| |
|
Alert Type: | Updated * |
Bug Id: | CSCuw97075 | Title: | perf-monitor service policy does not with connection initiator commands |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Perf-monitor service policy does not with connection initiator commands on the flow record
Conditions:
When we have "match connection initiator"or "collect connection initiator" command within a performance-monitor service policy and when we try to apply the policy on an interface we face an error as below
LAB(config-subif)#service-policy type performance-monitor input NETFLOW_AVC
% Field connection initiator cannot be collected. Please modify flow record NETFLOW_AVC.
Unable to attach policy,class [NETFLOW_AVC,class-default]: Failure
Workaround:
Further Problem Description:
|
|
Last Modified: | 20-JAN-2016 |
|
Known Affected Releases: | 15.4(3)M3.2 |
|
Known Fixed Releases: * | 15.4(3)M4.1, 15.4(3)S4.8, 15.5(3)M1.1, 15.5(3)S1.1, 15.6(0.22)S0.9, 15.6(1.10)T, 15.6(1.10)T0.1 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCtl51026 | Title: | GETVPN group member failed to rekey after client rekey encryption change |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom: group member failed to rekey after group encryption on member configuration was changed
Conditions: the issue is seen if group member encryption did not match that of key server. User can change the member group encryption,
Workaround: change group member encryption to match key server, then reboot the group member router. Other workaround: delete crypto map from physical interface, delete crypto map group and gdoi , then configure new gdoi group, new crypto map group and assign crypto map group to physical interface.
|
|
Last Modified: | 31-JAN-2016 |
|
Known Affected Releases: | 15.1(3.10)T |
|
Known Fixed Releases: * | 15.0(2)EX, 15.0(5.2)DPB35, 15.0(5.21)SID, 15.1(1)MP1.27, 15.1(1)SD5.1, 15.1(1)SG5.103, 15.1(1)SG5.124, 15.1(1)SG5.163, 15.1(1)SG5.169, 15.1(1)SG5.170 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuw86293 | Title: | ISM: GRE over IPsec double account packets input on Tunnel interface |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Cosmetic issue:
IOS router with ISM-VPN module and GRE over IPSec tunnel configured.
The "packets input" counter in "show interface tunnel 10" output is double the amount of packets decrypted.
For example:
Router#show crypto ipsec sa int tunnel 10 | i caps|spi|ident|peer
local ident (addr/mask/prot/port): (172.18.124.149/255.255.255.255/47/0)
remote ident (addr/mask/prot/port): (10.150.175.43/255.255.255.255/47/0)
current_peer 10.150.175.43 port 500
#pkts encaps: 10, #pkts encrypt: 10, #pkts digest: 10
#pkts decaps: 10, #pkts decrypt: 10, #pkts verify: 10
current outbound spi: 0x1F00C2A4(520143524)
spi: 0x1917C146(420987206)
spi: 0x1F00C2A4(520143524)
Router#show int tun 10 | i packets
Checksumming of packets disabled
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
20 packets input, 1240 bytes, 0 no buffer
10 packets output, 1240 bytes, 0 underruns
Conditions:
IOS router 15.5(3)M
GRE over IPsec tunnel.
ISM-VPN module is installed
Workaround:
No workaround need as this is cosmetic.
Switch tunnel to IPsec IPv4 mode (sVTI)
Further Problem Description:
|
|
Last Modified: | 07-JAN-2016 |
|
Known Affected Releases: | 15.5(3)M0.3 |
|
Known Fixed Releases: * | 15.3(3)M6.2, 15.5(3)M1.1, 15.6(1.9)T, 15.6(1.9)T0.1, 15.6(1.9)T0.2 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv61505 | Title: | CME SNR calls get no ringback when active for PRI calls |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
no ringback when snr is enable. Second call to snr dn gives no ringback until the snr destination is ringing
Conditions:
for sip phones with CME
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 07-JAN-2016 |
|
Known Affected Releases: | 15.4(3.0l)M2 |
|
Known Fixed Releases: * | 15.4(3)M3.2, 15.4(3)M4, 15.4(3)S3.12, 15.4(3)S4, 15.5(3)M1.1, 15.5(3)S1.1, 15.6(0.11)T, 15.6(0.14)S, 15.6(1.9)T0.1, 15.6(1.9)T0.2 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux80335 | Title: | ISM-VPN module crash due to memory leak; Traceback= 1000b8a0 |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: * | Symptom:
-ISM crashes on ISR G2 running 15.2(4)M9
Traceback= 1000b8a0
Logging may show:
Jan 8 13:54:17.826 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65548 bytes failed from 0x6D30474, alignment 64
Pool: I/O Free: 130064 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Pool Manager", ipl= 0, pid= 7
-Traceback= 593882Cz 6D1CCD4z 6D23D44z 6D30478z 400EBD0z 6D353E8z 6D35744z 4DE535Cz 4DCB18Cz
...
Jan 8 13:54:29.451 UTC: ISM VPN heartbeat timeout
...
Jan 8 13:54:29.451 UTC: reventon_msg_buffer_ret data_chunk (0x3C60103E) invalid
Jan 8 13:54:29.455 UTC: %CRYPTO-6-IKMP_CRYPT_FAILURE: IKE (connection id 29596) unable to decrypt packet
Jan 8 13:54:29.455 UTC: %CRYPTO-3-IKE_PAK_IN_Q_TIME_LIMIT_EXCEED: Pak spent too much time in the IKE input queues
Conditions:
-Have ISM-VPN module enabled and encrypting traffic in ISR G2 platform
-DMVPN may be a factor
Workaround:
-Disable ISM and use onboard crypto engine with command "no crypto engine slot 0"
-If ISM has crashed, the router must be reloaded to recover module
Further Problem Description:
|
|
Last Modified: | 12-JAN-2016 |
|
Known Affected Releases: | 15.2(4)M9 |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux17945 | Title: | Hootie call is unable to mix multicast streams |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Hootie call is unable to mix multicast stream
Conditions:
Hootie call
Workaround:
N/A
Further Problem Description:
|
|
Last Modified: | 13-JAN-2016 |
|
Known Affected Releases: | 15.2(4)M7.1 |
|
Known Fixed Releases: * | 15.4(3)S4.5, 15.5(3)M1.1, 15.5(3)S1.1, 15.6(0.22)S0.12, 15.6(1.15)S, 15.6(1.9)T, 15.6(1.9)T0.1, 15.6(1.9)T0.2 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux11183 | Title: | MGCP FXS caller-id being truncated to 10 digit ANI when using cptone CN |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
FXS caller ID is truncated after 10 digits
Conditions:
mgcp call with cptone set to "CN"
Workaround:
N/A
Further Problem Description:
|
|
Last Modified: | 20-JAN-2016 |
|
Known Affected Releases: | 15.1(4)M |
|
Known Fixed Releases: * | 15.4(3)M4.1, 15.4(3)S4.5, 15.5(3)M1.1, 15.5(3)S1.1, 15.6(0.22)S0.12, 15.6(1.14)S, 15.6(1.8)T, 15.6(1.9)T0.1, 15.6(1.9)T0.2 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCus33161 | Title: | C2900:EHWIC-4ESG:doesn't forward traffic after STP topology change |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
When a link is down on the EHWIC-4ESG/C2900 and stp topology change happens in the network,
traffic which was transmitted out from that port originally should be transmitted out from another port
on the EHWIC-4ESG after convergence,but not transmitted out.
And when the down link goes up again,even though MAC is flushed on the router,
the router continues to forward traffic to another port only(never flooding).
So,that traffic never reaches the destination because there is the stp blocked port on the path in the original stp topology.
Then,in both cases,it is recovered by clear arp-cache on the router.
Conditions:
It is found on 15.1(4)M6 and 15.2(4)M7.
And it is seen on 15.5(1)T and 15.4(3)M1.
Workaround:
clear arp-cache
Further Problem Description:
|
|
Last Modified: | 01-JAN-2016 |
|
Known Affected Releases: * | 15.1(4)M9, 15.5(1)T |
|
Known Fixed Releases: | 15.3(3)M6, 15.4(3)M3.1, 15.4(3)M4, 15.5(2.4)T, 15.6(1.9)T0.1, 15.6(1.9)T0.2 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCur64583 | Title: | %MAINBOARD-3-I2CRW_ERROR: Write failure - Device @ 0xE0 |
|
Status: | Terminated |
|
Severity: | 3 Moderate |
Description: * | Symptom:
%MAINBOARD-3-I2CRW_ERROR: Write failure - Device @ 0xE0, offset 0x00000000 on I2C bus 1
Conditions:
Steady state operations
Workaround:
None
Further Problem Description:
None
|
|
Last Modified: | 05-JAN-2016 |
|
Known Affected Releases: | 15.0(1)M7 |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv04514 | Title: | Few ISM counters missing in show crypto engine acc stat |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Few ISM counters not seen in show output
Conditions:
while executing show crypto engine accelerator stats, few counters are mising
Workaround:
nil
Further Problem Description:
|
|
Last Modified: | 20-JAN-2016 |
|
Known Affected Releases: | 15.3(3)M |
|
Known Fixed Releases: * | 15.3(3)M6, 15.4(3)M4.1 |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux03565 | Title: | VDSL Controller reset on clear counter [EHWIC-VA-DSL-B] |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: * | Symptom:
HW : CISCO2911/K9
Current : 15.4.3M4/ c2900-universalk9-mz.SPA.154-3.M4.bin
Related Parts : EHWIC-VA-DSL-B
Customer is connected on an extremely long loop with Line and Signal Attenuation reaching the maximum amount of loss possible and still be able to train up
Conditions:
We need to engage Dev-Test to bring up an Annex B module in ADSL2+ mode with a LOOP SIMULATOR set for 5,000' and NOISE GENERATOR injecting 130 dB of Background Noise. This should provide near to the customer conditions:
Line Attenuation: 56.5 dB 32.7 dB
Signal Attenuation: 64.6 dB 32.5 dB
DS Channel1 DS Channel0 US Channel1 US Channel0
Speed (kbps): 0 3663 0 634
Previous Speed: 0 3655 0 634
Total Cells: 0 3995414677 0 1436168216
User Cells: 0 33353896 0 22848388
Reed-Solomon EC: 0 303195 0 43
CRC Errors: 0 16207 0 0
Header Errors: 0 55963 0 0
Show tech : http://www-tac.cisco.com/Teams/ks/c3/getLargeFile.php?srId=636565939&fileName=20151020-145155809_20151020.r0373m00300.console.log&forceText=1
Show logg : http://www-tac.cisco.com/Teams/ks/c3/getLargeFile.php?srId=636565939&fileName=20151007-010711070_20151007.r0373m00300.debug-during-clear-counters.log&forceText=1
Workaround:
Upgrade to IOS 15.4.3M4/ c2900-universalk9-mz.SPA.154-3.M4.bin
Further Problem Description:
|
|
Last Modified: | 20-JAN-2016 |
|
Known Affected Releases: | 15.4(3) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCus75068 | Title: | Anti-replay scenario for getvpn is failing |
|
Status: * | Terminated |
|
Severity: | 4 Minor |
Description: | Symptom:
Anti replay scenario for getvpn is failing
Conditions:
issue is seen in latest t_base_5
Workaround:
unknown
Further Problem Description:
|
|
Last Modified: | 20-JAN-2016 |
|
Known Affected Releases: | 15.5(1.15)T, 15.5(1.23)T |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCup15072 | Title: | ENH: IP admission bypass based on regex for URI |
|
Status: * | Terminated |
|
Severity: | 6 Enhancement |
Description: | Symptom:
This is an enhancement request to allow authentication bypass based on regex (command ip admission). Currently it is only based on IP or user-agent
Conditions:
ISR with CWS support to be able to bypass authentication for specific URLs
Workaround:
None.
Currently, IP admission bypass can be done by IP or user-agent.
Or, other option is to completely bypass the url from being sent to CWS.
Further Problem Description:
|
|
Last Modified: | 22-JAN-2016 |
|
Known Affected Releases: | 15.3(0.1) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCua05512 | Title: | ENH: Provide an easier way to disable IOS IPS globally following reboot |
|
Status: * | Terminated |
|
Severity: | 6 Enhancement |
Description: | Symptom:
In situations where a crash may occur during the IOS IPS signature compilation process, it may not be possible to execute the interface and global commands necessary in order to disable the IPS feature. This can make it difficult to get out of a crash loop situation.
Conditions:
Observed on a 2911 router running 15.2(3)T
Workaround:
Boot the router into ROMMON, modify the config register to bypass the startup config, and then rebuild the configuration without the IPS feature enabled.
|
|
Last Modified: | 22-JAN-2016 |
|
Known Affected Releases: | 15.2(3)T |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCui96117 | Title: | SGToEthernet feature support on PSE2 interface-Lebowski backplane port |
|
Status: * | Terminated |
|
Severity: | 6 Enhancement |
Description: * | Symptom:
SGToE will not work on PSE2 interface
Conditions:
SGToE will not work between Gig port of SRE switch module and 2951 Router host port.
Workaround:
none.
|
|
Last Modified: | 22-JAN-2016 |
|
Known Affected Releases: | 15.4(0.15)T |
|
Known Fixed Releases: | |
|
|
| |
2015 Cisco and/or its affiliates. All rights reserved. 
没有评论:
发表评论