:hs_deleter(0x606fb930)+0x13c 0xRA:0x606FC038:mu_processor(0x606fbe40)+0x1f8 0xRA:0x606FC77C:remote_path_control(0x606fc650)+0x12c 0xRA:0x606FDC04:pc_mainline(0x606fd500)+0x704 0xRA:0x606F8D70:xxxpcasm(0x606f89d0)+0x3a0
[CSCdk93916] 
RA: 0x601C89D4[abort(0x601c89cc)+0x8] RA: 0x601C7354[crashdump(0x601c728c)+0xc8] RA: 0x607375F0[Eattach(0x60737588)+0x68] RA: 0x60739DCC[Pcreate(0x60739cd4)+0xf8] RA: 0x60648720[amp610(0x606486c0)+0x60] RA: 0x6064789C[amp500(0x60647510)+0x38c] RA: 0x60645AD0[amp00(0x60645790)+0x340]
[CSCdm05337]

Interfaces and Bridging

Router# show version
Cisco Internetwork Operating System Software IOS (tm) 7000 Software (C7000-JS-M), Version 11.2(12), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1998 by cisco Systems, Inc. Compiled Mon 23-Feb-98 16:48 by tlane Image text-base: 0x00001000, data-base: 0x008EAC78
ROM: System Bootstrap, Version 11.1(15), SOFTWARE ROM: 7000 Software (C7000-P-M), Version 11.2(12), RELEASE SOFTWARE (fc1)
FAIRFAX uptime is 1 hour, 8 minutes System restarted by bus error at PC 0x17978E, address 0xEF4321CD ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[CSCdj66544]

IP Routing Protocols

Software forced crash, PC 0x175808
[CSCdk40576] 
%SYS-3-CPUHOG: Task ran for 2672 msec (87/71), Process = IP Input
[CSCdk26388]

ISO CLNS

Miscellaneous

Novell IPX, XNS, and Apollo Domain

Wide-Area Networking

Dialer1 - dialer type = DIALER PROFILE 
Idle timer (120 secs), Fast idle timer (20 secs) 
Wait for carrier (30 secs), Re-enable (15 secs) 
Dialer state is shutdown
The workaround is to configure a new profile and/or reload. [CSCdk58971]

Caveats for Release 11.2(1) through 11.2(16)

This section describes possibly unexpected behavior by Release 11.2(16). Unless otherwise noted, these caveats apply to all 11.2 releases up to and including 11.2(16). For additional caveats applicable to Release 11.2(16), see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Release 11.2(17).

Basic System Services

EXEC and Configuration Parser

System was restarted by bus error at PC 0x22453682, address 0xD0D0D0D
[CSCdk33946]

IBM Connectivity

In this case, the receiving TCP does not give the assembled packet to DLSw until another packet comes down the pipe. A workaround could be to adjust the MAXDATA (MAX PIU) of the end node to the value of (MSS-16) bytes (considering 16 bytes of DLSw header) in case of SNA. [CSCdk36264]
Oct 1 09:52:03 11.32.8.1 53142: Oct 1 09:52:19.118: %APPN-0-APPNEMERG: Mfreeing bad storage, addr = 610D1898, header = 00000000, 00000080, 606B1F38, 60743610
System was restarted by bus error at PC 0x31300068, address 0x0 [CSCdk50300]
%APPN-6-APPNSENDMSG: APPN Allocate 613D1F8C to NETA.MVS1 timed out for TP "001.
System was restarted by error - a SegV exception, PC 0x606AE270 [CSCdk54077]
System was restarted by error - a SegV exception,
PC 0x60744AE0 Stack trace from system failure: B_free_bfr_cell(0x60744950)+0x190
in_use_to_free(0x60743a08)+0x5c Bfree_Fixed_or_Varying_buffers(0x607456d0)+0x118
Bfree(0x60741170)+0xa4 free_buffer(0x6069ec30)+0x10 ptp102(0x606b2ce0)+0x15c ptp176(0x606b4b30)+0x34 ptp16(0x606b4850)+0x21c
[CSCdk56117]
System restarted by error - a SegV exception,
PC 0x0 at 16:02:18 UTC Mon Oct 26 1998
#0 0x0 in ??
#1 0x606ae4ac in psp01a
#2 0x606ae2e4 in psp00
[CSCdk58180]

Interfaces and Bridging

System was restarted by error - a Software forced crash, PC 0x601ABE14
GS Software (RSP-JV-M), Version 11.1(18.1)CA,
EARLY DEPLOYMENT MAINTENANCE INTERIM SOFTWARE
Compiled Tue 07-Apr-98 04:58 by richardd
Image text-base: 0x60010900, data-base: 0x60A64000
Stack trace from system failure:
FP: 0x60F61620, RA: 0x601ABE14
FP: 0x60F61620, RA: 0x601A9CA0
FP: 0x60F61638, RA: 0x60130EAC
FP: 0x60F61660, RA: 0x601320F0
FP: 0x60F61698, RA: 0x6011AC98
FP: 0x60F616B8, RA: 0x6011ECC0
FP: 0x60F616F8, RA: 0x6011B048
FP: 0x60F61710, RA: 0x6013A7F8
[CSCdk18176]

IP Routing Protocols

LAT

Miscellaneous

Novell IPX, XNS, and Apollo Domain

PID   TTY Allocated Freed Holding Getbufs     Retbufs Process
44 0 14265416 201472 8360984 21924 0    IPX SAP In
Also, memory is being allocated to large number of "IPX SAP PH", "IPX NDB PH", and "IPX USV" as shown by the command show memory summary. A workaround is to issue the command no ipx sap-incremental eigrp from the IPX interfaces. [CSCdk44590]

TCP/IP Host-Mode Services

Wide-Area Networking

Caveats for Release 11.2(1) through 11.2(15)

This section describes possibly unexpected behavior by Releases 11.2(15) and 11.2(15)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(15) and 11.2(15)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(15) and 11.2(15)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(16) and 11.2(16)P.

Basic System Services

A workaround for this problem is to make the "boot buffersize" in the config larger.We suggest 100K bytes larger than the configuration to allow room for configuration changes. [CSCdk14608]
This problem can be avoided by first checking to see if there is enough memory to write the configuration. [CSCdk32125]

DECnet

IBM Connectivity

%APPN-7-APPNETERROR: MSP04-bAuUEcKTSepupA TRIED TO SEND TO THIS NODE FOR bAuUEcKcbDe
%APPN-7-APPNETERROR: MSP08-MDS_MU RCVD WITH ERROR
%APPN-7-APPNETERROR: 008B13100038131119810801E2C1F5D5C5E30902D4D3E5F0F5F0C1060323F0F1
%APPN-7-APPNETERROR: F516820801E2C1F5D5C5E30602E3E2C4E5060323F0F1F4059000800000331549
%APPN-7-APPNETERROR: 16010A01E2C1F5D5C5E340400A02C3D5D4F0F14040400A0423F0F1F540404040
%APPN-7-APPNETERROR: 0F020000001200620602083B3200E9001C1212001880610C060A50C3D6D5E2D6
%APPN-7-APPNETERROR: D3C5400831E2C840E5C5D9
%APPN-7-APPNETERROR: MSP08-SENSE_CODE=0x8A80009
%APPN-7-APPNETERROR: MSP08: SENSE_DATA= 0x8A80009
%APPN-7-MSALERT: Alert CPMS002 issued with sense code 0x8A80009 by XXXMSP04
[CSCdk19424]
%SYS-2-INPUTQ: INPUTQ set, but no IDB, ptr=ADDD9C
-Traceback= 148D3A 572A 4DF4 110064 17DAA2 17B0DA 14CC 10005B4 10047DA
There is no workaround for this. [CSCdk25935]
%APPN-6-APPNSENDMSG: APPN Allocate 60E8BA14 to timed out for TP
%APPN-6-APPNSENDMSG: Ended DLUR connection with DLUS NETA.CPAC
%APPN-7-MSALERT: Alert LU62004 issued with sense code 0x10010000 by XXXSMPUN
%APPN-6-APPNSENDMSG: Starting DLUR connection with DLUS NETA.MVS2
%APPN-6-APPNSENDMSG: Starting DLUR connection with DLUS NETA.CPAC
%APPN-6-APPNSENDMSG: Connection attempt failed to DLUS NETA.CPAC
%APPN-6-APPNSENDMSG: Starting DLUR connection with DLUS NETA.CPAC
[CSCdk39176]

Interfaces and Bridging

3600: PRI/cT1, PRI/cE1, mBRI
4500: PRI/cT1, PRI/cE1
5200: T1/PRI, E1/PRI 5300: T1/PRI, E1/PRI
7200: mBRI
There is no workaround for this. Packets on these interfaces are transmitted using FIFO queueing. [CSCdk16630]

IP Routing Protocols

There is no workaround. [CSCdk12033]
The following conditions must exist to encounter this problem:
1. The router boots.
2. The interface must be in a state "interface up, line protocol down" when the router boots.
3. The interface is included under the OSPF process with the command network ip_address mask area area_id
A workaround is to configure a different IP address on the interface, remove the IP address and then reassign the original IP address to the interface. Issuing the shutdown and no shutdown commands does not correct the problem. [CSCdk12915]
Workaround is to use a floating static or issue a clear ip route * command on the router that lost the OSPF external route(s). Alternatively, a clear ip ospf redistribution command can be issued on the ASBR. [CSCdk17979]
There is no workaround. [CSCdk18477]
The Enhanced IGRP event log is invalid on all platforms.
The workaround to this problem is not to display the event log or enable Enhanced IGRP event-logging. Additionally, the event log can be disabled by issuing one of the following configuration commands:
For IP: router eigrp as eigrp event-log-size 0
For IPX: ipx router eigrp as event-log-size 0
For AppleTalk: appletalk eigrp event-log-size 0 [CSCdk33475]

ISO CLNS

LLC Type 2

Miscellaneous

Encryption/decryption for Token Ring ip packets without a RIF continues to function normally. [CSCdk18888]

Novell IPX, XNS, and Apollo Domain

A workaround is to disable IPX fast switching on tunnel interfaces with the no ipx route-cache command. Disable IP fast-switching on tunnel interfaces with the no ip route-cache command. [CSCdk21562]

Wide-Area Networking

The reason for the failure is the maximum encapsulation size has been statically set to 1524 for PPP packets and the error will occur when the packet is larger than the set size.
A workaround is to configure the interface to have an MTU of less than 1524 bytes (1500 is the preferred size). This will allow the interface MTU to control the fragmentation of the packets to be less than the 1524 bytes allowed size. [CSCdk01289]

Caveats for Release 11.2(1) through 11.2(14)

This section describes possibly unexpected behavior by Releases 11.2(14) and 11.2(14)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(14) and 11.2(14)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(14) and 11.2(14)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(15) and 11.2(15)P.

Access Server

Basic System Services

%SYS-2-GETBUF: Bad getbuffer, bytes= 18192
-Process= "VINES Router", ipl= 0, pid= 44
-Traceback= 6014EFA4 60422FA8 60424528 60412184 604119D8 60411E8C 6016C7A8 60164
To resolve this problem, configure VINES to use RTP. [CSCdj80039]
It is also possible for this problem to occur on HDLC serial lines and cause instability because of HDLC keepalive packets being delayed.
This problem has occurred only when very large IPX SAP updates are sent over a slow-speed circuit. The size of updates necessary to cause this problem on a 56 kbps circuit is around 3000 SAPs. The problem is more likely to occur when there is data traffic near the line capacity on the circuit.
Other routing or control packets such as OSPF Link State Advertisements (LSAs) or NLSP Link State Packets (LSPs) can also cause the same effect during a period of severe routing instability in a large network with many Frame Relay subinterfaces. The effect is less likely to be seen when Weighted Fair Queuing is used on the serial interface rather than First In First Out (FIFO) queuing. Many other possible causes of instability of Frame Relay or serial circuits and the manifestation of this particular caveat in operating networks is unlikely.
If very large IPX SAP updates cause the problem, the workaround is to configure an ipx output-sap-delay and ipx output-rip-delay that is greater than the propagation delay of a SAP packet across the circuit. A delay of 110 ms is sufficient for a 56K circuit. The possibility of seeing this caveat with very large IPX SAP updates was introduced by CSCdj18092. [CSCdj91667]

IBM Connectivity

%APPN-7-MSALERT: Alert LU62004 issued with sense code 0x812000D by XXXSMPUN
This sense code indicates that APPN is running out of buffers and therefore unable to allocate new sessions. One solution is not to reserve the unbind buffers in advance, during the BIND time. [CSCdj87034]
Only the segment where the LNM is directly connected is linkable. [CSCdj93242]
There are no router messages identifying that this problem has occurred. The primary LU sending the BIND will typically have a session status of "pending BIND response," whereas the secondary LU will not have received the BIND. [CSCdj93613] 
60685F58[pspost+0x1f8] 
60687718[ptp06a+0x218] 
60684388[psp01b+0x48] 
606838F0[psp00+0x150]
or
#0 memcmp 
#1 0x606af860 in ptp06a 
#2 0x606ac668 in psp01b 
#3 0x606abc00 in psp00
[CSCdk00603]
After bringing up the Token Ring on the FEP and activating the software Major node, about 10 percent of the PUs did not reestablish sessions with the host.
VTAM shows those PUs as active in session. Issuing the show dlsw local-circuit command also shows the corresponding VMACs as being connected, yet an X.25 trace shows that these PUs are stuck in XIDs. [CSCdk01275]
%APPN-7-APPNETERROR: APPN TP xxxtps27 timed out on send of verb 11 -- Deactivating CP-CP CGID: 147125
%APPN-7-APPNETERROR: Deactivating CP-CP with sense 8120010, no adjacent node found, ConW: 147125, ConL: 0
[CSCdk03979]
An intermediate APPN NN (not running DLUR) will not properly preserve the pacing values from the upstream in the adaptively paced bind. Later when this bind is converted to fixed pacing by a downstream node, the proper fixed pacing values will no longer be there. [CSCdk09759]

Interfaces and Bridging

IP Routing Protocols

The loss of the route is caused by sporadic line congestion (packet drops) and/or SIA events on the same link as the neighbor. On very rare occasions, this can result in a lost acknowledge packet and a retransmission of the reply packet. For the failure to occur, the retransmitted reply must have a valid metric.
A known workaround is to issue the clear ip route * command. [CSCdj73617]

ISO CLNS

This loss can occur when the external route is known from the backup path, then becomes known from multiple optimal paths at about the same time, followed later by the loss of the optimal paths. The problem disappears when an SPF is run for any reason.
A workaround is to force an immediate SPF on the router (for example, by issuing the shut and no shut commands on a loopback interface running ISIS). Note that this can be done on any router in the same area. [CSCdk05616]

LLC Type 2

Miscellaneous

TCP/IP Host-Mode Services

Wide-Area Networking

Caveats for Release 11.2(1) through 11.2(13)

This section describes possibly unexpected behavior by Releases 11.2(13) and 11.2(13)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(13) and 11.2(13)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(13) and 11.2(13)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(14) and 11.2(14)P.

Access Server

The workaround at this time is to reload the router. Issuing the shut and no shut commands on the affected interface does not help. [CSCdj41613]

Basic System Services

If the configuration size is larger than about 1.3M with newer software, or 126K with earlier software, and the console locks up, the configuration NVRAM will be corrupted and inaccessible. The router will be useless upon reboot and must be manually recovered as follows:
1) Send EIA/TIA-232 (RS-232) break to the console of both master and slave.
2) Issue the ROM monitor confreg command on master and slave to ignore system configuration.
3) Issue the ROM monitor reset command on master and slave to boot a slave-capable image.
4) On the master console, copy a good configuration file from Flash memory or TFTP into running-config.
5) Turn off the 0x40 bit in the configuration register by issuing the show version EXEC command and the config-register global configuration command.
6) Issue the reload command to reload the master.
A workaround is to store the configuration in Flash memory. For example, issue the following commands:
1) copy running-config slot0:config
2) boot config slot0:config
3) service compress-config
4) boot buffersize number, where number is at least three times the configuration size in bytes
5) write memory
The write memory command will now work slowly; that is, 10 minutes elapsed time for each 128K block of configuration text. [CSCdj63926]
This caveat is limited to the SNMP MIB implementation, and has no affect on managing or configuring DECnet by using the command line interface. [CSCdj91757]

IBM Connectivity

There is currently no known workaround [CSCdj77914]
%APPN-7-APPNETERROR: Insufficient available buffer supply
%ALIGN-3-SPURIOUS: Spurious memory access made at 0x606F5A4C reading 0x50
The show stack command displays the following backtrace:
#0 0x606F5A4C in recreate_small_fid2_mu
#1 0x606fdbd4 in transfer_to_dynamic_and_send
#2 0x606fce90 in sc_process_mu
#3 0x606f6900 in e
#4 0x606f6ed8 in fsm_receive_router
#5 0x606d6b20 in upchuck
#6 0x606d6664 in rcv_cls_msg
#7 0x606d6208 in dlcdx_process_messages
#8 0x606f5e18 in xxxpcasm
[CSCdj92488]
A workaround is to recycle the link session (LLC2) which frees all memory and resets the pacing window. [CSCdj93178]
601BEC84[abort+0x8]
601BD644[crashdump+0xc8]
6072198C[Pexit+0x88]
6071D25C[xQ_Mget+0x20]
60722A1C[PQenq+0x8c]
6063C234[fsm_action+0x5a4]
6063B81C[fsm_ls+0x12c]
60646EF8[cs_process_lsa_ips+0x3e8]
60648428[xxxcss00+0xa48]
[CSCdj94050]

Interfaces and Bridging

Note also that since this is a new NIM, you will also need to download the corresponding IOS RXBOOT image to boot flash if you want to be able to net boot with this new NIM type. [CSCdj61831]

IP Routing Protocols

Miscellaneous

CSCdj94374 applies to Release11.2 only. In all other releases where the fix for CSCdj31419 was applied, the fix was correctly integrated.
In some cases, due to CSCdj94374, the system may experience an unexpected reload. [CSCdj94374]

Novell IPX, XNS, and Apollo Domain

As a workaround, reload the router and the statement will be removed from configuration file (unless already written to configuration memory). If already written to memory, you must reboot with an image without the command, update the configuration, then write the updated configuration to memory. [CSCdj89734]

Wide-Area Networking

lane fixed-config-atm-address
lane auto-config-atm-address
A message of the following form will be generated:
%LANE-4-LECS_WARN: ATM1/0: can't register
47.00790000000000000 0000000.00A03E000001.00 with signalling
(duplicate address ?)
As a workaround, use only a single LECS address configuration or do not enable logging timestamps if multiple LECS addresses are required. [CSCdj83816]
Another aspect of the problem is that the overall setup time for an asynchronous PPP connection can take 15 seconds or more, regardless of the PPP client. That is a very long time.
On releases of IOS with CSCdj63179 applied, the first Config Ack sent to the Windows client will be framed incorrectly, and it will arrive at the Windows client with a bad frame check sequence (FCS). This forces the Windows client to send another Config Request. If the Windows client has already sent 6 Config Requests then it will give up and disconnect the call.
This is not normally a problem for Windows 95 since its Config Requests are spaced 3 seconds apart. In Windows 3.1 Shiva based stacks the Config Requests are spaced about 1.5 seconds apart, so it will give up on LCP negotiations much faster.
Note that though this has only been observed with older Windows PPP implementations, the problem may occur with any PPP client that chooses to be aggressive in its LCP negotiation and has a short LCP negotiation timeout period.
A workaround to this problem that works in most circumstances is to disable the carrier delay imposed on the interface by issuing the (hidden) interface level command carrier-delay 0
Another possible workaround is to use async mode dedicated instead of using the autoselect function.
Note that these problems only apply to asynchronous PPP, not synchronous PPP. [CSCdj88079]
The following message is generated when this condition occurs:
Max # of virtual access interfaces 300 are allocated
There is no workaround. [CSCdj92816]
When running an image that has CSCdj93505 integrated into it, crash output for VIP2 products with a signal value of 20 indicates that a cache parity error condition was detected:
%VIP2 R5K-1-MSG: slot3 System Reload called from 0x..., context=0x...
%VIP2 R5K-1-MSG: slot3 System exception: sig=20, code=0x..., context=0x...
When this value (sig=20) is present, the contents of the VIP crashinfo file are required for proper analysis.
When running an image that does not have CSCdj93505 integrated into it, the parity error may manifest in different ways. CSCdj20187 documents one such example. [CSCdj93505]

Caveats for Release 11.2(1) through 11.2(12)

This section describes possibly unexpected behavior by Releases 11.2(12) and 11.2(12)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(12) and 11.2(12)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(12) and 11.2(12)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(13) and 11.2(13)P.

Basic System Services

When upgrading the ROM monitor with this fix, the startup configuration in NVRAM will be lost. Therefore, save the startup configuration before the ROM monitor upgrade and then restore it later. [CSCdi74380]
Tunneling is being used as an abbreviation in this context to refer to a specific fast-switch to process-level code path traversed by translational bridging, source-route bridging (SRB), and remote source-route bridging (RSRB).
When the packet tunneling logic on RSP or RSM-equipped systems causes datagrams to be copied from SRAM to DRAM, an arithmetic error results in more bytes being copied than is remembered for cleanup processing. Reuses of the tunneling logic, in certain rare combinations of timing, packet sizes, and buffer usages, may result in those unaccounted bytes causing several anomalous system behaviors including packet errors.
This software defect is exposed to all RSP and RSM images in the following Cisco IOS software releases: 11.2, 11.2 P, 11.2 BC, 11.3, 11.3 T.
Solution: To eliminate the problems mentioned in the preceding section, we strongly recommend that you download and install one of the following Cisco IOS software release updates:
11.2(12a), 11.2(12a)P, 11.3(2a), 11.3(2a)T
Workarounds: There are two possible workarounds. CSCdj33812 provides a configuration command to avoid the software defect. This workaround is available in the following Cisco IOS Releases: 11.2(11.5), 11.2(11.5)P, 11.2(11.5)BC, 11.3(2.1), and 11.3(2.1)T. If you are using an earlier release, use the second workaround.
Workaround 1: CSCdj33812 incorporated a configurable command that will be stored in NVRAM.
Configure with the memory cache-policy io uncached command to workaround CSCdj52309. To determine what memory cache policies are currently configured on your router, use the show rsp command.
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#memory cache-policy io uncached
Router(config)#end

Router#show rsp
Throttle count 0, DCL timer count 0
active 0, configured 1
netint usec 4000, netint mask usec 200
DCL spurious 0

Caching Strategies:
Processor private memory: write-back
Kernel memory view: uncached
IO (packet) memory: uncached
Buffer header memory: uncached

To restore the MEMD caching policy to the original write-through policy, issue the memory cache-policy io write-through command.
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#memory cache-policy io write-through
Router(config)#end
Router#show rsp
Throttle count 0, DCL timer count 0
active 0, configured 1
netint usec 4000, netint mask usec 200
DCL spurious 0
Caching Strategies:
Processor private memory: write-back
Kernel memory view: write-back
IO (packet) memory: write-through
Buffer header memory: uncached
Workaround 2: If operating with images that do not have the CSCdj33812 support use the following command:
Router# test rsp cache memd-fastswitch uncache
Other considerations: Cisco IOS Releases 10.3, 11.0, and 11.1 Major and ED releases are not exposed to CSCdj52309. Though these releases share the same arithmetic problem, the tunneling software is different, and there is no known or predicted combination of timing, packet sizes, and buffer usages that result in the same or different anomalous behaviors associated with the Cisco IOS Releases 11.2, 11.2 P, 11.2 BC, 11.3 and 11.3 P. Cisco is using CSCdj52309 to repair the arithmetic problem in 10.3, 11.0, and 11.1 releases; however, no special images are being created because the anomalous behaviors are not present in those releases. [CSCdj52309]
If the configuration size is larger than about 1.3M with newer software, or 126K with earlier software, and the console locks up, the configuration NVRAM will be corrupted and inaccessible. The router will be useless upon reboot and must be manually recovered as follows:
1) Send EIA/TIA-232 (RS-232) break to the console of both master and slave.
2) Issue the ROM monitor confreg command on master and slave to ignore system configuration.
3) Issue the ROM monitor reset command on master and slave to boot a slave-capable image.
4) On the master console, copy a good configuration file from Flash memory or TFTP into running-config.
5) Turn off the 0x40 bit in the configuration register by issuing the show version EXEC command and the config-register global configuration command.
6) Issue the reload command to reload the master.
A workaround is to store the configuration in Flash memory. For example, issue the following commands:
1) copy running-config slot0:config
2) boot config slot0:config
3) service compress-config
4) boot buffersize number, where number is at least three times the configuration size in bytes
5) write memory
The write memory command will now work slowly; that is, 10 minutes elapsed time for each 128K block of configuration text. [CSCdj63926]
The workaround for this problem is to disable optimum switching (in IOS feature sets identified by -p-) and enable Netflow switching. [CSCdj74094]
Since we previously did not check the accounting-reply authenticator, and there are some daemons out there (for example, livingston-1.16) which do this calculation wrong, some customers may see accounting packets rejected, or resent until they are dropped. The RADIUS daemon will have stored the accounting data, but Cisco IOS software drops the acknowledgment. This can be ignored, but it is suggested that customers upgrade to a daemon that calculates the authenticator properly (for livingston-1.16 customers, they should get the livingston-2.0 daemon, which is still free from Livingston's website).
Another side-effect of this caveat with a broken daemon is that multiple accounting records are sent to the daemon, which the daemon acknowledges, but are thought to have been either lost or hijacked because of the broken authenticator. The result may be multiple identical accounting records for the same connection or login. [CSCdj82294]

IBM Connectivity

BSC: Serial0: FS-FSM event: LINK UP old_state: SEC . new_state: IDLE.
The LINK-UP event will reset the bisync FSM and further frames will be halted. There is no workaround. The Cisco IOS image must be upgraded. [CSCdj80073]
A workaround for this is to disable LNM on the router by issuing the command lnm disable. [CSCdj82340]
A new default mode was also added to APPN, the QPCSUPP mode, which is used for AS/400 5250 emulation. Now you will no longer have to explicitly code the QPCSUPP mode when connecting to LEN level devices that use the QPCSUPP mode. [CSCdj85300]
%SYS-2-BADSHARE: Bad refcount in datagram_done, ptr=610ADD8C, count=0
There is no workaround for this. [CSCdj86552]

Interfaces and Bridging

The workaround is to do a command that will cause a "cbus complex" restart, for example, configure the MTU size to a different value and then change it back to your proper configuration. In the following example assume that the MTU was set by default to 1500:
router(config)# interface s 1/0
router(config-if)# mtu 8000
router(config-if)#! the previous command causes a cbus complex restart
router(config-if)# mtu 1500
router(config-if)#! change back to proper value
[CSCdj03047]
The problem occurs because the Cisco 3600 drops broadcast packets at its Token Ring interface.
This problem applies also to the Token Ring port adapter for the VIP or the Cisco 7200 series router.
The fix to this problem has been committed into Releases 11.2 and 11.3. Because Release 11.1 has been in restricted maintenance phase since September 1997, the fix will not be committed to Release 11.1. [CSCdj78572]
The workaround is to configure the clock at 4 Mbps, or upgrade to the PA-4T+ or PA-8T+. [CSCdj79497]
As a workaround, use the PA-FE-TX or PA-FE-FX interfaces for ISL traffic or use Releases 11.3(1) or 11.3(1)T. [CSCdj79992]

IP Routing Protocols

A workaround is to disable fast switching on NAT interfaces. [CSCdj74725]
The workaround is to issue the shut command, followed by the no shut command on that interface. [CSCdj81176]

ISO CLNS

LLC Type 2

When this happens, end systems associated with this control block, DMAC SMAC DSAP SSAP, cannot reconnect the LLC2 session.
To workaround this caveat, either change one of the addresses of the SAPS or reload the router. [CSCdj69274]

Miscellaneous

The only workaround is to issue the command clear cam dynamic on the Cisco Catalyst 5000 router after the HSRP address moves. [CSCdj58719]
Encrypted traffic is not affected. [CSCdj77678]
Output queue 22/40, 0 drops; input queue 0/75, 0 drops
where 22 represents the number of wedged packets. The only workaround is to reload the router. This is only applicable to MBRI interfaces. [CSCdj85220]

Novell IPX, XNS, and Apollo Domain

TCP/IP Host-Mode Services

Wide-Area Networking

This problem was introduced in releases 11.2(10.4) and 11.3(1.1). [CSCdj73210]
It may be possible to work around the problem by using the mtu command to select a smaller MTU/MRU value for the interface, but this will only work if the remote peer agrees to negotiate the smaller value. Another workaround is to downgrade to a release of software that does not contain the CSCdi92482 patch.
To verify the problem, issue the debug ppp error command and search for a debug message of the following form:
Se6/0/0:23 PPP: Packet too large, size = 1509, maxsize = 4, protocol = 0x003D
[CSCdj82427]
%SYS-3-INVMEMINT: Invalid memory action (malloc) at interrupt level
-Traceback= 6014B948 6014BEDC 6020BEB0 6020BFB0 60207048 60217C0C 6021A53C 6020BC20 601C0454 601C054C 601C0CBC 601BF650
%SYS-2-MALLOCFAIL: Memory allocation of 352 bytes failed from 0x6014BED4, pool Processor, alignment 0
-Process= "<interrupt level>", ipl= 6
-Traceback= 6014A2D8 6014BB64 6014BEDC 6020BEB0 6020BFB0 60207048 60217C0C 6021A53C 6020BC20 601C0454 601C054C 601C0CBC 601BF650
These messages may repeat, and the RSP may also hang as a result. An image with CSCdj85257 integrated in will resolve these secondary problems and the RSP will recover normally. CSCdj85257 will not resolve the original CyBus error, however. [CSCdj85257]

Caveats for Release 11.2(1) through 11.2(11)

This section describes possibly unexpected behavior by Releases 11.2(11) and 11.2(11)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(11) and 11.2(11)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(11) and 11.2(11)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(12) and 11.2(12)P.

AppleTalk

Basic System Services

This method is better than having to enter the test rsp cache memd uncached EXEC command every time the router is booted.
This configuration command can be used as a workaround for problems like CSCdj52309 and CSCdj70296.
To restore the MEMD caching policy to the original write-through policy, issue the memory cache-policy io write-through command. To determine what memory cache policies are currently configured on your router, use the show rsp command. [CSCdj33812]
This bug affects all platforms with MIPS R4700 and R4600 chips, including all RSP-based platforms. [CSCdj58608]
Instead, it exposed a bug in older implementations of the developers kit TACACS+ daemon (freeware) and will cause certain command authorizations to fail.
All freeware daemon versions prior to version 3.0.13 are subject to this problem including the ACE Safeword Security Server daemon. CiscoSecure daemons are not affected. [CSCdj66657]

IBM Connectivity

The problem is related to the way DLSw backup peers are configured. This problem will only occur if the local router is configured with backup peer commands and the remote router also has a configured peer and is not promiscuous.
The workaround is to remove the DLSw backup peer configuration. [CSCdj21664]
To work around this problem, configure a MAC address on the target device that is always the same whether it is canonical or non-canonical (for example, 4242.6666.ffff). [CSCdj48606]
There is no workaround. [CSCdj62026]
The problem typically occurs when NetBIOS is utilized to allow workstations to communicate between Ethernet and Token Ring. It also occurs when SNA is used.
The workaround is to disable fast-switching by using the no source-bridge transparent fastswitch command or configuring the end stations to use frames with a payload of less than or equal to 1500 bytes. [CSCdj62385]
[abort(0x601f2c3c)+0x8]
[crashdump(0x601f0b20)+0x94]
[process_handle_watchdog(0x601c2f08)+0xb4]
[signal_receive(0x601b7d58)+0xa8]
[process_forced_here(0x60169424)+0x68]
[locate_node_index(0x607dbcc0)+0x64]
[etext(0x60849e00)+0xcbee04]
[CSCdj67966]
System was restarted by bus error at PC 0xCC6B8, address 0xFC4AFC82 4000 Software (C4000-JS-M), Version 11.2(10.3), MAINTENANCE INTERIM SOFTWARE Compiled Mon 01-Dec-97 19:45 by ckralik (current version) Image text-base: 0x00012000, data-base: 0x0076AE64
The workaround is to use TCP encapsulation for RSRB or to switch to DLSw. [CSCdj68261]
As DSPU only supports dependent LUs, it now assumes that the OAF equal to DAF condition does signify a dependent LU and maps the session accordingly.
The only workaround is the very restrictive configuration of only using the host LU locaddr 1. [CSCdj69265]
RA: 0x607E1724[find_matching_row(0x607e16ec)+0x38]
RA: 0x607E1B9C[Tfind_next(0x607e1b70)+0x2c]
RA: 0x6071182C[DBfind_next_directory_entry(0x60711814)+0x18]
RA: 0x6070BAD8[CPdelete_men(0x6070ba90)+0x48]
RA: 0x6070BA78[CPupdate_cp_status(0x6070b9c0)+0xb8]
RA: 0x6070B40C[CPmain(0x6070b300)+0x10c]
RA: 0x6070AC2C[newdss00(0x6070ab60)+0xcc]
RA: 0x60183F80[r4k_process_dispatch(0x60183f6c)+0x14]
[CSCdj70817]
This buffer leak will never occur for successful link station connections. It will only occur for some unusual types of connection failure that may occur before an XID response has been sent by DSPU back to the connecting link station. Lost memory can only be recovered by reloading the router. [CSCdj75816]
This problem is more severe when the switch port on the trunk between the router and switch is set to auto (negotiation). This causes the switch to default to 100/half while the router is at 100/full, causing collisions, late collisions, and overruns. These collisions and overruns cause retransmissions that trigger the problem.
Besides trying to avoid the retransmissions, there is no workaround in ISL/DLSW setup. [CSCdj76634]
RA: 0x606924A4[xxxcss00(0x60691a80)+0xa24]
RA: 0x6016A6D8[r4k_process_dispatch(0x6016a6c4)+0x14]
RA: 0x6016A6C4[r4k_process_dispatch(0x6016a6c4)+0x0]
[CSCdj77677]

Interfaces and Bridging

To work around this caveat, do not configure BVIs to logical/physical router interfaces that do not exist. [CSCdj02283]
A workaround is available on most platforms and Cisco IOS images. To configure for RJ45, issue the no media-type mii command. This workaround is not available for the 4x00 platforms. [CSCdj75983]

IP Routing Protocols

A workaround is to configure a loopback on the interface whose address is greater than any other address on the router. [CSCdj37962]

Novell IPX, XNS, and Apollo Domain

Normal updates were disabled or sent very infrequently but flashes/changes updates are still sent normally. There was no way to disable these flashes without impacting the end clients. Therefore, a new option was added to an existing command.
In Release 11.2, the command ipx sap-interval value is now ipx sap-interval {value | passive}.
In Release 11.3, a passive option was added to the existing ipx update command, making it ipx update interval {rip | sap} {value | changes-only | passive}. Release 11.3 will also accept ipx sap-interval {value | passive} but will write out to non-volatile memory in the new form.
When the passive option is set, both the normal updates are stopped and the flashes/changes updates are stopped. Queries will still be replied to on this interface. The update interval is set to the same interval used in change-only. For SAP the interval is 0 and for RIP the interval is a large value. Any SAP or RIP heard on these interfaces will use that value for aging, effectively taking a very long time to age out. [CSCdj59918]

TCP/IP Host-Mode Services

The normal issues when running TCP in the above environment can be exacerbated by an issue where the router may not buffer out of order datagrams up to the advertised window size.
This is no known workaround, but this appears to only be a problem in rare situations with sessions to TCP stacks of suboptimal design. [CSCdj68834]

VINES

As a workaround, if VINES is enabled in the router, issue the no vines metric command on all active interfaces that are connected to a VINES network, or interfaces where an interface VINES command (for example, vines update interval 60) was issued. [CSCdj73582]

Wide-Area Networking

During normal behavior, the point-to-point subinterface should go down when the primary DLCI fails. If a secondary DLCI fails, the subinterface stays up, but traffic destined for that DLCI only will fail. [CSCdj11056]
ISDN Se9/0/1:23: Error: CCB run away: 0x61D97560:
ISDN Se9/0/1:23: Error: CCB run away: 0x61C494F8:
ISDN Se9/0/1:23: Error: CCB run away: 0x61C494F8:

The only workaround is to reset the controller manually. Issue the interface commands shutdown followed by no shutdown, or reload the router. [CSCdj48055]
The workaround is to remove the ip tcp header-compression or ppp multilink command. [CSCdj53093]
There is no workaround; this is an intermittent problem. [CSCdj62139]
This is a regression introduced by CSCdi72429.
As a workaround, use a client that does not require IPX RIP such as the Microsoft Netware Client. [CSCdj70744]
In the case of multiple AIPs, change them one at a time. In the case of only one AIP, insert the new AIP before extracting the existing AIP. [CSCdj71438]

Caveats for Release 11.2(1) through 11.2(10)

This section describes possibly unexpected behavior by Releases 11.2(10) and 11.2(10)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(10) and 11.2(10)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(10) and 11.2(10)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(11) and 11.2(11)P.

Access Server

AppleTalk

Basic System Services

%RSP-3-RESTART: interface Serial12/0/0:28, output stuck
The problem occurs on Cisco routers in the 7000 family using the CT3 or 4/8 port FSIP cards or any serial interface under Cisco IOS Release 11.1(10)CA, 11.1(11), and 11.2. It has been observed only under oversubscribed traffic load.
As a workaround, configure the interface for FIFO queueing via the no fair-queue command.
The command transmit-buffers backing-store is on by default when an interface is configured for weighted fair-queueing. If the no fair-queue interface command is used, which changes the queueing strategy to FIFO, then transmit-buffers backing-store is off by default.
This caveat has been resolved in the following Cisco IOS releases: 11.2(6.2)P 11.1(11.4) 11.1(11)CA 11.1(11.4)IA [CSCdj12815]
This problem has been seen only with Cisco IOS Release 11.2 or later. [CSCdj36356]
For example, a problem was found with a Cisco 7500 using a large number of Fast Ethernet and/or Ethernet interfaces and one or more FDDI interfaces. The pool of packet memory should have allocated 80 percent of the memory to the Ethernet and Fast Ethernet interfaces, which use an MTU of 1536. Instead it received 20 percent of the memory, and the lone FDDI interface with MTU 4512 got 80 percent of the packet memory.
The problem occurred with 55 Ethernet, 6 Fast Ethernet, and 1 FDDI network interfaces. The problem did not occur with fewer interfaces, specifically 36 Ethernet, 5 Fast Ethernet, and 1 FDDI interfaces.
The problem may show up as a high number of input drops on some router interfaces. [CSCdj55428]
The following are known workarounds:
- Increase the input queue to 175. ([75]Original Queue amount+[100] per exception dump x.x.x.x command)
- Remove the exception dump x.x.x.x command.
[CSCdj58035]
The workaround is to remove and then reenable frame-relay traffic-shaping to clear its counters. [CSCdj65742]

IBM Connectivity

System was restarted by bus error at PC 0x8B5902, address 0x4AFC4AFC PC: process_snmp_trs_tg_inc
0x8B5CAC:_process_ms_data_req_trs(0x8b5aaa)+0x202 0x87E5FE:_xxxtos00(0x87d6b0)+0xf4e 0x180E5C:_process_hari_kari(0x180e5c)+0x0
[CSCdj36824]
This state may occur if the downstream LU has previously failed to reply to ACTLU, or if the host has failed to respond to a NOTIFY (available or not available) from DSPU within a timeout period of 20 seconds.
Recovery requires the host operator to recycle the LU at the host. [CSCdj45783]
The workaround is to not reconfigure virtual rings or remote peers while executing a show source command. [CSCdj49973]
interface TokenRing0/0
ip address <ip-address>
multiring ip
source-bridge proxy-explorer
Note the absence of the source-bridge locRn bn remRn command.
The source-bridge proxy-explorer statement does not show up in the configuration unless the SRB triplet is configured.
A workaround for this problem is to configure the no source-bridge proxy-explorer command. [CSCdj51631]

Interfaces and Bridging

If this incoherence occurs and does not cause a router crash, it may instead cause cbus switching to be automatically disabled, and the interface resorts to fast switching (or SSE switching if SSE switching were also configured). [CSCdi43526]
Symptoms include the following message being displayed to the console:
%CBUS-3-CATMREJCMD: ATM0/0 Teardown VC command failed (error code 0x0008)
Saving the RSM configuration and reloading its image will clear the error condition. [CSCdj41802]

IP Routing Protocols

The router can be forced to install the matching route by using the clear ip route * command. [CSCdj32471]
"System restarted by error - an arithmetic exception, PC 0x60286234"
The program counter value points to an EIGRP IOS routine. [CSCdj38361]
This problem exists in all releases starting with Release 10.3. This will be fixed in 11.1 and newer releases. [CSCdj53804]
When the serial interface is used for incoming packets and the ATM interface for outgoing packets, there is no problem. Incoming packets on the ATM interface and outgoing packets on the serial interface also experience this problem.
We used several Cisco IOS releases, with always the same effect. It seems that incoming packets are not fast switched. [CSCdj59076]
The workaround is to redistribute the connected network into OSPF to retain connectivity to those networks. [CSCdj60959]

ISO CLNS

LLC Type 2

There is no workaround. [CSCdj62026]

Miscellaneous

Novell IPX, XNS, and Apollo Domain

As a workaround, try one of the following:
Symptoms could be loss of network connectivity or a slow memory leak until the router cannot allocate any more memory. You need to reload the router to correct this situation. [CSCdj57257]

Wide-Area Networking

The workaround is to set the timeout values the same using the lmi-t392dce parameter. [CSCdj53354]
There is no known workaround. [CSCdj57498]

Caveats for Release 11.2(1) through 11.2(9)

This section describes possibly unexpected behavior by Releases 11.2(9) and 11.2(9)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(9) and 11.2(9)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(9) and 11.2(9)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(10) and 11.2(10)P.

Basic System Services

%SYS-6-STACKLOW: Stack for level CXBus Interfaces running low, 0/1000
This message may eventually lead to the router hanging. [CSCdi54119]
The work around is to use the command line interface command copy tftp flash. This CLI command invokes the FLH interface and the file is copied successfully to the device. [CSCdj27438]
In particular, the enqueue and the dequeue routines are not reset and this causes the box to crash when the routines are invoked the next time. Once the box is rebooted the inconsistency is cleared. [CSCdj29439]
APPN-DLUR-MIB
IBM-6611-APPN-MIB
CISCO-CIPCSNA-MIB
CISCO-CIPLAN-MIB
CISCO-CIPTCPIP-MIB
CISCO-SNA-LLC-MIB
SNA-NAU-MIB
CISCO-TN3270SERVER-MIB
OLD-CISCO-IP-MIB
BGP4-MIB
LAN-EMULATION-CLIENT-MIB
RFC1406-MIB
RMON-MIB
IF-MIB
RFC1398-MIB
OLD-CISCO-INTERFACES-MIB
CISCO-PING-MIB
CISCO-QLLC01-MIB [CSCdj34766]
The ciscoFlashMIB can essentially be disabled (SNMP is prevented from polling this MIB) via use of SNMP views. For example, the SNMP configuration snmp-server community public ro can be changed to the following:
snmp-server view no-flash internet included
snmp-server view no-flash ciscoFlashMIB excluded
snmp-server community public view no-flash ro
The result is the SNMP polls using the public community string can access objects in the entire MIB space (internet) except for those objects in the ciscoFlashMIB space.
This will affect any NMS applications that rely on the ciscoFlashMIB objects. [CSCdj35443]

IBM Connectivity

There is no known workaround. [CSCdj25859]
%APPN-6-APPNSENDMSG: Ended DLUR connection with DLUS NETA.SJMVS1
%APPN-7-MSALERT: Alert LU62004 issued with sense code 0x8A00008 by XXXSMPUN
%APPN-6-APPNSENDMSG: Starting DLUR connection with DLUS NETA.SJMVS4
%APPN-7-APPNETERROR: CP_STATUS FSM: Unanticipated CP_STATUS message received
Each subsequent broadcast locate received by the router causes the following messages to be displayed and about 1920 bytes of APPN memory to be leaked:
%APPN-7-APPNETERROR: MAP_INPUT_SET_TO_ROW: invalid input value=0x80200080
%APPN-7-APPNETERROR: State Error lcb: 60C05CC0 pcid: DA839C70FB1548CB row: 22 col: 0
This problem occurs when two links are active to the same node and the CP-CP sessions are split between these two links and the link with contention loser is stopped.
The APPN subsystem should be stopped and restarted to clear this problem. If the CP-CP sessions are between the router and the host, terminating either CP-CP session on the host will also clear this problem. [CSCdj33718]
A workaround is to remove any remwait/dead peer statements. [CSCdj42427]
System was restarted by bus error at PC 0x3784864, address 0xF0110208 PC 0x3784864[_Qfind_front(0x3040a04+0x743e44)+0x1c] RA: 0x36C1F2E[_queue_find_front(0x3040a04+0x68151c)+0xe] RA: 0x36CC554[_psbmfrm(0x3040a04+0x68bb30)+0x20] RA: 0x36CDAF6[_psp00(0x3040a04+0x68cfd4)+0x11e] RA: 0x314BD78[_process_hari_kari(0x3040a04+0x10b374)+0x0] [CSCdj44198]
%LNMC-3-BADCLSIRET: bogus Invalid ret code (0x7007) init_clsi_op_proc, bogus -Traceback= 60791120 6078FE48 6078FDC4 607890E0 6078ED48 60226648 60226634 [CSCdj45268]
[CSCdj47941]

Interfaces and Bridging

If the system tries to discard output for a line while there is output data in the buffer, the line may become unresponsive to input. This happens most frequently when the user attempts to abort output from a network connection. For example, sending CTL-C on a LAT connection or sending a break character during a PAD connection may cause this symptom.
The affected platforms are: Cisco 2509 through Cisco 2512, Cisco 2520 through Cisco 2523, Cisco AS5200, the NP-2T16S module for the Cisco 4500 and Cisco 4700, and the NM-4A/S, NM-8A/S, NM-16A, and NM-32A modules for the Cisco 3600. [CSCdj02282]

IP Routing Protocols

The workaround is not to enter a key longer than 19 characters, either encrypted or not.
The same problem happens with the ip ospf message-digest key-id md5 key command. In this case, the key length should not be longer than 36 characters. [CSCdj37583]
A workaround is to negate the whole aggregate-address command first. [CSCdj42066]

LAT

%LAT-3-BADDATA: Tty124, Data pointer does not correspond to current packet
When many LAT sessions are active, and a received data slot starts in the last 14 bytes of a full Ethernet frame, data for that slot is discarded. [CSCdi82343]

Novell IPX, XNS, and Apollo Domain

This could happen if the commands ipx down and no ipx network are given in the same or reverse order, with very little time in between. [CSCdi91755]

TCP/IP Host-Mode Services

VINES

Wide-Area Networking

%AIP-3-AIPREJCMD: Interface ATM3/0, AIP driver rejected Teardown VC command (error code 0x8000)
Such an error is associated to the AIP not being able to receive packets. It is reproducible only if there are long periods (minutes) where no traffic crosses the ATM interface.
The workaround is to reload the box or to perform a microcode reload. This does not occur on the Cisco 7500 family (including the RSP7000). [CSCdj20667]
Ignores and drops may increase on the input interface as it fails to obtain a needed buffer header to switch the packet. The rxcurr on the input interface will also remain above rxlow even when traffic is not arriving on the interface.
The VIP will now continue to drain the transmit queue of the interface even when it is administratively down. This will allow the buffer headers to be returned to the originating local free queue.
This may cause the number of drops on outbound interface to jump up when the interface is taken down. However, this behavior is normal as the downed interface will drop any packets sent to it when it is not up. [CSCdj21693]
%SYS-3-INVMEMINT: Invalid memory action (free) at interrupt level
[CSCdj42341]
This defect can be cleared by entering the shut command followed by the no shut command on the interface in question. The defect was discovered in 11.2(8.1) and 11.2(8.1)P. [CSCdj44339]
The workaround for this behavior is to define the rate using the CIR/BC/BE parameters. [CSCdj49145]

Caveats for Release 11.2(1) through 11.2(8)

This section describes possibly unexpected behavior by Releases 11.2(8) and 11.2(8)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(8) and 11.2(8)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(8) and 11.2(8)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(9) and 11.2(9)P.

Access Server

AppleTalk

Basic System Services

This problem occurs because of a race condition when doing DNS name query, and DNS name cache is removed in the middle of the process.
There is no workaround on the router side. On the DNS server side, configuring DNS TTL to be one minute or longer may work around this problem. However, this workaround may not be acceptable for some applications. [CSCdj16824]
% Non-volatile configuration memory has not been set up
The user's script is used to change passwords. Current testing indicates that it may be a software checksum error. [CSCdj18107]
To run type A7, A6, or AA boot Flash devices and use images prior to this bug fix, format boot Flash with an image containing this bug fix. Then load an older image onto the newly formatted boot Flash SIMM. [CSCdj20681]
%RSP-2-QAERROR: reused or zero link error, write at addr 00C0 (QA) log 2600C040, data 00070000 00000000
This message may be followed by the following error and a crash:
Unexpected exception, CPU signal 10, PC = 0x601C4658
This message is caused by a memory access problem in the diagnostic code handling the original QA error. [CSCdj29751]
There is no workaround for this caveat. [CSCdj30171]
The ciscoFlashMIB can essentially be disabled (SNMP is prevented from polling this MIB) via use of SNMP views. For example, the SNMP configuration snmp-server community public ro can be changed to the following:
snmp-server view no-flash internet included
snmp-server view no-flash ciscoFlashMIB excluded
snmp-server community public view no-flash ro
The result is the SNMP polls using the public community string can access objects in the entire MIB space (internet) except for those objects in the ciscoFlashMIB space.
This will affect any NMS applications that rely on the ciscoFlashMIB objects. [CSCdj35443]
Upgrading to a daemon that understands the latest version of the TACACS+ protocol (version 193) is an effective workaround. [CSCdj36449]

DECnet

Enabling DECnet fast switching on inter-area routers will cause DECnet routing to fail. A possible workaround is to disable DECnet fast switching on the Ethernet interface. [CSCdj15855]

EXEC and Configuration Parser

IBM Connectivity

Issue a show controller serial command, then look for the "residual indication count." If the counter is at "0," then this caveat is not the problem. If it is a non-zero value, then this caveat may be the problem. [CSCdj17394]
An APPN image may restart because of a CPU HOG problem when processing a link failure event by the Directory Service APPN process (xxxdns00). This may occur when a lot of locate requests are pending. There is no known workaround. The router is forced to restart by the system watchdog process (software-forced reload event). [CSCdj26423]
Because other network events (link outages, and so forth) can trigger a node to send a TDU, this problem will not necessarily appear exactly after a 60-day uptime----it may occur much later or not at all. However, any APPN router running in the network for over 60 days is at risk for seeing this problem.
Stopping and restarting APPN will work around this problem until the next timer wrap, which can be up to 45 days, but may be less depending on the current value of the timer. Reloading the router will reset the timer and avoid the problem for an additional 60 days. [CSCdj29014]
If the downstream device never responds to the outstanding bind, the DLUR router will wait indefinitely and not free the local-form session ID (lfsid). This may cause a situation in which the host tries to reuse a lfsid after it has sent an unbind request, but the DLUR rejects the new bind request because it believes that this lfsid is in use. If the host continuously tries to use this lfsid that the DLUR believes is in use, then no new sessions can be established. This problem occurs only when the downstream device does not respond to a bind request. [CSCdj30386]
Caveat CSCdi77040 provides a fix for this problem in the system side. This caveat provides the corresponding fix for APPN. [CSCdj30552]
When memory is exhausted, the APPN subsystem may stop or the router may reload. [CSCdj33429]
%APPN-6-APPNSENDMSG: Ended DLUR connection with DLUS NETA.SJMVS1
%APPN-7-MSALERT: Alert LU62004 issued with sense code 0x8A00008 by XXXSMPUN
%APPN-6-APPNSENDMSG: Starting DLUR connection with DLUS NETA.SJMVS4
%APPN-7-APPNETERROR: CP_STATUS FSM: Unanticipated CP_STATUS message received
Each subsequent broadcast locate received by the router causes the following messages to be displayed and about 1920 bytes of APPN memory to be leaked:
%APPN-7-APPNETERROR: MAP_INPUT_SET_TO_ROW: invalid input value=0x80200080
%APPN-7-APPNETERROR: State Error lcb: 60C05CC0 pcid: DA839C70FB1548CB row: 22 col: 0
This problem occurs when two links are active to the same node and the CP-CP sessions are split between these two links and the link with contention loser is stopped.
The APPN subsystem should be stopped and restarted to clear this problem. If the CP-CP sessions are between the router and the host, terminating either CP-CP session on the host will also clear this problem. [CSCdj33718]

Interfaces and Bridging

The workaround is to do RFC1483 over a PVC using a multipoint subinterface with a map-list defined. Using the map-group command on a multipoint subinterface does not exhibit breakage.
To determine if you have this bug, enter the show arp command. If there is an entry for the other end of the PVC showing "incomplete" for the MAC address, then you are affected by this caveat. [CSCdj34217]

IP Routing Protocols

Though the destination IP address of the original packet appears to be that of a directed broadcast, the router should not forward the packet since it is actually a link-layer broadcast. [CSCdj16052]

ISO CLNS

LAT

Novell IPX, XNS, and Apollo Domain

TCP/IP Host-Mode Services

The workaround is to disable both syslog and SNMP traps. The commands to do this are no snmp-server host ip-address and no logging ip-address. [CSCdj27567]

TN3270

VINES

Wide-Area Networking

Current PC: 0x90F61C[bcopy(0x90f56c)+0xb0] FP: 0xCC65C4[_etext(0x96f3ec)+0x3571d8] RA: 0x5E1EF2[_fr_svc_send_msg_to_nli(0x5e1eca)+0x28] FP: 0xCC65E8[_etext(0x96f3ec)+0x3571fc] RA: 0x5DD98C[_FRU0_Setup(0x5dd8e2)+0xaa] FP: 0xCC6620[_etext(0x96f3ec)+0x357234] RA: 0x5DD894[_svc_process_l3_event(0x5dd786)+0x10e] FP: 0xCC6664[_etext(0x96f3ec)+0x357278] RA: 0x5DA17A[_l3_ie_parse(0x5d9d32)+0x448] FP: 0xCC66A4[_etext(0x96f3ec)+0x3572b8] RA: 0x5D9B84[_l3_ie_parse_process(0x5d9b14)+0x70] FP: 0xCC66C0[_etext(0x96f3ec)+0x3572d4] RA: 0x1CC372[_process_hari_kari(0x1cc372)+0x0]
Current PC: 0x5E1D8E[_fr_svc_call_id_to_nli(0x5e1cf0)+0x9e] FP: 0xCC5CCC[_etext(0x970900)+0x3553cc] RA: 0x5E2176[_fr_svc_send_msg_to_nli(0x5e214e)+0x28] FP: 0xCC5CF0[_etext(0x970900)+0x3553f0] RA: 0x5DDC10[_FRU0_Setup(0x5ddb66)+0xaa] FP: 0xCC5D28[_etext(0x970900)+0x355428] RA: 0x5DDB18[_svc_process_l3_event(0x5dda0a)+0x10e] FP: 0xCC5D6C[_etext(0x970900)+0x35546c] RA: 0x5DA3FE[_l3_ie_parse(0x5d9fb6)+0x448] FP: 0xCC5DAC[_etext(0x970900)+0x3554ac] RA: 0x5D9E08[_l3_ie_parse_process(0x5d9d98)+0x70] FP: 0xCC5DC8[_etext(0x970900)+0x3554c8] RA: 0x1CC3BA[_process_hari_kari(0x1cc3ba)+0x0] [CSCdj13019]
Other workarounds include removing bridging from LANE subinterfaces, disabling proxy ARP or correctly configuring the subnet mask of end stations in a LANE environment. [CSCdj19293]
Upon bootup, OIR, microcode reload, and cbus complex restarts, the router shows CCBTIMEOUT error messages on VIPs that result in a disabled wedged status. This problem occurs with bad port adapters and port adapters in a "not-ready" state. The cause of the problem is when PCI access is tried and the port adapter does not respond, thus resulting in CCBTIMEOUTS. [CSCdj21639]

Caveats for Release 11.2(1) through 11.2(7)

This section describes possibly unexpected behavior by Releases 11.2(7) and 11.2(7)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(7) and 11.2(7)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(7) and 11.2(7)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(8) and 11.2(8)P.

Access Server

0x221FF150:_mai_handle_b2b_connect(0x2202ea38+0x1d069c)+0x7c 0x221FC394:_mai_execute_proc(0x2202ea38+0x1cd908)+0x54 0x221FC492:_mai_queue_handler(0x2202ea38+0x1cda2c)+0x2e 0x221FC530:_mai_maintn_process(0x2202ea38+0x1cda72)+0x86
[CSCdj20121]

AppleTalk

Basic System Services

1. The configuration is read after a reload.
2. Asynchronous interfaces are configured via Group-Async commands but the snmp-server command is not yet running.
To work around this problem, do one of the following:

EXEC and Configuration Parser

A workaround is to use the telnet command in the menu, specifying the rlogin port value (513), which will cause rlogin to be invoked; for example, menu test command 1 telnet myhost 513.
[CSCdj16600]
The workaround is to enter the configuration manually after the system has booted. [CSCdj24440]

IBM Connectivity

The current workaround is to disable LNM. [CSCdj11711]
In some application environments, certain 3270 emulators will not direct a test poll to a specific media access control address and will use an all Fs address to create the frame. It is this all Fs frame in an SRB configuration that will not be forwarded by the router. This configuration impacts workstations that are attempting to connect to host devices. The broadcast frame will never leave the local ring.
Most emulators will use the destination media access control address of the host device to create a frame containing the test poll. With some proprietary implementations, the MAC address of the host device does not have to be known by the end device. [CSCdj13563]
A workaround is to ensure there are no unnecessary PUs configured on a line that is continually sending SNRMs. [CSCdj17630]
DLSw+ router A is connected to peer router C and is also peered to router B but is not yet connected to peer router B. Peer C can reach a specific resource (MAC address or NetBIOS name). Peer A can reach the same resource through a local interface. Therefore, at this point peer A can reach the resource both local and remote via peer C.
Now, Peer B has dlsw icanreach mac/netbios-name configured. When peer A connects to peer B, peer A will crash when trying to delete the dynamic reachability for the resource and replace it with the reachability learned through capabilities exchange with peer B. [CSCdj22327]
606CD174[Qfind_front+0x24] 606C7D80[timer_process+0x300] 606C8070[csweotsk+0x1d0]
A router may hit this problem after displaying several messages when the output buffer was full. If the crash was related to displaying "incomplete definition in configuration" warnings, the workaround is too remove these incomplete definitions. [CSCdj26701]

Interfaces and Bridging

%RSP-3-IP_PANIC: Panic: Serial12/2 800003E8 00000120 0000800D 0000534C
%DBUS-3-CXBUSERR: Slot 12, CBus Error
%RSP-3-RESTART: cbus complex
If the string "0000800D" is included in the panic message, the problem is related to this bug. The workaround is to load a new image that contains the fix for this bug. [CSCdi78086]
*Dec 20 06:53:08: %RSP-3-ERROR: CyBus0 error 78 
*Dec 20 06:53:08: %RSP-3-ERROR: invalid page map register 
*Dec 20 06:53:08: %RSP-3-ERROR: command/address mismatch 
*Dec 20 06:53:08: %RSP-3-ERROR: invalid command 
*Dec 20 06:53:08: %RSP-3-ERROR: address parity error 
*Dec 20 06:53:08: %RSP-3-ERROR: address parity error 23:16 1, 15:8 1, 7:0 1 
*Dec 20 06:53:08: %RSP-3-ERROR: bus command invalid (0xF) 
*Dec 20 06:53:08: %RSP-3-ERROR: address offset (bits 3:1) 14 
*Dec 20 06:53:08: %RSP-3-ERROR: virtual address (bits 23:17) FE0000 
*Dec 20 06:53:09: %RSP-3-RESTART: cbus complex
or 
09:53:32.607 EST: %RSP-3-ERROR: MD error 0080008030003000 
09:53:32.607 EST: %RSP-3-ERROR: SRAM parity error (bytes 0:7) 0F 
09:53:33.363 EST: %RSP-3-RESTART: cbus complex
CyBus errors similar to the above errors have two known causes. If there are HIPs in the router and on the bus reporting the CyBus error, a race condition may exist with the HIP microcode on an oversubscribed bus. The workaround on dual-CyBus platforms is to move all the HIPs onto a CyBus that is not oversubscribed.
The errors can also be caused by the failure of a marginal CI arbiter board or an RSP board. As a result of this problem, all interfaces are reset, causing forwarding to be stopped for a few seconds. [CSCdj06566]

IP Routing Protocols

A workaround is to send an ADSPEC with a non-zero length GS fragment, such as one containing valid GS information. [CSCdj25441]

Novell IPX, XNS, and Apollo Domain

TCP/IP Host-Mode Services

Wide-Area Networking

%FR-3-INCORRECT_INT: Incorrect output (sub)interface
[CSCdj16593]
The following are indicators that may be used to determine if the AS5200 is encountering this problem:
%SYS-2-MALLOCFAIL: Memory allocation of 1056 bytes failed from 0x2214E776, pool Processor, alignment 0 -Process= "Net Periodic", ipl= 0, pid= 34 -Traceback= 2214D3E0 2214E542 2214E77E 2214BEC6 2214C12A 22159466 2215E86E 22140BDE 2213B688 2213B6E0
To work around this problem, use the async mode dedicated command if no login is required. If a login is required, configure no flush-at-activation, change the q2 register in the modem database, and configure for modem autoconfigure type. [CSCdj25443]
The following error message can be seen scrolling on the console if the router is in the above state.
%X25-4-VCLOSTSYNC: Interface TCP/PVC, VC 0 TCP connection corrupted
This message does not seem to occur in a normal XOT switching environment. [CSCdj25846]
A workaround is to configure the asynchronous interfaces using the async mode dedicated command. Adding a second or two delay in the automated dialer's script may also fix the problem. [CSCdj26647]

Caveats for Release 11.2(1) through 11.2(6)

This section describes possibly unexpected behavior by Releases 11.2(6) and 11.2(6)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(6) and 11.2(6)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(6) and 11.2(6)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(7) and 11.2(7)P.

Access Server

AppleTalk

Basic System Services

A workaround is to execute the command test rsp cache memd-fastswitch uncache each time the router is rebooted. [CSCdj10028]

IBM Connectivity

%CIP3-3-MSG: %MEMD-3-VCNREGISTER: Invalid VCN (65535)specified
The failing "Invalid VCN number" could be different than 65535.
Also, you might see the following message if SSP is being used:
%SYS-6-STACKLOW: Stack for process SSE Manager running low...
The failure continues until the Route Processor is reloaded. There is no known workaround. [CSCdj07773]

Interfaces and Bridging

There is no manual avoidance - all customers using VIP2/FDDI port adapters are strongly encouraged to upgrade to an image containing this bug fix. Refer to Field Alert: VIP2 Cisco Software Release Deferrals for image availability and additional information. [CSCdj09576]

IP Routing Protocols

interface e1
ip irdp
ip irdp max 10
ip irdp min 10
The workaround is to specify different values for maximum and minimum advertisement values. [CSCdj14903]

LAT

Novell IPX, XNS, and Apollo Domain

Protocol Translation

TCP/IP Host-Mode Services

Wide-Area Networking

ISDN Se1:23: RX <- SETUP pd =3D 8 callref =3D 0x0338
Bearer Capability i =3D 0x8090A2
Channel ID i =3D 0xA98395
Called Party Number i =3D 0xC1, '2817924'
ISDN Se1:23: Incoming call id =3D 0x137D
ISDN Se1:23: TX - RELEASE_COMP pd =3D 8 callref =3D 0x83
Cause i =3D 0x80AC01 - Requested channel not available
As a workaround, configuring scheduler interval 2500 has been effective in controlling or eliminating the problem. [CSCdi85735]
Other ISDN platforms are affected by this bug are described in CSCdj07119 or CSCdi82010, depending upon their particular ISDN usage characteristics. [CSCdj05355]
A workaround for this is to use PPP authentication and configure the autoselect ppp command on the lines. [CSCdj14047]

Caveats for Release 11.2(1) through 11.2(5)

This section describes possibly unexpected behavior by Releases 11.2(5) and 11.2(5)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(5) and 11.2(5)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(5) and 11.2(5)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(6) and 11.2(6)P.

Basic System Services

The hold-queue command is intended to configure the number of output hold queue buffers for FIFO (or FCFS) queuing. It has no meaning in the context of fair queuing. So the (intentional) design was that this command would be ignored when fair queuing was enabled.
When fair queuing has been configured, you may use the fair-queue command to control the number of output buffers which may be used by fair queuing. [CSCdj01870]
A symptom of this bug is intermittent dropping of datagrams through a TRIP, FIP, or HIP interface on a Cisco 7500. Another symptom is the console message "CYBus Error 08, invalid page map register." This problem does not apply to VIP interface processors on Cisco 7500 series routers. [CSCdj06955]

EXEC and Configuration Parser

IBM Connectivity

There is precedence for this problem and the fix is to lower the size of the block of data being copied at any one time. [CSCdi77785]
This problem may cause VTAM to refuse to activate subsequent DLUR/DLUS pipes for all DLUR NNs. "/d net,dlurs" shows the DLUS conwinner state as reset and the conloser as active.
The workaround to prevent the DLUR router from sending this corrupt frame is to reconfigure the DLUR routers without a backup DLUS coded. [CSCdj10485]

Interfaces and Bridging

The fix to this problem means that the router box can provide RARP service if configured as a RARP server regardless of its being configured as later 2 bridge only. [CSCdi83480]

IP Routing Protocols

System was restarted by bus error at PC 0x601E4CD0, address 0xD0D0D0D
4500 Software (C4500-P-M), Version 10.3(16), RELEASE SOFTWARE (fc1)
Compiled Thu 24-Oct-96 18:32 by richardd (current version)
Image text-base: 0x600087E0, data-base: 0x60370000
The stack trace from system failure is as follows:
FP: 0x605D46B8, RA: 0x601E4CD0
FP: 0x605D46D8, RA: 0x601E4D88
FP: 0x605D46F8, RA: 0x601E50EC
FP: 0x605D4710, RA: 0x601C88E0
FP: 0x605D4740, RA: 0x601E4998
FP: 0x605D4760, RA: 0x601E5174
FP: 0x605D4778, RA: 0x60081D04
FP: 0x605D47B8, RA: 0x6006C8A4
This stack track decodes as follows:
Symbols
 
nhrp_cache_clear_nei
nhrp_cache_clear_nei
nhrp_cache_delete_subr
nhrp_cache_age_subr
rn_walktree_blocking_list
nhrp_cache_walk
nhrp_cache_age
registry_list
net_oneminute
[CSCdi90523]

Novell IPX, XNS, and Apollo Domain

TCP/IP Host-Mode Services

Mar 19 08:41:23: %TCP-2-BADREFCNT: Tty0: Bad refcnt for packet 0x608F9C2C during retransmit, 135.135.100.1:1998 to 135.135.105.1:11000, state 4 
-Traceback= 601EEB7C 601EEEA4 601F1B68 601F1E4C 6013F140 6013F12C 
Mar 19 08:41:50: %X25-4-VCLOSTSYNC: Interface Serial3, VC 82 TCP connection corrupted
Mar 19 08:41:52: 
TCP0: extra packet reference for pak 0x60A031D8 found: 
Mar 19 08:41:52: %TCP-2-BADQUEUE: Multiple entry for packet 60A031D8 
-Process= "TCP Driver", ipl= 0, pid= 26 
-Traceback= 601F3384 601F5408 6023CCB4 6023D214 6013F140 6013F12C 
Mar 19 08:41:52: pak: 135.135.100.1:1998, 135.135.1.4:11137, seq 1668710213 length 47 
Mar 19 08:41:52: TCB: 135.135.100.1:1998, 135.135.1.13:11137, sendnext 1668710220, state 4
[CSCdj06781]

Wide-Area Networking

%SYS-2-INPUTQ: INPUTQ set, but no idb, ptr=60C43314 -Traceback= 60037A78 60039F6C 6003EF98
There is no workaround. [CSCdi87914]
%AAAA-3-BADSTR: Bad accounting data: too many attributes
[CSCdj00190]

Caveats for Release 11.2(1) through 11.2(4)

This section describes possibly unexpected behavior by Releases 11.2(4), 11.2(4)P, and 11.2(4)F. Unless otherwise noted, these caveats apply to all 11.2, 11.2 P, and 11.2 F releases up to and including 11.2(4), 11.2(4)P, and 11.2(4)F. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(4), 11.2(4)P, and 11.2(4)F, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(5) and 11.2(5)P.

Access Server

System restarted by bus error at PC <hex number, address <hex number
The circumstances that might lead to this event are (in the order shown):
config terminal 
controller t1 0 
pri-group timeslots 1-4

Basic System Services

%SNMP-3-CPUHOG: Processing Get of lifEntry.75.34
[CSCdi93084]

IBM Connectivity

IPS ID: 1400 QUEUE: 2 ORIGIN: xxxpcs00 MUTYPE: C5 
%APPN-0-APPNEMERG: Assertion failed in ../scm/xxximndr.c at line 158 
-Process= "xxxims00", ipl= 0, pid= 58 
-Traceback= 606C3488 606879EC 606818C8 606810E4 6067AF90 6019AB08 6019AAF4
[CSCdi90117]

Interfaces and Bridging

If the table has the entries with indices of
0000.0000.0001 0000.0000.0002 0000.0000.0003 0000.0000.0005
a getnext of 0000.0000.0002 returns the index 0000.0000.0005 because 0000.0000.0003 is the index requested + 1
a getnext of 0000.0000.0003 returns the index 0000.0000.0005 because 0000.0000.0005 is greater than the requested index + 1. [CSCdi84559]

IP Routing Protocols

ISO CLNS

Novell IPX, XNS, and Apollo Domain

TCP/IP Host-Mode Services

The show ip traffic command indicates that the ICMP Time Exceeded counter increments.
A workaround is to turn off TCP header compression. [CSCdj01681]

VINES

Wide-Area Networking

Caveats for Release 11.2(1) through 11.2(3)

This section describes possibly unexpected behavior by Releases 11.2(3), 11.2(3)P, and 11.2(3)F. Unless otherwise noted, these caveats apply to all 11.2, 11.2 P, and 11.2 F releases up to and including 11.2(3), 11.2(3)P, and 11.2(3)F. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(3), 11.2(3)P, and 11.2(3)F, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Releases 11.2(4), 11.2(4)P and 11.2(4)F.

Access Server

It is still possible to manually un-loop the T1 via the no loopback interface configuration command. [CSCdi84028]

AppleTalk

Basic System Services

IBM Connectivity

The output of debug dlsw reachability or debug dlsw reachability error indicates an lf mismatch condition detected by DLSw. This condition should not be flagged as an error. The smallest lf across the entire path should be used for the circuit. [CSCdi77805] 
The TN3270-server feature is currently being configured
[CSCdi80173]

Interfaces and Bridging

CBUS-3-INTERR: Interface 6, Error (8011)
This error occurs because bridging sees "aaaa" and assumes it is SNAP encapsulated. Because SNAP-encapsulated packets have a minimum length of 21, the bridging code subtracts 21 from the original length of the packet (20) when queuing it on the outbound interface. The result is the length of an outbound packet is -1 or 65535 bytes. This causes the SP to become confused and write over low core, causing an 8011 error. [CSCdi65953]
You can determine if this defect is affecting your system by checking the output of the show config command. If the affected interface is a serial interface (for example, FSIP or HIP), and the original configuration for the serial interface is displayed, it is this defect.
A workaround is to EOIR the new card, configure it, and perform write memory prior to reloading. [CSCdi79523]

IP Routing Protocols

System restarted by error - Zero Divide, PC 0x38EF0C (0x38EF0C:_igmp_report_delay(0x38eec6)+0x46)
[CSCdi83040]

ISO CLNS

Novell IPX, XNS, and Apollo Domain

Protocol Translation

TCP/IP Host-Mode Services

VINES

Wide-Area Networking

Caveats for Release 11.2(1) through 11.2(2)

This section describes possibly unexpected behavior by Releases 11.2(2) and 11.2(2)P. Unless otherwise noted, these caveats apply to all 11.2 and 11.2 P releases up to and including 11.2(2) and 11.2(2)P. The caveats listed here describe only the serious problems. For additional caveats applicable to Release 11.2(2) and 11.2(2)P, see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in Release 11.2(3) and Release 11.2(3)P.

Basic System Services

Encapsulated bridging does not work on the Cisco 7500 router. The workaround to bridge between the AGS+ and a Cisco 7500 router is to use CSC-C2FCIT cards in the AGS+ and configure translational bridging.
The disadvantage of using encapsulated bridging is that it cannot use the hardware bridge filtering capabilities of the CSC-C2FCIT cards, which have a CAM built into them that is used to perform bridge filtering. When encapsulated bridging is used, the main processor must perform all bridge filtering. This means that one busy encapsulated bridging FDDI network can consume the entire bandwidth of the router's main processor, just for bridge filtering. Cisco discourages the use of encapsulated bridging. [CSCdi46862]
%SYS-3-TIMERNEG: Cannot start timer (0x1E4388) with negative offset (-495928). 
-Process= "Per-minute Jobs", ipl= 0, pid= 37 
-Traceback= 22157D7A 22154320 221A17EA 2215F45C 2213E074
High CPU utilization may be seen prior to the message and reload event. [CSCdi76126]

IBM Connectivity

%CLS-3-CLSFAIL: CLS: Assertion failed: file "../srt/qllc.c", line 4352 !"QSapAddCepFailed"
[CSCdi64840]

Interfaces and Bridging

In addition, if VIP Ethernet is used with multiple unicast protocols such as HSRP, packet duplication can occur on the LAN segment. These problems can significantly degrade RSP performance. If your configuration is listed here, obtain a maintenance release that corrects this problem. [CSCdi71856]
%CBUS-3-CMDTIMEOUT: Cmd timed out, CCB 0x5800FF50, slot x, cmd code 0
The show diag x command reports that the board is disabled, wedged. The show version command does not show the card in the specified slot. The write terminal command does not show the configuration for the card in the slot. A possible workaround is to issue a microcode reload command or load a new system image that has the fix for this bug. [CSCdi73130]

IP Routing Protocols

The workaround is to configure RSVP-UDP encapsulation for all RSVP-enabled interfaces. [CSCdi74212]

ISO CLNS

Novell IPX, XNS, and Apollo Domain

The flooding behavior masks a problem where services may be missing from the SAP table until the next full SPF. This is not a problem when all neighbors are Cisco routers, but can be a problem when third-party routers are present on the same link. [CSCdi74487]

TCP/IP Host-Mode Services

VINES

Wide-Area Networking

%SCHED-2-WATCH: Attempt to enqueue uninitialized watched queue (address 0). 
-Process= "interrupt level", ipl= 1, pid= 2
This message means Frame Relay Inverse ARP packets are received before InARP input queue is initialized.
This condition is harmless, but if InARP input queue is initialized later, you will not see this message except at the boot-up time. Frame Relay In ARP function will not be affected. [CSCdi75843]

Caveats for Release 11.2(1)

This section describes possibly unexpected behavior by Release 11.2(1). Unless otherwise noted, these caveats apply to all 11.2 releases up to and including 11.2(1). For additional caveats applicable to Release 11.2(1), see the caveats sections for newer 11.2 releases. The caveats for newer releases precede this section.

All the caveats listed in this section are resolved in release 11.2(2).

AppleTalk

Basic System Services

To resolve this problem, do at least one of the following:
Whenever the router needs to establish a connection to your TACACS+ server, it will attempt to look up your server's IP addresses. [CSCdi70032]

DECnet

EXEC and Configuration Parser

IBM Connectivity

Interfaces and Bridging

IP Routing Protocols

There is no problem if both end points are running OSPF DC-capable images or both end points are running OSPF non-DC-capable images. There is no workaround. [CSCdi71021]

Novell IPX, XNS, and Apollo Domain

TCP/IP Host-Mode Services

Wide-Area Networking

Microcode Revision History

The following sections describe each revision of microcode for the

ATM Interface Processor (AIP) Microcode Revision Summary

AIP Microcode Version 10.16

Modifications

AIP Microcode Version 10.16 fixes the following:

A workaround is either to downgrade the AIP microcode to aip20-6 or to upgrade the AIP microcode to rsp_aip205-5, or aip20-9 when available. A short-term workaround is clear interface atm 5/0 on the transmit side.
The same problem applies for aip10-15 on RP-based platforms. [CSCdi67812]

AIP Microcode Version 10.17

Modifications

AIP Microcode Version 10.17 fixes the following:

AIP Microcode Version 10.18

Modification

AIP Microcode Version 10.18 fixes the following:

AIP Microcode Version 10.19

Modification

AIP Microcode Version 10.19 fixes the following:

AIP Microcode Version 10.20

Modification

AIP Microcode Version 10.20 fixes the following:

AIP Microcode Version 10.21

Modification

AIP Microcode Version 10.21 fixes the following:

AIP Microcode Version 10.22

Modification

AIP Microcode Version 10.22 fixes the following:

AIP Microcode Version 10.23

Modification

AIP Microcode Version 10.23 fixes the following:

AIP Microcode Version 10.24

Modification

AIP Microcode Version 10.24 fixes the following:

AIP Microcode Version 10.25

Modification

AIP Microcode Version 10.25 fixes the following:

Fast Ethernet Interface Processor (FEIP) Microcode Revision Summary

FEIP Microcode Version 10.5

Modifications

FEIP Microcode Version 10.5 fixes the following:

FEIP Microcode Version 10.6

Modifications

FEIP Microcode Version 10.6 fixes the following:

FEIP Microcode Version 10.7

Modification

FEIP Microcode Version 10.7 fixes the following:

FEIP Microcode Version 10.9

Modification

FEIP Microcode Version 10.9 fixes the following:

Fast Serial Interface Processor (FSIP) Microcode Revision Summary

FSIP Microcode Version 10.19

Modification

FSIP Microcode Version 10.19 fixes the following:

MultiChannel Interface Processor (MIP) Microcode Revision Summary

MIP Microcode Version 12.1

Modification

MIP Microcode Version 12.1 fixes the following:

MIP Microcode Version 12.2

Modifications

MIP Microcode Version 12.2 fixes the following:

Token Ring Interface Processor (TRIP) Microcode Revision Summary

TRIP Microcode Version 10.4

Modification

TRIP Microcode Version 10.4 fixes the following:

Route Switch Processor (RSP) Microcode Revision History

ATM Interface Processor (AIP) Microcode Revision Summary

AIP Microcode Version 20.9

Modifications

AIP Microcode Version 20.9 fixes the following:

A workaround is either to downgrade the AIP microcode to aip20-6 or to upgrade the AIP microcode to rsp_aip205-5, or aip20-9 when available. A short-term workaround is clear interface atm 5/0 on the transmit side.
The same problem applies for aip10-15 on RP-based platforms. [CSCdi67812]

AIP Microcode Version 20.10

Modifications

AIP Microcode Version 20.10 fixes the following:

AIP Microcode Version 20.11

Modification

AIP Microcode Version 20.11 fixes the following:

AIP Microcode Version 20.12

Modification

AIP Microcode Version 20.12 fixes the following:

AIP Microcode Version 20.13

Modification

AIP Microcode Version 20.13 fixes the following:

AIP Microcode Version 20.14

Modification

AIP Microcode Version 20.14 fixes the following:

AIP Microcode Version 20.15

Modification

AIP Microcode Version 20.15 fixes the following:

AIP Microcode Version 20.16

Modification

AIP Microcode Version 20.16 fixes the following:

AIP Microcode Version 20.17

Modification

AIP Microcode Version 20.17 fixes the following:

AIP Microcode Version 20.18

Modification

AIP Microcode Version 20.18 fixes the following:

Ethernet Interface Processor (EIP) Microcode Revision Summary

EIP Microcode Version 20.3

Modification

EIP Microcode Version 20.3 fixes the following:

EIP Microcode Version 20.4

Modification

EIP Microcode Version 20.4 fixes the following:

EIP Microcode Version 20.5

Modification

EIP Microcode Version 20.5 fixes the following:

EIP Microcode Version 20.6

Modification

EIP Microcode Version 20.6 fixes the following:

Fast Ethernet Interface Processor (FEIP) Microcode Revision Summary

FEIP Microcode Version 20.4

Modifications

FEIP Microcode Version 20.4 fixes the following:

FEIP Microcode Version 20.5

Modifications

FEIP Microcode Version 20.5 fixes the following:

FEIP Microcode Version 20.6

Modification

FEIP Microcode Version 20.6 fixes the following:

Fast Serial Interface Processor (FSIP) Microcode Revision Summary

FSIP Microcode Version 20.6

Modification

FSIP Microcode Version 20.6 fixes the following:

FSIP Microcode Version 20.7

Modification

FSIP Microcode Version 20.7 fixes the following:

FSIP Microcode Version 20.8

Modification

FSIP Microcode Version 20.8 fixes the following:

FSIP Microcode Version 20.9

Modification

FSIP Microcode Version 20.9 fixes the following:

MultiChannel Interface Processor (MIP) Microcode Revision Summary

MIP Microcode Version 22.1

Modification

MIP Microcode Version 22.1 fixes the following:

MIP Microcode Version 22.2

Modifications

MIP Microcode Version 22.2 fixes the following:

Token Ring Interface Processor (TRIP) Microcode Revision Summary

TRIP Microcode Version 20.1

Modifications

TRIP Microcode Version 20.1 fixes the following:

TRIP Microcode Version 20.2

Modifications

TRIP Microcode Version 20.2 fixes the following:

Cisco Connection Online

Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.

Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.

CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.

You can access CCO in the following ways:

For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.

Note If you are a network administrator and need personal technical assistance with a Cisco product that is under warranty or covered by a maintenance contract, contact Cisco's Technical Assistance Center (TAC) at 800 553-2447, 408 526-7209, or tac@cisco.com. To obtain general information about Cisco Systems, Cisco products, or upgrades, contact 800 553-6387, 408 526-7208, or cs-rep@cisco.com.

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.

If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.





hometocprevnextglossaryfeedbacksearchhelp
Posted: Mon Jul 19 01:04:03 PDT 1999
Copyright 1989-1999©Cisco Systems Inc.