Release Notes for Cisco
Content Services Gateway 2nd Generation Release 6.0
Cisco IOS Release 12.4(24)MDB17
First Published: March 30, 2011
Last Updated: January 31, 2014
Current Release: Cisco IOS Release 12.4(24)MDB17
OL-24560-01
This publication describes the requirements, dependencies, and caveats for the Cisco Content Services
Gateway - 2nd Generation, more commonly known as the Content Services Gateway 2 or CSG2. These
release notes are updated for every maintenance release.
Use these release notes with the Cross-Platform Release Notes for Cisco IOS Release 12.4, located on
Cisco.com.
Caveats
Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most
serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only
select severity 3 caveats are included in the caveats document.
All caveats in Cisco IOS Release 12.4 and Cisco IOS Release 12.4 T are also in Cisco IOS Release
12.4(24)MDB17.
Note
•
For a list of the software caveats that affect the CSG2 or Cisco SAMI software for Cisco IOS Release
12.4(24)MDB17, see the “Caveats for Cisco IOS Release 12.4(24)MDB17” section on page 14.
•
For information on caveats in Cisco IOS Release 12.4, see Caveats for Cisco IOS Release 12.4,
located on Cisco.com.
•
For information on caveats in Cisco IOS Release 12.4 T, see Caveats for Cisco IOS Release 12.4T,
located on Cisco.com and the Documentation CD-ROM.
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB2 was not released.
Cisco Systems, Inc.
www.cisco.com
This publication includes the following information:
•
Introduction, page 4
•
Features, page 5
•
System Requirements, page 11
•
Prerequisites and Restrictions, page 13
•
Caveats for Cisco IOS Release 12.4(24)MDB17, page 14
– CSG2 Software for Cisco IOS Release 12.4(24)MDB17 - Open Caveats, page 14
– CSG2 Software for Cisco IOS Release 12.4(24)MDB17 - Closed Caveats, page 15
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB17 - Open Caveats, page 15
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB17 - Closed Caveats, page 17
•
Caveats for Cisco IOS Release 12.4(24)MDB16, page 18
– CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats, page 18
– CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats, page 19
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats, page 19
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats, page 21
•
Caveats for Cisco IOS Release 12.4(24)MDB15, page 21
– CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats, page 21
– CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats, page 22
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats, page 24
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats, page 25
•
Caveats for Cisco IOS Release 12.4(24)MDB14, page 26
– CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats, page 26
– CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats, page 27
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats, page 27
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats, page 29
•
Caveats for Cisco IOS Release 12.4(24)MDB13, page 30
– CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats, page 30
– CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats, page 30
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats, page 31
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats, page 33
– Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 34
•
Caveats for Cisco IOS Release 12.4(24)MDB12, page 35
– CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats, page 35
– CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats, page 36
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats, page 36
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats, page 37
•
Caveats for Cisco IOS Release 12.4(24)MDB11, page 38
– CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats, page 38
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
2
OL-24560-01
– CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats, page 39
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats, page 40
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats, page 40
•
Caveats for Cisco IOS Release 12.4(24)MDB10, page 41
– CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats, page 41
– CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats, page 42
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats, page 42
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats, page 43
– Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 43
•
Caveats for Cisco IOS Release 12.4(24)MDB9, page 43
– CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats, page 44
– CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats, page 44
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats, page 45
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats, page 45
•
Caveats for Cisco IOS Release 12.4(24)MDB8, page 46
– CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats, page 46
– CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats, page 46
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats, page 47
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats, page 47
•
Caveats for Cisco IOS Release 12.4(24)MDB7, page 48
– CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats, page 48
– CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats, page 48
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats, page 50
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats, page 50
•
Caveats for Cisco IOS Release 12.4(24)MDB6, page 51
– CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats, page 51
– CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats, page 53
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats, page 53
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats, page 54
•
Caveats for Cisco IOS Release 12.4(24)MDB5a, page 55
– CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats, page 55
– CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats, page 56
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats, page 56
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats, page 56
– Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 56
•
Caveats for Cisco IOS Release 12.4(24)MDB5, page 58
– CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats, page 58
– CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats, page 58
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
3
Introduction
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats, page 59
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats, page 59
•
Caveats for Cisco IOS Release 12.4(24)MDB4, page 59
– CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats, page 59
– CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats, page 60
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats, page 62
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats, page 62
– Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 63
•
Caveats for Cisco IOS Release 12.4(24)MDB3, page 64
– CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats, page 64
– CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats, page 65
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats, page 66
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats, page 66
•
Caveats for Cisco IOS Release 12.4(24)MDB1, page 67
– CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats, page 67
– CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats, page 67
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats, page 68
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats, page 68
– Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 68
•
Caveats for Cisco IOS Release 12.4(24)MDB, page 68
– CSG2 Software for Cisco IOS Release 12.4(24)MDB - Open Caveats, page 69
– CSG2 Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats, page 69
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Open Caveats, page 69
– Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats, page 69
– Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 70
•
Documentation and Technical Assistance, page 70
Introduction
The CSG2 is an application that runs on the Cisco Service and Application Module for IP (SAMI), a
high-speed processing module. The CSG2 provides content-aware billing, service control, traffic
analysis, and data mining in a highly scalable, fault-tolerant package. The CSG2 provides the software
required by mobile wireless operating companies and other billing, applications, and service customers.
The CSG2 runs on the Cisco SAMI, a new-generation high performance service module for the
Cisco 7600 series router platforms. The CSG2 is typically located at the edge of a network in an Internet
service provider (ISP) point of presence (POP), or Regional Data Center.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
4
OL-24560-01
Features
Features
This section lists the CSG2 features and the CSG2 release in which the feature was introduced. For full
descriptions of all of these features, see the Cisco Content Services Gateway - 2nd Generation Release 5
Installation and Configuration Guide.
To see the software part numbers associated with each CSG2 release; the Supervisor hardware required
by each CSG2 release; the minimum Cisco IOS release required for new features in each CSG2 release;
and the minimum IOS level supported by each CSG2 release, see the “Software Requirements” section
on page 12.
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB17, page 5
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB16, page 6
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB15, page 6
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB14, page 6
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB13, page 6
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB12, page 6
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB11, page 6
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB10, page 6
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB9, page 7
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB8, page 7
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB7, page 7
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB6, page 7
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5a, page 8
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5, page 8
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB4, page 8
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB3, page 9
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB1, page 9
•
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB, page 9
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB17
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB17 supports the entire feature set
listed in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB16” section on page 6. In
addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB17 supports the following
new features:
•
CCR-I and CCR-U retry
– CCR-I retry — In current implementation, when CCR-I fails due to peer failure or transaction
timeout, CSG2 assigns default billing plan and never interacts with PCRF till user session is
re-established.
By allowing CCR-I to be retried, user can be assigned subscribed billing plan and user session
can be monitored for the usage by PCRF.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
5
Features
– CCR-U retry — In current implementation, when a CCR-U fails due to peer failure or
transaction timeout, CSG2 will stop reporting usage unless PCRF sets the trigger again via
RAR/CCA-U.
By allowing CCR-U to be retried, CSG2 can report interim usage to PCRF.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB16
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB16 supports the entire feature set
listed in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB15” section on page 6.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB15
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB15 supports the entire feature set
listed in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB14” section on page 6.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB14
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB14 supports the entire feature set
listed in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB13” section on page 6.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB13
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB13 supports the entire feature set
listed in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB12” section on page 6.
In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB13 supports the following
new features:
•
IF-MIB Support for IXP Interface Errors and Drops
•
Generation of Syslog SNMP Traps When Threshold Exceeded
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB12
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB12 supports the entire feature set
listed in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB11” section on page 6.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB11
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB11 supports the entire feature set
listed in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB10” section on page 6.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB10
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB10 supports the entire feature set
listed in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB9” section on page 7.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
6
OL-24560-01
Features
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB9
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB9 supports the entire feature set listed
in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB8” section on page 7.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB8
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB8 supports the entire feature set listed
in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB7” section on page 7.
In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB8 supports the following
new feature:
•
Performance Enhancements
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB7
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB7 supports the entire feature set listed
in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB6” section on page 7.
In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB7 supports the following
new features:
•
Accelerated Flow Enhancements:
– Acceleration of Encapsulated Multipart Transactions
– Acceleration of HTTP Chunk-Encoded Transactions
– Idle Timeout for Accelerated Flows
ip csg accel idle
– Support Up to 32 Accelerated Flows per Aggregate
•
Enhanced Output for show ip csg Command:
– Display Aggregate Utilization Counts
show ip csg accel detail
– Display Enhanced Out-of-Order Statistics
show ip csg stats
•
Performance Enhancements
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB6
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB6 supports the entire feature set listed
in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5a” section on page 8.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
7
Features
In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB6 supports the following
new feature:
•
Note
Fast TCP retransmit
We strongly recommend that you enable this feature.
The CSG2 might queue out-of-order TCP packets for inspection, then forward those packets when
the TCP stream catches up and fills in the sequence-number gap. However, because the packets are
queued, it can appear that they were dropped from the network, and the TCP endpoint might not
retransmit the missing packets until the timers expire. That can lead to long recovery times and low
throughput.
To reduce recovery time and improve throughput, you can enable the CSG2 to emulate RFC 2581
behavior by sending a response for each queued out-of-order packet. The response is a duplicate of
the last ACK sent by the other TCP endpoint. This triggers the TCP fast retransmit behavior at the
sender, which can then retransmit any missing packets before the retransmit timer expires.
To enable the fast TCP retransmit feature, enter the ip csg mode dupack command in global
configuration mode.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5a
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB5a supports the entire feature set
listed in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5” section on page 8.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB5
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB5 supports the entire feature set listed
in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB4” section on page 8.
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB4
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB4 supports the entire feature set listed
in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB3” section on page 9.
In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB4 supports the following
new features:
•
Configurable Counting Behavior for Gx CCR-U Timeouts or Errors
•
Enhanced Output for show ip csg Commands
– New Counters for HTTP Multipart Flows
– New Counters for Unusual TCP Conditions
- Out-of-Order Packets
- Session-Less Packets
– New Error Counters for Diameter
– Per-Content Flow Length Statistics
- HTTP Contents
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
8
OL-24560-01
Features
- TCP Contents
- UDP Contents
•
Enhanced Output for show tech-support Command
•
Excluding TCP Bytes from TCP Counts for Retransmitted TCP Segments
•
Minimum Packet Count for Acceleration of TCP and UDP Contents
•
Performance Enhancements
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB3
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB3 supports the entire feature set listed
in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB1” section on page 9.
In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB3 supports the following
new feature:
•
Gx Midpage URL-Redirect
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB1
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB1 supports the entire feature set listed
in the “CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB” section on page 9.
In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB1 supports the following
new features:
•
Configurable Rate Limits for New Sessions
•
Support for 64-Bit Volume Threshold over Gx Interface
CSG2 Features Supported for Cisco IOS Release 12.4(24)MDB
The CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB supports the entire feature set for
the CSG2 Release 5 software for Cisco IOS Release 12.4(24)MDA5.
In addition, the CSG2 Release 6 software for Cisco IOS Release 12.4(24)MDB supports the following
new features:
•
Accelerated Flow Enhancements
– Accelerated Gx Volume Limit Thresholds
– Accelerated Prepaid Flows
– Accelerated Volume-Based Service-Level CDRs
•
Attribute Map Enhancements
– Allow Different Field Identifiers in Attribute Maps
– Supplemental Attribute Maps
•
Content Enhancements
– Configurable Content Policy Priority
– Configurable Content Description
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
9
Features
– Secondary Filters for Contents
•
CSG2 User Table Enhancements
– GGSN User Release
– Unknown User Blocking
•
Enhanced Output for show ip csg Command
– Display Additional Route Injection Statistics
show ip csg stats > CSG User Stats
– Display GTP' Round-Trip Statistics
show ip csg bma detail
show ip csg bma history
show ip csg psd detail,
show ip csg psd history
show ip csg quota-server detail
show ip csg quota-server history
– Display Non-Proxied RADIUS Proxy Statistics
show ip csg radius detail
– Display PCRF Failure Statistics
show ip csg stats > CSG Gx Handler Stats
– Display User Creation and Deletion Statistics
show ip csg stats > CSG User Stats and CSG Session Stats
– Filter Output by Billing Plan
show ip csg users billing billing-plan-name
•
Enhanced Output for show tech Command
– Added show fastblk, show preload, and show safeblk to Output
– Added IXP Data to Output
•
Gx Enhancements
– Dedicated Bearer Support
– Distributed Gx
– Gx Performance Improvements
– Gx Usage Query
– Gx User Agent Reporting
– Reporting Gx Service Group Information in CDRs
•
Header Insertion Enhancements
– Accelerated Header Insertion
– Configurable Delimiter for Header Insertion
– IP Addresses in Dotted-Decimal Notation for Header Insertion
•
RADIUS Enhancement
– TLV Persistence for RADIUS Interim Updates
•
Regular Expression Match Capacity Increase—The CSG2 supports:
– Up to 2048 match patterns per map
– Up to 2048 total match patterns per policy
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
10
OL-24560-01
System Requirements
– Up to 2048 total match patterns per content
– Up to 8192 total match patterns per CSG2 (assuming there is enough memory available)
•
Service Enhancement
– Configurable Service Lifetime (Forced Service Stop)
– Expanded BMA/Quota Server Service Stop Information
•
Timestamp for Cleared Statistics—Display time since counters were last cleared for clear ip csg
counters
System Requirements
This section describes the following memory and software requirements for CSG2:
•
Memory Requirements, page 11
•
Hardware Supported, page 11
•
Software Requirements, page 12
•
Determining the Software Version, page 13
For hardware requirements, such as power supply and environmental requirements, as well as hardware
installation instructions, see the Service and Application Module for IP User Guide.
Memory Requirements
The CSG2 memory is not configurable.
The Cisco SAMI is available with a default 1 GB memory or an optional 2-GB memory.
Note
Gx features in the CSG2 R6 and later require the 2 GB-SAMI option. The CSG2 R6 and later on the
1 GB-SAMI option does not support Gx.
Hardware Supported
Use of the CSG2 requires one of the following Cisco 7600 Series Routers and Supervisor Engines, and
a module with ports to connect server and client networks:
•
Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 (WS-SUP720)
running Cisco IOS Release 12.4(33)SRB1 or later
•
Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy
Feature Card 3B (WS-SUP720-3B) running Cisco IOS Release 12.4(33)SRB1 or later
•
Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy
Feature Card 3BXL (WS-SUP720-3BXL) running Cisco IOS Release 12.2(33)SRB1 or later
•
Cisco 7600 Series Supervisor Engine 32 with a Multilayer Switch Feature Card
(WS-SUP32-GE-3B) running Cisco IOS Release 12.2(33)SRC or later and LCP ROMMON Version
12.2[121] or later on the Cisco SAMI
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
11
System Requirements
•
Cisco 7600 Series Supervisor Engine 32 with a Multilayer Switch Feature Card and 10 Gigabit
Ethernet Uplinks (WS-SUP32-10GE-3B) running Cisco IOS Release 12.4(33)SRC or later and LCP
ROMMON Version 12.2[121] or later on the Cisco SAMI
•
Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3C
(RSP720-3C-GE) running Cisco IOS Release 12.4(33)SRC or later
•
Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3CXL
(RSP720-3CXL-GE) running Cisco IOS Release 12.2(33)SRC or later
Software Requirements
When referring to this section, keep the following considerations in mind:
•
Do not use the Supervisor Hardware Supported column to infer supervisor hardware support.
Consult the Cisco IOS Upgrade Planner to determine which Cisco IOS releases support the desired
supervisor hardware.
•
Each feature set is limited to those features that can be configured at the Minimum Cisco IOS Level
Supported.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
12
OL-24560-01
Prerequisites and Restrictions
The following table lists the CSG2 and Cisco SAMI module part numbers and associated information
for each CSG2 release:
CSG2 Release
12.4(24)MDB17
12.4(24)MDB16
12.4(24)MDB15
12.4(24)MDB14
12.4(24)MDB13
12.4(24)MDB12
12.4(24)MDB11
12.4(24)MDB10
12.4(24)MDB9
12.4(24)MDB8
12.4(24)MDB7
12.4(24)MDB6
12.4(24)MDB5a
12.4(24)MDB5
12.4(24)MDB4
12.4(24)MDB3
12.4(24)MDB1
12.4(24)MDB
Supervisor Software
Minimum Cisco IOS
Release Required for
New Features
Supervisor Software
Minimum Cisco IOS Level
Supported
CSG2 and Cisco SAMI
Module Part Numbers
Supervisor Hardware
Supported
Cisco SAMI Module
Part Numbers:
WS-SUP720
WS-SUP720-3B
WS-SUP720-3BXL
12.2(33)SRB1
12.2(33)SRB1
WS-SUP32-GE-3B
WS-SUP32-10GE-3B
12.2(33)SRC
12.2(33)SRC
RSP720-3C-GE
RSP720-3CXL-GE
12.2(33)SRC
12.2(33)SRC
WS-SVC-SAMI-BB-K9
WS-SVC-SAMI-BB-K9=
MEM-SAMI-6P-1GB
MEM-SAMI-6P-2GB
CSG2 Software License
Part Numbers:
SSAC60K9-12424MDB
SSAC60K9-12424MDB=
CSG2 Software
Subscriber License
Part Numbers:
FL-SC-10K-SUB
FL-SC-100K-SUB
CSG2 Software Upgrade
License Part Numbers:
FL-SC-R5R6-K9-UP
CSG2 Software and
Cisco SAMI Module
Bundle Part Numbers:
SAMI-CSG2-R2AS-K9=
Determining the Software Version
To determine the version of Cisco IOS software that is currently running on your Cisco network device,
log in to the CSG2 or Supervisor Engine and enter the show version EXEC command.
To show CSG2 versions, log in to the Supervisor Engine and enter the show module command in
privileged EXEC mode.
To provide meaningful problem determination information, log in to the CSG2 or Supervisor Engine and
enter the show tech-support command in privileged EXEC mode.
Prerequisites and Restrictions
For the latest prerequisites and restrictions for the CSG2, see the “Overview” chapter of the
Cisco Content Services Gateway - 2nd Generation Release 6 Installation and Configuration Guide.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
13
Caveats for Cisco IOS Release 12.4(24)MDB17
Caveats for Cisco IOS Release 12.4(24)MDB17
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB17.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB17 - Open Caveats, page 14
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB17 - Closed Caveats, page 15
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB17 - Open Caveats, page 15
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB17 - Closed Caveats, page 17
CSG2 Software for Cisco IOS Release 12.4(24)MDB17 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB17:
•
CSCum82543 — CSG2 does not include QoS values in the CCR-I/U retry message sent to pcrf
When CCR-I retry is attempted, CCR-I goes to PCRF without QoS AVP. Due to this, PCRF does
not send QoS in the CCA-I and user will continue with the QoS info received from RAN.
Similar behavior is observed for CCR-U retry as well.
The impact seen is, QoS negotiation will not occur between CSG2 and PCRF. QoS values received
from RAN will be updated in GW/CSG2, but not on the PCRF. This would recover automatically
after any QoS Change attempt (either initiated from PCRF through RAR or from RAN through
MBR).
Workaround: None.
•
CSCty02688 — CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCuh79944 — Backlog of IPC messages causes authentication failure in CSG2
Authentication failures occur during backlog IPC messages.
Workaround: Reload the Active CSG2.
•
CSCui11087 — CSG2:MDB13 crashes due to bus error
In rare situations, the CSG2 might reload due to a bus error when the CSG2 buffer (queue) reaches
its maximum capacity to accept the packets, that arrive out of order.
Workaround: None.
•
CSCui11906 — CSG2:MDB12 crashes while processing the acceleration delete request
The CSG2 might reload while processing delete requests for the accelerated session.
This problem occurs in rare situations, wherein the accelerated session might be freed prior to the
delete request.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
14
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB17
Workaround: None.
•
CSCuh34277 — Incorrect location handling and diameter AVP RAI encoding
The CSG2 does not encode diameter/Gx AVP RAI in UTF-8 format.
This problem occurs when the RADIUS AVP 3GPP-User-Location-Info(3GPP/22) is received on
the RADIUS interface.
Workaround: None.
CSG2 Software for Cisco IOS Release 12.4(24)MDB17 - Closed Caveats
There are no Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB17. However,
new feature CCR-I and CCR-U retry is available with this release.
•
CSCui64416 — Feature Development: CCR-I and CCR-U retries
For information on this feature, see the “CSG2 Features Supported for Cisco IOS Release
12.4(24)MDB17” section on page 5.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB17 - Open Caveats
The following list identifies open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB17:
•
CSCum66201 — SAMI crash - Null Buffer handle encountered in resequencer ME
Health Monitoring Failure was seen in IXP.
NULL buffer was encountered because the input ring of the Resequencer ME got corrupted.
Workaround: None
•
CSCuh78967 — SAMI - SPGW - Crash on Crash with Bus error
Show stacks indicates Bus error.
MCSR Value:ox00008
Only crashinfo ramdump is available for the particular PPC:
SAMI SPGW crash
#dir sami#1-fs:core/
Directory of sami#1-fs:core/
13 ----
50100 Apr 30 2013 09:03:34 -04:00 dmsg_cmd_proc0_logs
12 ----
51979 Apr 18 2013 00:21:00 -04:00 dmsg_cmd_proc0_restart
24 ---- 5683200 Apr 18 2013 00:22:14 -04:00
crashinfo_collection-20130418-042124.tar
Workaround: None
•
CSCtz76762 — IPC timed out for IXP1 syslogs from 2 TPs
%PLATFORM-3-SAMI_IPC_IXP_FAIL error messages was seen from one or more of the
Traffic Processors (TPs) for IPCP_MSG_CSG2_P2I_DELETE_FLOW and
IPCP_MSG_CSG2_P2I_DECEL_REQ messages, of a SAMI card running the CSG2
application software.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
15
Caveats for Cisco IOS Release 12.4(24)MDB17
%PLATFORM-3-SAMI_IPC_IXP_FAIL: IPC timed out for IXP2 for Msgcode
IPCP_MSG_CSG2_P2I_DELETE_FLOW, Num tries: 3
Workaround: The card may need to be reloaded manually to recover from this condition.
•
CSCui48107 — Lookup thread hung due to SRAM signals not posted during lock_flow_entry
SAMI blade reload was caused by hung lookup thread due to SRAM signals that was not posted
during lock_flow_entry
Workaround: None
•
CSCui65391 — SAMI: Local memory corruption in Lookup ME
SAMI module reloaded generating the following crashinfo file:
SAMI 5/3: 000304: Jul 5 00:03:10: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
Workaround: None
•
CSCuc79604 —124-24.MDB11_bad buffer handle
Crash files are generated and the following error is seen in the logs:
SAMI 13/3: 001107: Oct 4 05:18:16: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
The problem occurs while passing normal traffic through the CSG2.
Workaround: None
•
CSCud12488 — CSG2 (SAMI) reloaded “Proc 7 - data path fail to Proc 1 (NP1)”
The Cisco SAMI might reload, generating the following:
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/5: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/6: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 24: SAMI 13/7: 000021: Nov 7
07:34:13: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check
`sami health-monitoring' configuration and see `show sami health-monitoring' for more
info
Workaround: None.
•
CSCue78945 — HM failure due to rx_info getting zeroed
The CSG2 reloads and one of the following two errors is seen in the logs:
1.
SAMI 5/3: 000021: Apr 22 12:21:52: %PLATFORM-1-DP_HM_FAIL: Failed to receive
response from IXP2. Check `sami health-monitoring' configuration and see `show sami
health-monitoring' for more information
2.
SAMI 5/3: 004633: Jun 21 21:10:37: %PLATFORM-0-DP_IXP_MULT_THR_FAIL:
IXP:1 multiple:1 threads hung
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
16
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB17
In rare situations, this condition occurs due to HM failure or thread hung failure as a result of
transient hardware failure or corruption in IXP.
Workaround: None.
•
CSCud83399 — HM fails in all PPCs due to Kabob full condition
All six PPCs face HM failure with the following logs:
SAMI 12/3: 000306: Dec 16 11:50:17: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (that is in the next 256 milliseconds.)
The logs can be checked from the debuginfo files in crashinfo.tar.
Workaround: None.
•
CSCug89458 — HM-Failure due to packet drop in RX ME
HM-Failure occurs due to packet drop in RX ME. This problem was noticed during normal
operation.
Workaround: None.
•
CSCug22200 — CSG2 reloaded due to SAMI health monitoring failure
The device reloads when IXP health monitoring failure occurs.
This problem occurs when the PPCs in daughter card 1 fails to receive health-monitoring packets
from IXP2.
Workaround: None.
•
CSCug59455 — IXP breakpoint assertion due to invalid SRAM address in Config ME
SAMI reloaded by the IXP breakpoint assertion due to an invalid SRAM address in config ME.
SAMI 13/6: 000020: Apr 22 12:21:51: PLATFORM-2-DP_IXP_HM_WARN: Failed to receive
response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in
another 16 retries (i.e. in the next 256 milliseconds.)
SAMI 13/6: 000021: Apr 22 12:21:52: PLATFORM-1-DP_HM_FAIL: Failed to receive
response from IXP2.
For more information, the logs can be checked from the debuginfo files in crashinfo.tar.
Workaround: None.
•
CSCuh73226 — SAMI Qnx kernel crash
SAMI gets reloaded with the message "IXP xscale core received”. In the LCP core directory, the file
ixp#.txt contains the qnx kernel core dump.
Workaround: None.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB17 - Closed Caveats
There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS
Release 12.4(24)MDB17.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
17
Caveats for Cisco IOS Release 12.4(24)MDB16
Caveats for Cisco IOS Release 12.4(24)MDB16
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB16.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats, page 18
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats, page 19
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats, page 19
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats, page 21
CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB16:
•
CSCty02688 — CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCuh79944 — Backlog of IPC messages causes authentication failure in CSG2
Authentication failures occur during backlog IPC messages.
Workaround: Reload the Active CSG2.
•
CSCui11087 — CSG2:MDB13 crashes due to bus error
In rare situations, the CSG2 might reload due to a bus error when the CSG2 buffer (queue) reaches
its maximum capacity to accept the packets, that arrive out of order.
Workaround: None.
•
CSCui11906 — CSG2:MDB12 crashes while processing the acceleration delete request
The CSG2 might reload while processing delete requests for the accelerated session.
This problem occurs in rare situations, wherein the accelerated session might be freed prior to the
delete request.
Workaround: None.
•
CSCuh34277 — Incorrect location handling and diameter AVP RAI encoding
The CSG2 does not encode diameter/Gx AVP RAI in UTF-8 format.
This problem occurs when the RADIUS AVP 3GPP-User-Location-Info(3GPP/22) is received on
the RADIUS interface.
Workaround: None.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
18
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB16
CSG2 Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB16:
•
CSCuj47099 — Attribute map not tagged to the policy in standby after bulksync
The map with type 'attribute' is not tagged to the corresponding policy in the standby after a reload.
After the CSG2 reloads and comes up as standby, bulk sync occurs. During the bulk sync, the active
CSG2 syncs all the preload information to the standby CSG2. The map with type attribute is not
synced appropriately to the standby CSG2. As a result, though the standby CSG2 gets the attribute
map synced, the map is not tagged to the corresponding policy.
•
CSCug80879 — CSG behavior for diameter retry
CSG2 accepts a diameter error response with a 3003, 3004, or 3005 result code from the primary
PCRF after the diameter transaction timer had expired. The CCA messages from a secondary PCRF
are ignored when this occurs.
A late diameter error (3002, 3004, 3005) response is accepted from the primary peer after a time-out
when the CCR is re-tried to a secondary PCRF. The problem occurs when the error response from
the primary PCRF is received before a response from the secondary PCRF.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Open Caveats
The following list identifies open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB16:
•
CSCtz76762 — IPC timed out for IXP1 syslogs from 2 TPs
%PLATFORM-3-SAMI_IPC_IXP_FAIL error messages was seen from one or more of the
Traffic Processors (TPs) for IPCP_MSG_CSG2_P2I_DELETE_FLOW and
IPCP_MSG_CSG2_P2I_DECEL_REQ messages, of a SAMI card running the CSG2
application software.
%PLATFORM-3-SAMI_IPC_IXP_FAIL: IPC timed out for IXP2 for Msgcode
IPCP_MSG_CSG2_P2I_DELETE_FLOW, Num tries: 3
Workaround: The card may need to be reloaded manually to recover from this condition.
•
CSCui48107 — Lookup thread hung due to SRAM signals not posted during lock_flow_entry
SAMI blade reload was caused by hung lookup thread due to SRAM signals that was not posted
during lock_flow_entry
Workaround: None
•
CSCui65391 — SAMI: Local memory corruption in Lookup ME
SAMI module reloaded generating the following crashinfo file:
SAMI 5/3: 000304: Jul 5 00:03:10: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive
response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in
another 16 retries (i.e. in the next 256 milliseconds.)
Workaround: None
•
CSCuc79604 —124-24.MDB11_bad buffer handle
Crash files are generated and the following error is seen in the logs:
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
19
Caveats for Cisco IOS Release 12.4(24)MDB16
SAMI 13/3: 001107: Oct 4 05:18:16: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
The problem occurs while passing normal traffic through the CSG2.
Workaround: None
•
CSCud12488 — CSG2 (SAMI) reloaded “Proc 7 - data path fail to Proc 1 (NP1)”
The Cisco SAMI might reload, generating the following:
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/5: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/6: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 24: SAMI 13/7: 000021: Nov 7
07:34:13: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check
`sami health-monitoring' configuration and see `show sami health-monitoring' for more
info
Workaround: None.
•
CSCue78945 — HM failure due to rx_info getting zeroed
The CSG2 reloads and one of the following two errors is seen in the logs:
3.
SAMI 5/3: 000021: Apr 22 12:21:52: %PLATFORM-1-DP_HM_FAIL: Failed to receive
response from IXP2. Check `sami health-monitoring' configuration and see `show sami
health-monitoring' for more information
4.
SAMI 5/3: 004633: Jun 21 21:10:37: %PLATFORM-0-DP_IXP_MULT_THR_FAIL:
IXP:1 multiple:1 threads hung
In rare situations, this condition occurs due to HM failure or thread hung failure as a result of
transient hardware failure or corruption in IXP.
Workaround: None.
•
CSCud83399 — HM fails in all PPCs due to Kabob full condition
All six PPCs face HM failure with the following logs:
SAMI 12/3: 000306: Dec 16 11:50:17: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (that is in the next 256 milliseconds.)
The logs can be checked from the debuginfo files in crashinfo.tar.
Workaround: None.
•
CSCug89458 — HM-Failure due to packet drop in RX ME
HM-Failure occurs due to packet drop in RX ME. This problem was noticed during normal
operation.
Workaround: None.
•
CSCug22200 — CSG2 reloaded due to SAMI health monitoring failure
The device reloads when IXP health monitoring failure occurs.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
20
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB15
This problem occurs when the PPCs in daughter card 1 fails to receive health-monitoring packets
from IXP2.
Workaround: None.
•
CSCug59455 — IXP breakpoint assertion due to invalid SRAM address in Config ME
SAMI reloaded by the IXP breakpoint assertion due to an invalid SRAM address in config ME.
SAMI 13/6: 000020: Apr 22 12:21:51: PLATFORM-2-DP_IXP_HM_WARN: Failed to receive
response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in
another 16 retries (i.e. in the next 256 milliseconds.)
SAMI 13/6: 000021: Apr 22 12:21:52: PLATFORM-1-DP_HM_FAIL: Failed to receive
response from IXP2.
For more information, the logs can be checked from the debuginfo files in crashinfo.tar.
Workaround: None.
•
CSCuh73226 — SAMI Qnx kernel crash
SAMI gets reloaded with the message "IXP xscale core received”. In the LCP core directory, the file
ixp#.txt contains the qnx kernel core dump.
Workaround: None.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB16 - Closed Caveats
There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS
Release 12.4(24)MDB16.
Caveats for Cisco IOS Release 12.4(24)MDB15
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB15.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats, page 21
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats, page 22
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats, page 24
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats, page 25
CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB15:
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
21
Caveats for Cisco IOS Release 12.4(24)MDB15
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCuh79944— Backlog of IPC messages causes authentication failure in CSG2
Authentication failures occur during backlog IPC messages.
Workaround: Reload the Active CSG2.
•
CSCui11087—CSG2:MDB13 crashes due to bus error
In rare situations, the CSG2 might crash due to a bus error when the CSG2 buffer (queue) reaches
its maximum capacity to accept the packets, that arrive out of order.
Workaround: None.
•
CSCui11906—CSG2:MDB12 crashes while processing the acceleration delete request
The CSG2 might crash while processing delete requests for the accelerated session.
This problem occurs in rare situations, wherein the accelerated session might be freed prior to the
delete request.
Workaround: None.
•
CSCuh34277— Incorrect location handling and diameter AVP RAI encoding
The CSG does not encode diameter/Gx AVP RAI in UTF-8 format.
This problem occurs when the RADIUS AVP 3GPP-User-Location-Info(3GPP/22) is received on
the RADIUS interface.
Workaround: None.
CSG2 Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats
The following list identifies closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB15:
•
CSCue92492—The CSG2 might crash while enforcing QoS-rate limit parameters under a service
The CSG2 might crash when the debug diameter events command is issued and more than five
levels of grouped Attribute Value Pairs (AVPs) are received in a message.
For this problem to occur, all of the following conditions must be met:
– The debug diameter events command must be issued.
– The PCRF must push grouped AVPs that contain five or more levels of grouped AVPs.
•
CSCua87018—CSG: MDB8: Traceback @ reading 0x0
A traceback occurs when the csg start preload command is executed manually.
For this problem to occur, all of the following conditions must be met:
– Standby CSG blade should be manually reloaded.
– Preload from Active CSG blade is cleared (Standby CSG blade is still not up and running).
– Manually start CSG preload using the command csg start preload on the Active CSG blade
(Standby CSG blade is still not up and running, with NEGOTIATION as its status).
– Traceback is seen.
•
CSCuc54989—SAMI-CSGK9 reloaded with no ip csg iscsi profile command
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
22
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB15
The SAMI module reloads unexpectedly (crashes) when the no ip csg iscsi profile command is
executed.
•
CSCuf28300— IXP CSG2 accel flags were not set correctly by PPC, which allows OOO forwarding
During a HTTP download using chunked packets, some packets are forwarded by the network
processor out of order. Specifically, if the packets are followed immediately by a packet with a
HTTP chunk boundary.
For this problem to occur, all of the following conditions must be met:
– The CSG uses its network processor to accelerate HTTP traffic, which uses the transfer
encoding that is chunked.
– The content length is not specified.
– Network processor accelerates a given transfer encoding chunk (each packet that carries the
given chunk).
– The CSG programs the sequence number that is to end acceleration (decelerate) on the network
processor.
– The network processor receives packets that contain the given sequence number out of order.
•
CSCuf78470—CSG2:MDB13 Preload error generated even though MPCC preload is not configured
The CSG2 sends preload request to PCRF even though the mpcc preload command is not
configured, generating a preload error message.
This problem occurs when the CSG2 starts up after reload.
•
CSCug90143—The parse error drop command under content does not work efficiently
When the parse error drop command is configured, the CSG2 drops the session at the time of
response from the server.
The CSG2 does not drop the session when the parsing error is found in the client’s request message.
This problem occurs when the CSG is configured with parse error drop command under content.
•
CSCuh16847—Gx link is permanently shutdown on toggling Gx link multiple times
The Diameter connection is not established in CSG2 when the PCRF connection goes up and down
for around 30-35 flaps.
•
CSCuh34877—Messages queued in PCI from PPC does not respond correctly by the IXPs
High volume usage is reported in the CDR.
This problem occurs when there is a failure of the IXP to respond to messages from the PPC, which
leads to a high volume usage report.
•
CSCuh63321—CSG2 SAMI encap lookup failure
Accelerated packets of the downlink packets are not properly sent to the correct destination UE.
For this problem to occur, all of the following conditions must be met:
– The gateway must have the same address configured on multiple interfaces that belong to
different routing tables/VRFs. This gateway address is advertised as the downlink next hop to
the CSG2.
– The encap table on the CSG2 must have these entries in an incorrect order.
•
CSCuh85746—Incorrect service and policy mapping for HTTP traffic in the CSG2
There is incorrect service and policy mapping for HTTP traffic in the CSG2 when the HTTP packet
is received without any message-header for HTTP/1.0 or HTTP/1.1.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
23
Caveats for Cisco IOS Release 12.4(24)MDB15
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Open Caveats
The following list identifies open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB15:
•
CSCuc79604—124-24.MDB11_bad buffer handle
Crash files are generated and the following error is seen in the logs:
SAMI 13/3: 001107: Oct 4 05:18:16: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
The problem occurs while passing normal traffic through the CSG2.
Workaround: None
•
CSCud12488—CSG2 (SAMI) reloaded “Proc 7 - data path fail to Proc 1 (NP1)”
The Cisco SAMI might reload, generating the following:
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/5: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/6: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 24: SAMI 13/7: 000021: Nov 7
07:34:13: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check
`sami health-monitoring' configuration and see `show sami health-monitoring' for more
info
Workaround: None.
•
CSCue78945—HM failure due to rx_info getting zeroed
All six PPCs face HM failure with the following logs:
SAMI 13/3: 001896: Jan 12 11:30:44: PLATFORM-2-DP_IXP_HM_WARN Failed to
receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
The logs can be checked from the debuginfo files in crashinfo.tar.
Workaround: None.
•
CSCud83399—HM fails in all PPCs due to Kabob full condition
All six PPCs face HM failure with the following logs:
SAMI 12/3: 000306: Dec 16 11:50:17: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (that is in the next 256 milliseconds.)
The logs can be checked from the debuginfo files in crashinfo.tar.
Workaround: None.
•
CSCug89458—HM-Failure due to packet drop in RX ME
HM-Failure occurs due to packet drop in RX ME. This problem is noticed during normal operation.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
24
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB15
Workaround: None.
•
CSCug22200—MDB13: CSG2 reloaded due to SAMI health monitoring failure
The device reloads when IXP health monitoring failure occurs.
This problem occurs when the PPCs in daughter card 1 fails to receive health-monitoring packets
from IXP2.
Workaround: None.
•
CSCug59455—IXP breakpoint assertion due to invalid SRAM address in Config ME
SAMI reloaded by the IXP breakpoint assertion due to an invalid SRAM address in config ME.
SAMI 13/6: 000020: Apr 22 12:21:51: PLATFORM-2-DP_IXP_HM_WARN: Failed to receive
response from IXP2 in 16 retries, system will reboot if it continues to fail receiving response in
another 16 retries (i.e. in the next 256 milliseconds.)
SAMI 13/6: 000021: Apr 22 12:21:52: PLATFORM-1-DP_HM_FAIL: Failed to receive
response from IXP2.
For more information, the logs can be checked from the debuginfo files in crashinfo.tar.
Workaround: None.
•
CSCuh73226—SAMI Qnx kernel crash
SAMI gets reloaded with the message "IXP xscale core received”. In the LCP core directory, the file
ixp#.txt contains the qnx kernel core dump.
Workaround: None.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB15 - Closed Caveats
The following list identifies closed caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB15:
•
CSCue00667—CSG2 show sami ipcp ipc ixp response code counters are always zero
The show sami ipcp ipc ixp command contains some counters that always display as zero. The
counters are in the section ixp response code:
ixp response code:
no error = 0
unknown command = 0
no resource = 0
bad parameter = 0
already existed = 0
not found for deletion = 0
error in locking = 0
lock forced = 0
unknown error = 0
•
CSCtz81440—Output of the show sami ixp stats command output is incorrect
The output of the show sami ixp statistics command is incomplete and inaccurate. Not all MEs are
shown, and the counters for the MEs shown is incorrect.
•
CSCue54602—Qnx io-net process crash
The show tech command displays the message as “System returned to ROM by IXP xscale core
received”. A core file for the io-net process is collected in the LCP core directory.
This problem occurs when the io-net process, running on xscale (QNX 6.3) crashes.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
25
Caveats for Cisco IOS Release 12.4(24)MDB14
•
CSCue28485—GGSN_SAMI-CPU-HOG-SAMI SCSI PROCESS
High CPU might occur when CSG2/GGSN detects a reset in the iSCSI target.
This problem occurs when the CSG2/GGSN detects a reset in the iSCSI target. The CSG2/GGSN
disconnects itself from iSCSI target and destroys all the file system associated with the target, which
leads to a high CPU usage.
The CSG2/GGSN recovers from high CPU usage once the target comes up again.
•
CSCue20764—SRAM Parity Error Not Getting Detected By Xscale SysMgr
Health Monitoring failures are seen.
This problem occurs in some of the cases where the IXP is not able to detect the SRAM parity errors.
•
CSCud53155—Committing the Qnx binaries and libs with symbols
Syslogs show that xscale core is received, and the core of the crashing process is collected by the
LCP core directory.
This CDETS in not intended to fix any crashes, but to have debugging information present in the
cores to analyze the root causes of qnx process crashes in the further occurrences.
Caveats for Cisco IOS Release 12.4(24)MDB14
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB14.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats, page 26
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats, page 27
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats, page 27
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats, page 29
CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB14:
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCue92492—The CSG2 might crash while enforcing QoS-rate limit parameters under a service
The CSG2 might crash when the debug diameter events command is issued and more than five
levels of grouped Attribute Value Pairs (AVPs) are received in a message.
For this problem to occur, all of the following conditions must be met:
– The debug diameter events command must be issued.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
26
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB14
– The PCRF must push grouped AVPs that contain five or more levels of grouped AVPs.
Workaround: Do not enable debugging.
CSG2 Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB14:
•
CSCue42761—The CSG2 might not handle the pcrf timeout continue command properly for an
interim update
If the CSG2 receives from the gateway an Interim Accounting message with the Change of
Authorization (CoA) flag set as mandatory, and the PCRF does not respond to the CCR-U (the
CCR-U times out), then the CSG2 sends the CoA with the Auth-Failure (0x02) flag set and the
gateway deletes the PDP session.
•
CSCue67662—A charging ID overrun is not handled properly
When the charging ID is greater than 2^31, the CSG2 displays a negative session ID.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB14:
•
CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured
If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the
write memory command on the PPC 3 results in the following error:
% Error saving SNMP ifIndexes No space left on device
The Ifindex table file in NVRAM is also deleted.
For this problem to occur, all of the following conditions must be met:
– The SNMP ifIndex persistence feature must be configured.
– The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for
Cisco IOS Release 12.4(24)MDB7 or later).
– More than 600 interfaces must be configured.
Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex
persistence feature.
•
CSCuc79604—124-24.MDB11_bad buffer handle
Crash files are generated and the following error is seen in the logs:
SAMI 13/3: 001107: Oct 4 05:18:16: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
The problem occurs while passing normal traffic through the CSG2.
Workaround: None.
•
CSCud07740—CSG2 IXP threads hung in MAC lookup
The Cisco SAMI might reload, with all ME 6 threads hung during MAC lookup.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
27
Caveats for Cisco IOS Release 12.4(24)MDB14
SAMI 13/3: 001950: Nov 1 08:08:47: %PLATFORM-3-DP_IXP_THR_WARN: IXP:2
thread blocked. me:6 thr:7 num_consecutive_fail:3
SAMI 13/3: 001951: Nov 1 08:08:47: %PLATFORM-0-DP_IXP_MULT_THR_FAIL:
IXP:2 multiple:3 threads hung
Workaround: None.
•
CSCud12488—CSG2 (SAMI) reloaded “Proc 7 - data path fail to Proc 1 (NP1)”
The Cisco SAMI might reload, generating the following:
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/5: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/6: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 24: SAMI 13/7: 000021: Nov 7
07:34:13: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check
`sami health-monitoring' configuration and see `show sami health-monitoring' for more
info
Workaround: None.
•
CSCud59868—IXP config stats are incorrect
The output for the show sami ixp statistics command contains a section with the heading PCI:
The following statistics are not correctly tracked:
– Create flow V4
– Create flow V6
– Redundant create V4
– Redundant create V6
– Alloc fail V4
– Alloc fail V6
– Agg seq add
– Agg seq update
These statistics are used to track activity for accelerated flows in the network processor. Running
any traffic through the CSG2 that is eligible for flow acceleration might increment these counters.
Workaround: None.
•
CSCue00667—CSG2 show sami ipcp ipc ixp response code counters are always zero
The show sami ipcp ipc ixp command contains some counters that always display as zero. The
counters are in the section ixp response code:
ixp response code:
no error = 0
unknown command = 0
no resource = 0
bad parameter = 0
already existed = 0
not found for deletion = 0
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
28
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB14
error in locking = 0
lock forced = 0
unknown error = 0
Workaround: None.
•
CSCue45063—Qnx: Process setClock_g_ns crashed
A Qnx Xscale crash might occur with the core for the process qnx_2_setClock_g_ns.
Workaround: None.
•
CSCue54602—Qnx io-net process crash
The output for the show tech command displays the following reload reason:
System returned to ROM by IXP xscale core received...
There is a core file for the io-net process collected in the LCP core directory.
Workaround: None.
•
CSCue78945—HM failure due to rx_info getting zeroed
All six PPCs face HM failure with the following logs:
SAMI 13/3: 001896: Jan 12 11:30:44: PLATFORM-2-DP_IXP_HM_WARN Failed to
receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
The logs can be checked from the debuginfo files in Crashinfo.tar.
Workaround: None.
•
CSCud83399—HM failed in all PPCs in due to Kabob full condition
All six PPCs face HM failure with the following logs:
SAMI 12/3: 000306: Dec 16 11:50:17: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
The logs can be checked from the debuginfo files in Crashinfo.tar.
Workaround: None.
•
CSCue82743—Qnx xscale kernel crash pointing to the process me_dump_g_ns
A Qnx Xscale kernel crash might occur with process me_dump_g_ns noted at the time of crash.
Workaround: None.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB14 - Closed Caveats
The following list identifies the Closed caveats in the Cisco SAMI software that impact the CSG2
software for Cisco IOS Release 12.4(24)MDB14:
•
CSCue20323—Uplink traffic might be dropped at the IXP Queue Manager
When Queue Manager drops in IXP occur, uplink traffic from the UE is not able to reach the internet,
because the PGW does not forward the same data.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
29
Caveats for Cisco IOS Release 12.4(24)MDB13
Caveats for Cisco IOS Release 12.4(24)MDB13
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB13.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats, page 30
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats, page 30
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats, page 31
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats, page 33
•
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 34
CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB13:
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
CSG2 Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB13:
•
CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table
If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and
the standby CSG2’s Gx ASID table is updated two or three times via RADIUS attributes, then the
standby CSG2’s Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User
Table output.
This issue is seen only when creating an EPS bearer.
•
CSCub23935—The CSG2 reloads during bulksync with standby
Active and Standby CSG2s undergo rf-induced reloads attempting to bulk sync.
This problem can occur as a result of a configuration change for ip csg replicate during a bulk sync.
•
CSCub89537—The CSG2 might crash in function show_mpcc_session_all due to CPU HOG
The CSG2 CP might crash in function show_mpcc_session_all due to CPU HOG.
•
CSCub89563—The CSG2 crashed during automation run while performing preload
The CSG2 might crash during preload activity. The crash occurs randomly during startup, during
preload, on a clean node, after the initial setup of the CSG2 (that is, after the configuration of the
RADIUS, BMA, and quota server interfaces).
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
30
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB13
•
CSCuc68151—The CSG2 drops random HTTP GETs when header insertion is enabled
The CSG2 might drop random HTTP GET packets when the header insertion feature is enabled in
the matching content or policy.
•
CSCuc95740—The CSG2 might crash while processing a DNS packet
The CSG2 PPC CPU might crash while handling DNS packets.
•
CSCud51998—SCI deceleration flag is set due to this SCR drop for accelerated traffic
An SCR drop might occur on the CSG2, eventually leading to high volume usage reporting for a few
users.
For this problem to occur, all of the following conditions must be met:
– Acceleration must be enabled for the session, and the packet must be accelerated.
– The PCRF must send the Gx_usage reporting (volume threshold) to the CSG2, and the CSG2
must send the deceleration request to the IXP.
– The GW must send the accounting interm before the first deceleration request is complete.
•
CSCue00591—The CSG2 allows acceleration over a single interface
CPU utilization is very high at the CSG2.
For this problem to occur, all of the following conditions must be met:
– Acceleration must be enabled for the session, and the packet must be accelerated.
– Both ingress and egress encaps must be equal for a session flow acceleration request.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB13:
•
CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured
If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the
write memory command on the PPC 3 results in the following error:
% Error saving SNMP ifIndexes No space left on device
The Ifindex table file in NVRAM is also deleted.
For this problem to occur, all of the following conditions must be met:
– The SNMP ifIndex persistence feature must be configured.
– The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for
Cisco IOS Release 12.4(24)MDB7 or later).
– More than 600 interfaces must be configured.
Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex
persistence feature.
•
CSCuc79604—124-24.MDB11_bad buffer handle
Crash files are generated and the following error is seen in the logs:
SAMI 13/3: 001107: Oct 4 05:18:16: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP2 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
31
Caveats for Cisco IOS Release 12.4(24)MDB13
The problem occurs while passing normal traffic through the CSG2.
Workaround: None.
•
CSCud07740—CSG2 IXP threads hung in MAC lookup
The Cisco SAMI might reload, with all ME 6 threads hung during MAC lookup.
SAMI 13/3: 001950: Nov 1 08:08:47: %PLATFORM-3-DP_IXP_THR_WARN: IXP:2
thread blocked. me:6 thr:7 num_consecutive_fail:3
SAMI 13/3: 001951: Nov 1 08:08:47: %PLATFORM-0-DP_IXP_MULT_THR_FAIL:
IXP:2 multiple:3 threads hung
Workaround: None.
•
CSCud12488—CSG2 (SAMI) reloaded “Proc 7 - data path fail to Proc 1 (NP1)”
The Cisco SAMI might reload, generating the following:
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/5: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 23: SAMI 13/6: 000020: Nov 7
07:34:13: %PLATFORM-2-DP_IXP_HM_WARN: Failed to receive response from IXP1
in 16 retries, system will reboot if it continues to fail receiving response in another 16
retries (i.e. in the next 256 milliseconds.)
Nov 7 07:34:17 CNCRCACZ94R05 24: SAMI 13/7: 000021: Nov 7
07:34:13: %PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check
`sami health-monitoring' configuration and see `show sami health-monitoring' for more
info
Workaround: None.
•
CSCud59868—IXP config stats are incorrect
The output for the show sami ixp statistics command contains a section with the heading PCI:
The following statistics are not correctly tracked:
– Create flow V4
– Create flow V6
– Redundant create V4
– Redundant create V6
– Alloc fail V4
– Alloc fail V6
– Agg seq add
– Agg seq update
These statistics are used to track activity for accelerated flows in the network processor. Running
any traffic through the CSG2 that is eligible for flow acceleration might increment these counters.
Workaround: None.
•
CSCue00667—CSG2 show sami ipcp ipc ixp response code counters are always zero
The show sami ipcp ipc ixp command contains some counters that always display as zero. The
counters are in the section ixp response code:
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
32
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB13
ixp response code:
no error = 0
unknown command = 0
no resource = 0
bad parameter = 0
already existed = 0
not found for deletion = 0
error in locking = 0
lock forced = 0
unknown error = 0
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB13 - Closed Caveats
The following list identifies the Closed caveats in the Cisco SAMI software that impact the CSG2
software for Cisco IOS Release 12.4(24)MDB13:
•
CSCsy00532—Continual sysmgr crashes with incomplete cores and no reboot
Due to an error in the coring process, file permissions on the core files are not set properly.
Therefore, it is not possible to copy the cores from the core: directory using the copy command.
Access to the debug shell is required to recover the cores.
•
CSCtw60993—QNX: process “io-net” crashed.
The Cisco SAMI might reload with the following syslog error message:
%SAMI-2-SAMI_SYSLOG_CRIT: SAMI 1/0: %SAMI-2-443001: System experienced
fatal failure.Service name:System Manager (core-server)(30380) has terminated on
receiving signal 11,reloading system
As part of crash info, core file qnx_1_io-net_114693_core is generated. 114693 is the process-id for
io-net, which might vary from case to case.
•
CSCub22727—The show sami ixp session command might result in a traceback
If acceleration is enabled, and the show sami ixp session command is issued, the following
traceback might occur:
SAMI 5/3: Jul 24 17:18:13.686 EDT: %SAMI-4-WARNING: Unexpected condition:
response too long for buffer
-Process= “Virtual Exec”, ipl= 0, pid= 115, -Traceback= 0x5657B70z 0x5659EA4z
0x565A3BCz 0x55AD884z 0x55ADAD4z 0x55AF0E0z 0x5656C5Cz 0x5B0D6ACz
0x5B343CCz 0x68C3C2Cz 0x68C73B4z
•
CSCub45666—Per PPC HM counters at configuration ME to improve debugging of HM failures
The following message is seen:
SAMI 2/5: 000032: Jul 13 20:43:42: %PLATFORM-2-DP_IXP_HM_WARN: Failed to
receive response from IXP1 in 16 retries, system will reboot if it continues to fail receiving
response in another 16 retries (i.e. in the next 256 milliseconds.)
SAMI 2/5: 000033: Jul 13 20:43:43: %PLATFORM-1-DP_HM_FAIL: Failed to receive
response from IXP1. Check `sami health-monitoring' configuration and see `show sami
health-monitoring' for more info
and the show sami health monitoring command has 32 consecutive misses, which triggers the
reload of the Cisco SAMI.
------------------ show sami health-monitoring -----------------IXP1: FAILED
32/0 Missed/Rcvd consecutive responses
50/14314449 Missed/Rcvd cumulative responses
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
33
Caveats for Cisco IOS Release 12.4(24)MDB13
0 Failed to send
IXP2: ACTIVE
0/14314453 Missed/Rcvd consecutive responses
0/14314453 Missed/Rcvd cumulative responses
0 Failed to send
•
CSCuc65113—LCP Sysmgr Crash Due To Proc Mem Info Corruption
Core Dump File includes Proc Mem Info Details. LCP Sysmgr crashes due to Prco Memory Info
Corruption
•
CSCud26107—Sysmgr crash at sysmgr_stats_disable
The Cisco SAMI might crash with log Sysmgr(943) has terminated on receiving signal
11,reloading system. Sysmgr crash at sysmgr_stats_disable with specific configuration.
•
CSCud47702—QNX sysmgr_g_ns process crash
The LCP logs produce the following logs:
%SAMI-3-730205: SAMI User Space: ERROR: IXP xscale core rcvd. 1 collect crashinfo
The ixp1_crash.txt has this entry:
IXP CAUSE = NP Watchdog Reset
The 20121121-201846_crashinfo_collection-20121117-103238.tar contains
qnx_1_sysmgr_g_ns_126985_core.
•
CSCud52370—The CSG2 might reload due to IXP multiple threads hung
The CSG2 might reload unexpectedly when IXP health monitoring detects several hung threads in
MEs 4 through 10.
For this problem to occur, all of the following conditions must be met:
– The flows must be accelerated by the IXP.
– The flows must participate in some form of aggregate accounting, such as service-level CDRs,
prepaid, or Gx user volume threshold.
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats
The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release
12.4(24)MDB13:
•
CSCtl99174
Cisco IOS Software contains a memory leak vulnerability that could be triggered through the
processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this
vulnerability could cause an interruption of services. Only devices that are configured for SIP
inspection are affected by this vulnerability.
Cisco has released free software updates that address this vulnerability. There are no workarounds
for devices that must run SIP inspection.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce
•
CSCtz35999
The Cisco IOS Software Protocol Translation (PT) feature contains a vulnerability that could allow
an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
Cisco has released free software updates that address this vulnerability.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
34
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB12
Workarounds that mitigate this vulnerability are available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-pt
Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes
seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each
Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the
vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases
that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.
Individual publication links are in “Cisco Event Response: Semiannual Cisco IOS Software Security
Advisory Bundled Publication” at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html
Caveats for Cisco IOS Release 12.4(24)MDB12
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB12.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats, page 35
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats, page 36
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats, page 36
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats, page 37
CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB12:
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table
If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and
the standby CSG2’s Gx ASID table is updated two or three times via RADIUS attributes, then the
standby CSG2’s Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User
Table output.
This issue is seen only when creating an EPS bearer.
Workaround: None.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
35
Caveats for Cisco IOS Release 12.4(24)MDB12
CSG2 Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB12:
•
CSCub27714—User sessions stuck in CSG2 cause delayed Service Stop to go in sticky User Table
The CSG2 might send a Service Stop message to the quota server that was not associated with the
user. This can occur even if Quota Server Reassignment is disabled.
For this problem to occur, all of the following conditions must be met:
– A prepaid user must exist in the system.
– The quota must expire and 0 quota must be received in the Service Reauth Response.
– The reauthorization delay must be around 1200 seconds.
– The CSG2 must block the traffic and clear some of the sessions.
– The CSG2 must receive a RADIUS Accounting Stop message for the user (user logout) before
the content idle timer expires.
– A few established sessions must get stuck in the CSG2 and not cleared after the RADIUS
Accounting Stop message.
– The CSG2 must send out the Service Stop after the sessions are cleared by the content idle timer.
This results in the creation of a sticky user while sending the Service Stop, as the affinity is already
cleared. While creating the sticky user, the CSG2 might assign a different quota server and forward
the service stop to that quota server.
•
CSCub72278—Accelerated sessions fail to decelerate
Under heavy load conditions, frequent handling of ACCEL sync messages from the IXP could lead
to some CSG2 accelerated sessions hanging in CSG_DECEL_PENDING state. If that occurs, it
could tie up packets buffers that are queued to the accelerated sessions, which in turn could lead to
I/O buffer depletion.
•
CSCuc01113—The CSG2 is not enforcing Block over RAR for accelerated traffic
The CSG2 is not enforcing Block for service group cisco_flow_status when user traffic that matches
the service group is accelerated.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB12:
•
CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured
If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the
write memory command on the PPC 3 results in the following error:
% Error saving SNMP ifIndexes No space left on device
The Ifindex table file in NVRAM is also deleted.
For this problem to occur, all of the following conditions must be met:
– The SNMP ifIndex persistence feature must be configured.
– The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for
Cisco IOS Release 12.4(24)MDB7 or later).
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
36
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB12
– More than 600 interfaces must be configured.
Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex
persistence feature.
•
CSCub22727—The show sami ixp session command might result in a traceback
If acceleration is enabled, and the show sami ixp session command is issued, the following
traceback might occur:
SAMI 5/3: Jul 24 17:18:13.686 EDT: %SAMI-4-WARNING: Unexpected condition:
response too long for buffer
-Process= “Virtual Exec”, ipl= 0, pid= 115, -Traceback= 0x5657B70z 0x5659EA4z
0x565A3BCz 0x55AD884z 0x55ADAD4z 0x55AF0E0z 0x5656C5Cz 0x5B0D6ACz
0x5B343CCz 0x68C3C2Cz 0x68C73B4z
Workaround: None.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB12 - Closed Caveats
The following list identifies the Closed caveats in the Cisco SAMI software that impact the CSG2
software for Cisco IOS Release 12.4(24)MDB12:
•
CSCtk98031—Target name not included in iSCSI login message
The iSCSI login might fail.
The SAMI debug reports:
iSCSI ERROR: login error status class 2, status details 7
The server log reports:
Initiator did not specify target name in LOGIN request
•
CSCty65255—Two commands to show SAMI temp sensors display two different values
The commands show sami temperature and show environment temperature display different
temperature values for all columns except Base board sensor 0 & 1.
•
CSCua69750 —LCP process core and IXP coredump bundling into crashinfo tar ball
The ixp_csr_dump process in processor 0 crashes while collecting the IXP coredump. The
crashinfo_collection-xxxxxxxx-xxxxxx.tar file does not contain coredump_proc1 or
coredump_proc2, which are coredumps of IXPs, even though these coredump are present in
processor 0 core: directory outside the crashinfo_collection file.
Also, if an LCP process has crashed, there is also be a core.xxx file in processor 0 core: directory
which is also not part of the crashinfo_collection tar ball.
•
CSCuc34571—CSG2 PCEF reload due to IXP failure on platform
The device might reload unexpectedly when IXP health monitoring detects several hung threads in
MEs 4 through 10.
For this problem to occur, all of the following conditions must be met:
– Flows must be accelerated by the IXP.
– Flows must participate in some form of aggregate accounting (for example, service level CDRs,
prepaid, Gx user volume threshold).
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
37
Caveats for Cisco IOS Release 12.4(24)MDB11
Caveats for Cisco IOS Release 12.4(24)MDB11
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB11.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats, page 38
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats, page 39
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats, page 40
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats, page 40
CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB11:
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table
If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and
the standby CSG2’s Gx ASID table is updated two or three times via RADIUS attributes, then the
standby CSG2’s Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User
Table output.
This issue is seen only when creating an EPS bearer.
Workaround: None.
•
CSCub27714—User sessions stuck in CSG2 cause delayed Service Stop to go in sticky User Table
The CSG2 might send a Service Stop message to the quota server that was not associated with the
user. This can occur even if Quota Server Reassignment is disabled.
For this problem to occur, all of the following conditions must be met:
– A prepaid user must exist in the system.
– The quota must expire and 0 quota must be received in the Service Reauth Response.
– The reauthorization delay must be around 1200 seconds.
– The CSG2 must block the traffic and clear some of the sessions.
– The CSG2 must receive a RADIUS Accounting Stop message for the user (user logout) before
the content idle timer expires.
– A few established sessions must get stuck in the CSG2 and not cleared after the RADIUS
Accounting Stop message.
– The CSG2 must send out the Service Stop after the sessions are cleared by the content idle timer.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
38
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB11
This results in the creation of a sticky user while sending the Service Stop, as the affinity is already
cleared. While creating the sticky user, the CSG2 might assign a different quota server and forward
the service stop to that quota server.
Workaround: None.
•
CSCub89537—CSG2 crash in function show_mpcc_session_all due to CPU HOG
The CSG2 might crash in function show_mpcc_session_all as a result of CPU HOG.
Workaround: None.
•
CSCub91436—CSG-4-LOAD_MGMT: Session Create transaction discarded due to high load
Noticed load management syslog with “session creations” getting discarded, memory allocation
failures, and tracebacks.
For this problem to occur, all of the following conditions must be met:
– 220,000 or more users must be created.
– Using IXIA, ICMP traffic must be started for 150K users, with no acceleration enabled.
Workaround: None.
CSG2 Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB11:
•
CSCua22892—Interval seconds is not updating for first few iterations
The first PCDR closed for a 4G session might not report the correct time usage, based on the usage
information sent by the CSG2 to the PGW.
The issue is observed only for the first PCDR closed for a 4G session. Subsequent closed PCDRs
include the correct time usage.
•
CSCub54950—CSG2 reports SCU with 0 cause, corr.id
Syslogs might be seen on the PGW with reason “unexpected CSG usage report cause.”
This problem can occur when there are multiple usage (CDR) requests received from the PGW when
the CSG2 is waiting for DECEL to complete. This causes the CSG2 to omit the correlator ID in the
usage sent to the PGW.
•
CSCub65777—R6 CSG2 needs to send duplicate ACKs on dropped out-of-order packets as well
Flows through the CSG2 that experience dropped packets take a long time to recover. Packets that
the CSG2 drops for lack of queue space do not cause the CSG2 to respond with a duplicate ACK.
For this problem to occur, all of the following conditions must be met:
– The CSG2 must be configured to respond with duplicate ACKs when queuing out-of-order
packets.
– The CSG2 must have a content configured for layer 7 inspection with parse protocol http.
– The CSG2 must create a flow object for an HTTP that matches the content.
– The HTTP request must use chunked transfer encoding with no content length, or it must
contain pipelined requests.
– Dropped packets near a chunked or transaction boundary must cause the CSG2 to queue what
it considers packets beyond the beginning of the next chunk or transaction.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
39
Caveats for Cisco IOS Release 12.4(24)MDB11
If these conditions occur, the queue used to hold out-of-order packets fills up and the CSG2 drops
packets.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB11:
•
CSCtk98031—Target name not included in iSCSI login message
The iSCSI login might fail.
The SAMI debug reports:
iSCSI ERROR: login error status class 2, status details 7
The server log reports:
Initiator did not specify target name in LOGIN request
Workaround: None.
•
CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured
If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the
write memory command on the PPC 3 results in the following error:
% Error saving SNMP ifIndexes No space left on device
The Ifindex table file in NVRAM is also deleted.
For this problem to occur, all of the following conditions must be met:
– The SNMP ifIndex persistence feature must be configured.
– The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for
Cisco IOS Release 12.4(24)MDB7 or later).
– More than 600 interfaces must be configured.
Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex
persistence feature.
•
CSCub22727—The show sami ixp session command might result in a traceback
If acceleration is enabled, and the show sami ixp session command is issued, the following
traceback might occur:
SAMI 5/3: Jul 24 17:18:13.686 EDT: %SAMI-4-WARNING: Unexpected condition:
response too long for buffer
-Process= “Virtual Exec”, ipl= 0, pid= 115, -Traceback= 0x5657B70z 0x5659EA4z
0x565A3BCz 0x55AD884z 0x55ADAD4z 0x55AF0E0z 0x5656C5Cz 0x5B0D6ACz
0x5B343CCz 0x68C3C2Cz 0x68C73B4z
Workaround: None.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB11 - Closed Caveats
The following list identifies the Closed caveats in the Cisco SAMI software that impact the CSG2
software for Cisco IOS Release 12.4(24)MDB11:
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
40
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB10
•
CSCtu68726—%RF_INTERDEV-3-RELOAD: -Process= “HSRP Common” during supervisor
engine hardware module reset
When the supervisor engine sends a hardware module reset for one of a pair of redundant
Cisco SAMIs, the following message might be seen:
%RF_INTERDEV-3-RELOAD: -Process= “HSRP Common”
Caveats for Cisco IOS Release 12.4(24)MDB10
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB10.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats, page 41
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats, page 42
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats, page 42
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats, page 43
•
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 43
CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB10:
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table
If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and
the standby CSG2’s Gx ASID table is updated two or three times via RADIUS attributes, then the
standby CSG2’s Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User
Table output.
This issue is seen only when creating an EPS bearer.
Workaround: None.
•
CSCua22892—Interval seconds is not updating for first few iterations
The first PCDR closed for a 4G session might not report the correct time usage, based on the usage
information sent by the CSG2 to the PGW.
The issue is observed only for the first PCDR closed for a 4G session. Subsequent closed PCDRs
include the correct time usage.
Workaround: None.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
41
Caveats for Cisco IOS Release 12.4(24)MDB10
CSG2 Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB10:
•
CSCub16776—IXP: No Buffer packet drops in IXP engine
On the CSG2 IXP processor, available buffers can become temporarily depleted, causing packet
drops. This shows up in the output for the show sami ixp statistics command. In the output, both
the Missing SOP (Start of Packet) and Drops - No Buffer fields are incremented whenever there
are packet drops.
This problem can occur when contents are configured for acceleration and are inservice, and flows
matching these contents are accelerated.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB10:
•
CSCtk98031—Target name not included in iSCSI login message
The iSCSI login might fail.
The SAMI debug reports:
iSCSI ERROR: login error status class 2, status details 7
The server log reports:
Initiator did not specify target name in LOGIN request
Workaround: None.
•
CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured
If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the
write memory command on the PPC 3 results in the following error:
% Error saving SNMP ifIndexes No space left on device
The Ifindex table file in NVRAM is also deleted.
For this problem to occur, all of the following conditions must be met:
– The SNMP ifIndex persistence feature must be configured.
– The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for
Cisco IOS Release 12.4(24)MDB7 or later).
– More than 600 interfaces must be configured.
Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex
persistence feature.
•
CSCub22727—The show sami ixp session command might result in a traceback
If acceleration is enabled, and the show sami ixp session command is issued, the following
traceback might occur:
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
42
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB9
SAMI 5/3: Jul 24 17:18:13.686 EDT: %SAMI-4-WARNING: Unexpected condition:
response too long for buffer
-Process= “Virtual Exec”, ipl= 0, pid= 115, -Traceback= 0x5657B70z 0x5659EA4z
0x565A3BCz 0x55AD884z 0x55ADAD4z 0x55AF0E0z 0x5656C5Cz 0x5B0D6ACz
0x5B343CCz 0x68C3C2Cz 0x68C73B4z
Workaround: None.
•
CSCub24207—SAMI might crash during a traffic pattern integration test
The Cisco SAMI might reboot unexpectedly during a traffic pattern integration test.
Workaround: None.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB10 - Closed Caveats
There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS
Release 12.4(24)MDB10.
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats
The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release
12.4(24)MDB10:
•
CSCtn76183
The Cisco IOS Software Network Address Translation (NAT) feature contains two denial of service
(DoS) vulnerabilities in the translation of IP packets.
The vulnerabilities are caused when packets in transit on the vulnerable device require translation.
Cisco has released free software updates that address these vulnerabilities. This advisory is available
at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-nat
Caveats for Cisco IOS Release 12.4(24)MDB9
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB9.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats, page 44
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats, page 44
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats, page 45
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats, page 45
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
43
Caveats for Cisco IOS Release 12.4(24)MDB9
CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB9:
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table
If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and
the standby CSG2’s Gx ASID table is updated two or three times via RADIUS attributes, then the
standby CSG2’s Gx ASID Table RADIUS attributes are updated two or three times in the CSG2
User Table output.
This issue is seen only when creating an EPS bearer.
Workaround: None.
•
CSCua22892—Interval seconds is not updating for first few iterations
The first PCDR closed for a 4G session might not report the correct time usage, based on the usage
information sent by the CSG2 to the PGW.
The issue is observed only for the first PCDR closed for a 4G session. Subsequent closed PCDRs
include the correct time usage.
Workaround: None.
CSG2 Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB9:
•
CSCua14094—The CSG2 does not send a CCR-U for the service-group-report-usage-event-trigger
for accelerated traffic
The CSG2 does not send a CCR-U for the service-group-report-usage-event-trigger for accelerated
traffic.
For this problem to occur, all of the following conditions must be met:
– A UE must be created with a service group with a service-group-report-usage-event-trigger
(such as a PLMN change).
– The UE's traffic that hits this service group must be accelerated.
– The gateway must send an interim-update with a corresponding RADIUS VSA (such as a
PLMN) value getting changed.
– The CSG2 must not send a CCR-U when it receives the interim-update.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
44
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB9
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB9:
•
CSCtk98031—Target name not included in iSCSI login message
The iSCSI login might fail.
The SAMI debug reports:
iSCSI ERROR: login error status class 2, status details 7
The server log reports:
Initiator did not specify target name in LOGIN request
Workaround: None.
•
CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured
If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the
write memory command on the PPC 3 results in the following error:
% Error saving SNMP ifIndexes No space left on device
The Ifindex table file in NVRAM is also deleted.
For this problem to occur, all of the following conditions must be met:
– The SNMP ifIndex persistence feature must be configured.
– The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for
Cisco IOS Release 12.4(24)MDB7 or later).
– More than 600 interfaces must be configured.
Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex
persistence feature.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB9 - Closed Caveats
The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB9:
•
CSCtz07383—The SAMI card reloads due to unexpected termination of XScale qconn process
An unexpected termination of the qconn process on the IXP XScale processor can cause a
Cisco SAMI card reload. After the reload, output from the show version command on the SAMI
PPCs shows the following:
System returned to ROM by NP 1 Failed: NP Core Reset - Cause Unknown at timestamp
•
CSCua01873—R6 MDB5a: The CSG2 reloads with an IXP Health monitoring failure
The CSG2 reloads with the following message:
002940: SAMI 11/5: 000044: May 19 21:03:23: %PLATFORM-2-DP_IXP_HM_WARN:
Failed to receive response from IXP2 in 16 retries, system will reboot if it
continues to fail receiving response in another 16 retries (i.e. in the next 256 milliseconds.)
System returned to ROM by Proc 6 - Proc 6 - data path fail to Proc 2 (NP2) at 12:34:28
PST Mon Mar 19 2012
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
45
Caveats for Cisco IOS Release 12.4(24)MDB8
Caveats for Cisco IOS Release 12.4(24)MDB8
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB8.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats, page 46
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats, page 46
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats, page 47
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats, page 47
CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB8:
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table
If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and
the standby CSG2’s Gx ASID table is updated two or three times via RADIUS attributes, then the
standby CSG2’s Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User
Table output.
This issue is seen only when creating an EPS bearer.
Workaround: None.
CSG2 Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB8:
•
CSCty63686—The CSG2 times out the IPv6 fragmented packet when offset=0 and more frag=0
When a TCP (SYN-ACK) arrives from the server, the intermediate node (firewall) adds
“fragmentation header” in the IPv6 packet and forwards the packet having offset=0 and
more frag=0 to the CSG2. The CSG2 drops the packet while waiting for additional fragments even
though this is the one and only packet applicable for this fragment ID.
•
CSCtz27702—RAR message sent with QoS value 0
The PGW might reject CoA messages sent from the CSG2 if they contain changes in the QoS values
for the default bearer. This problem can occur after the PCRF sends a RAR request to the CSG2 to
change the UE APN-AMBR QoS value.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
46
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB8
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB8:
•
CSCtk98031—Target name not included in iSCSI login message
The iSCSI login might fail.
The SAMI debug reports:
iSCSI ERROR: login error status class 2, status details 7
The server log reports:
Initiator did not specify target name in LOGIN request
Workaround: None.
•
CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured
If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the
write memory command on the PPC 3 results in the following error:
% Error saving SNMP ifIndexes No space left on device
The Ifindex table file in NVRAM is also deleted.
For this problem to occur, all of the following conditions must be met:
– The SNMP ifIndex persistence feature must be configured.
– The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for
Cisco IOS Release 12.4(24)MDB7 or later).
– More than 600 interfaces must be configured.
Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex
persistence feature.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB8 - Closed Caveats
The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB8:
•
CSCtw60222—Debugging information should be collected during HW Watchdog Timer expiration
The following hardware failure notice is seen on the LCP side:
%SAMI-3-730205: SAMI User Space: ERROR: Proc-3 hw watchdog timeout event received
%SAMI-3-730205: SAMI User Space: ERROR: lcp handle ppc crash notice for proc 3
%SAMI-5-730203: SAMI User Space: Notice: Reload reason: Proc 3 - hw watchdog failure
No specific conditions appear to trigger the failure notice; however, any process that has disabled
interrupts for more than 3 seconds appears to trigger the failure notice.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
47
Caveats for Cisco IOS Release 12.4(24)MDB7
Caveats for Cisco IOS Release 12.4(24)MDB7
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB7.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats, page 48
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats, page 48
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats, page 50
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats, page 50
CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB7:
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
•
CSCty47919—Standby CSG2 RADIUS attributes added twice to Gx ASID Table
If the active CSG2 is running CSG2 software for Cisco IOS Release 12.4(24)MDB5a or later, and
the standby CSG2’s Gx ASID table is updated two or three times via RADIUS attributes, then the
standby CSG2’s Gx ASID Table RADIUS attributes are updated two or three times in the CSG2 User
Table output.
This issue is seen only when creating an EPS bearer.
Workaround: None.
•
CSCty63686—The CSG2 times out the IPv6 fragmented packet when offset=0 and more frag=0
When a TCP (SYN-ACK) arrives from the server, the intermediate node (firewall) adds
“fragmentation header” in the IPv6 packet and forwards the packet having offset=0 and
more frag=0 to the CSG2. The CSG2 drops the packet while waiting for additional fragments even
though this is the one and only packet applicable for this fragment ID.
Workaround: None.
CSG2 Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB7:
•
CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU
The CSG2 truncates VRF table names that are longer than 32 characters.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
48
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB7
•
CSCtx99828—CSG:CISCO-PROCESS-MIB cpmCPUTotalPhysicalIndex uses bad
entPhysicalIndex
The CPU description is displayed incorrectly in the CISCO-PROCESS-MIB NMS report.
The cpmCPUTotalPhysicalIndex value in the CISCO-PROCESS-MIB might not match the CPU's
Entity-MIB entPhysicalIndex value. The cpmCPUTotalPhysicalIndex contains values 0,2-6, but
it should contain values 2-7 (where entPhysicalTable contains one row for the Cisco SAMI module,
followed by six rows for the SAMI PPC processors).
•
CSCty01884—CSG2: One CPU statistic is missing from CISCO-ENHANCED-MEMPOOL-MIB
The CISCO-ENHANCED-MEMPOOL-MIB reports statistics for five processors instead of the full
complement of six.
The following CISCO-ENHANCED-MEMPOOL-MIB tables cempMemPoolTable,
cempMemBufferPoolTable, and cempMemBufferCachePoolTable are indexed by CPU
(entPhysicalIndex) and by a table-specific index. The entPhysicalIndex contains values 2-6, but it
should contain values 2-7 (where entPhysicalTable contains one row for the Cisco SAMI module,
followed by six rows for the SAMI PPC processors).
•
CSCty49215—Aggregate bucket distribution counters (highwater) needs zero on alloc
In a show tech display, counters for aggregate flow count distribution buckets are incorrect.
When flows that participate in aggregate accounting are accelerated, they are attached to an
aggregate object for tracking purposes. These distribution buckets indicate a highwater mark for the
number of concurrent accelerated flows on each aggregate object. When the flows are complete, they
are removed from the aggregate object and the aggregate object can then be reused for tracking
future flows. The highwater count is not cleared when the aggregate object is reused. This can skew
the distribution counters to the high end.
Sample output:
Aggregate distributions:
Accelerated flows [1,4] = 3
Accelerated flows [5,8] = 0
Accelerated flows [9,12] = 0
Accelerated flows [13,16] = 0
Accelerated flows [17,20] = 0
Accelerated flows [21,24] = 0
Accelerated flows [25,28] = 1
Accelerated flows [29,32] = 170
Flows that participate in aggregate accounting are accelerated. Examples of aggregate accounting
include prepaid, service volume threshold, user volume threshold.
•
CSCty49899—Standby CSG2 sends Create Session Request to PCRF after reload
When a user is deleted on the active CSG2, the standby CSG2 also sends a CCR-F. That causes the
“pcrf failure” counter to increment, as the Diameter connection is not established on the standby
CSG2.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
49
Caveats for Cisco IOS Release 12.4(24)MDB7
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB7:
•
CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured
If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the
write memory command on the PPC 3 results in the following error:
% Error saving SNMP ifIndexes No space left on device
The Ifindex table file in NVRAM is also deleted.
For this problem to occur, all of the following conditions must be met:
– The SNMP ifIndex persistence feature must be configured.
– The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for
Cisco IOS Release 12.4(24)MDB7 or later).
– More than 600 interfaces must be configured.
Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex
persistence feature.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB7 - Closed Caveats
The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB7:
•
CSCtq39561—HSRP/RF running while writing debuginfo causes delayed switchover
A delayed switchover can occur in an active-standby pair of Cisco SAMIs. That is, when the active
SAMI goes down, the standby SAMI might not become active for several minutes.
•
CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP’s interfaces
An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP’s interfaces. The
TP interfaces and statistics are not shown.
•
CSCtt45681—Active reset when standby is upgraded with less-than-default HSRP timer
When the Cisco SAMI HSRP timer values are configured to less than their default values, and the
standby SAMI has a higher IP/priority configured, the active SAMI card might reset when the
standby SAMI is upgraded.
•
CSCtu50827—The Cisco SAMI reloads due to PPC-LCP HM failure after crash
The Cisco SAMI reloads due to an LCP-to-PPC health monitoring failure. This reload occurs only
when a flash operation occurs at the same time a software issue causes a crash.
•
CSCtu73030—Sup-LCP Keepalive failure
The Cisco SAMI reboots with following logs displaying at the supervisor console:
Card in module slot_num, is being power-cycled off (Module not responding to Keep Alive
polling)
After the reload, the dir core: in LCP does not contain any logs that indicate the reason for the reload.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
50
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB6
•
CSCtx29111—PPC: PC & Stacks are not stored when Machine Check Exception is generated
After a reload, the show version command output displays the reload reason as “System returned to
ROM by error - Bus Error, PC 0x0.” This condition occurs when a PPC encounters a machine check
exception due to a PC bus error.
•
CSCtx88394—Crashinfo/debuginfo does not get stored in flash
When a crash (RF-Induced reload/HM-failure) occurs, the “Crashinfo_proc/debuginfo_proc” is
missing in the crashinfo_collection.tar file.
•
CSCty03443—IXP: Validate buffer handles at each stage (microblock) in IXP datapath
The Cisco SAMI reloads due to an IXP health monitoring failure. The following system log message
is seen on the PPC console:
%PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP1. Check ‘sami
health-monitoring’ configuration and see ‘show sami health-monitoring’ for more info
The null buffer handle is processed by data path processing in the IXP microengine. Each packet
processed has an associated buffer handle, A null buffer handle is invalid. When a null buffer handle
is processed by the IXP, it fails to respond to health monitoring messages from the PPCs.
•
CSCty22416—Machine Check Exception due to bus errors should generate crashinfo
A Machine Check Exception to any of the PowerPC processors might result in a reload of the
Cisco SAMI without creating a crashinfo file.
•
CSCty37602—IXP: Debug enhancements to address crashes due to null buffer handle
The Cisco SAMI reboots after an IXP crash. The IXP crashinfo indicates that a QM microblock
dequeued a null buffer handle. As a preventive measure, the system is reloaded.
Caveats for Cisco IOS Release 12.4(24)MDB6
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB6.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats, page 51
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats, page 53
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats, page 53
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats, page 54
CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB6:
•
CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU
The CSG2 truncates VRF table names that are longer than 32 characters.
Workaround: Configure VRF table names of 15 characters or less.
•
CSCtx99828—CSG:CISCO-PROCESS-MIB cpmCPUTotalPhysicalIndex uses bad
entPhysicalIndex
The CPU description is displayed incorrectly in the CISCO-PROCESS-MIB NMS report.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
51
Caveats for Cisco IOS Release 12.4(24)MDB6
The cpmCPUTotalPhysicalIndex value in the CISCO-PROCESS-MIB might not match the CPU's
Entity-MIB entPhysicalIndex value. The cpmCPUTotalPhysicalIndex contains values 0,2-6, but
it should contain values 2-7 (where entPhysicalTable contains one row for the Cisco SAMI module,
followed by six rows for the SAMI PPC processors).
Workaround: The CISCO-PROCESS-MIB cpmCPUTotalTable contains one row per PPC
processor, where each column in the row provides statistics pertaining to that PPC processor. In
addition to the table index cpmCPUTotalIndex, another column named
cpmCPUTotalPhysicalIndex is also provided (containing the entPhysicalIndex value) to allow the
NMS to correlate the processor row back to a managed entity (for example, to a row in the
Entity-MIB entPhysicalTable).
For some NMS functionality and reporting, this correlation might not be used, or it might be used
only to provide the entPhysicalDescr, which is a human-readable description of the processor entity
(for example, MCP8500 CPU 4 at 1250HMz). If the label is the only thing showing up incorrectly,
the following describes the mapping of 0,2-6 to 2-7 labels:
Observed entity description => map to actual entity description
Unknown => MPC8500 CPU 3 at 1250MHz
MPC8500 CPU 3 at 1250MHz => MPC8500 CPU 4 at 1250MHz
MPC8500 CPU 4 at 1250MHz => MPC8500 CPU 5 at 1250MHz
MPC8500 CPU 5 at 1250MHz => MPC8500 CPU 6 at 1250MHz
MPC8500 CPU 6 at 1250MHz => MPC8500 CPU 7 at 1250MHz
MPC8500 CPU 7 at 1250MHz => MPC8500 CPU 8 at 1250MHz
•
CSCty01884—CSG2: One set of CPU statistics is missing from the
CISCO-ENHANCED-MEMPOOL-MIB
The CISCO-ENHANCED-MEMPOOL-MIB might report statistics for only five processors instead
of six. The following CISCO-ENHANCED-MEMPOOL-MIB Tables are indexed by CPU
(entPhysicalIndex) and by a table-specific index:
– cempMemPoolTable
– cempMemBufferPoolTable
– cempMemBufferCachePoolTable
The entPhysicalIndex should contain values 2-7 (where entPhysicalTable contains one row for the
SAMI module followed by six rows for the SAMI PPC processors), but only values 2-6 are seen.
Workaround: None.
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
52
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB6
CSG2 Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB6:
•
CSCtt08817—RTSP protocol statistics report a 0 value
When control-url is configured for a content, the output for the show ip csg stats protocol
command displays 0 for the RTSP protocol.
•
CSCtu36282—Send a duplicate ACK response when queueing an out-of-order packet for parsing
TCP packets that arrive out of order at the CSG2 are not forwarded until the missing segments arrive.
Excess out-of-order packets are dropped, leading to long recovery times and low throughput.
When the CSG2 parses a transaction, it queues out-of-order packets. The queue depth is limited.
When the network drops a packet, the TCP window size allows the sender to overrun the CSG2's
out-of-order packet queue depth. This leads to both dropped packets and a retransmit timer expiry
at the sender.
•
CSCtu53660—CSG2- Diameter error- Dia Transport: TCP port unavailable
In the Gx interface, the TCP port to the PCRF server might become unavailable.
The TCP connection on the Gx interface between the CSG2 and the PCRF is not coming up. The
issue is encountered after the PCRF connection goes down and comes up multiple times. This causes
the local port leak to accumulate, and the local port becomes unavailable to establish the TCP
connection.
•
CSCtx01679—CSG2: Gx Service Group Volume Usage can be wrong for accelerated flows
When using Gx service groups with accelerated flows, the CSG2 might report and incorrect volume
usage. This can occur when the PCRF modifies the service group for a user's service instance during
the lifetime of the service, for example, due to user roaming.
•
CSCtx63728—CSG-3-PRELOAD ERR: Unexpected tlv 92 for policy during preload
If you upgrade to the CSG2 Release 6 from any earlier release, and policy preloading is configured,
the upgrade might fail with the following error:
CSG-3-PRELOAD ERR: Unexpected tlv 92 for policy during preload
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB6:
•
CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP’s interfaces
An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP’s interfaces. The
TP interfaces and statistics are not shown.
Workaround: None.
•
CSCtx02222—Limitation in number of interfaces with SNMP ifIndex persistence configured
If the SNMP ifIndex persistence feature is configured, configuring 1000 interfaces and issuing the
write memory command on the PPC 3 results in the following error:
% Error saving SNMP ifIndexes No space left on device
The Ifindex table file in NVRAM is also deleted.
For this problem to occur, all of the following conditions must be met:
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
53
Caveats for Cisco IOS Release 12.4(24)MDB6
– The SNMP ifIndex persistence feature must be configured.
– The CSG2 release image must include the CSCtr09086 fix (included in the CSG2 software for
Cisco IOS Release 12.4(24)MDB7 or later).
– More than 600 interfaces must be configured.
Workaround: If your configuration requires more than 600 interfaces, disable the SNMP ifIndex
persistence feature.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB6 - Closed Caveats
The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB6:
•
CSCsx76826—SAMI SNMP ENTITY-MIB entPhysicalTable miscellaneous issues
When queried via SNMP, the Cisco SAMI Name and Desc values stored in the Entity-MIB
(RFC4133) do not match the Name and Desc values and formats displayed using the show inventory
command.
The value of the Entity-MIB objects had been shown as follows for SAMI (entPhysicalIndex = 1)
– entPhysicalDescr = WS-SVC-SAMI-BB-K9 1 ports Service and Application module for IP
(SAMI) Rev 2.3
– entPhysicalName = SAMI (instead of slot slot-number)
– entPhysicalParentRelPos = slot-number (instead of -1)
•
CSCts68928—SAMI: write erase and reload cause CFG_DNLD_ERROR
Issuing an erase bootflash on the PCOP results in a configuration download error with the following
error message:
%IPC-0-CFG_DOWNLOAD_ERROR: Configuration download/parse error: Failed to
download config on one or more processors, traffic will get blocked -Process= “Init”, ipl=
0, pid= 3
•
CSCtt21485—IXP: RX MB de-queues invalid buffer handle
The Cisco SAMI card reloads due to a health monitoring (HM) failure.
%PLATFORM-4-DP_HM_WARN: Failed to receive response from IXP<1/2> in 22
retries, system will reboot if it continues to fail receiving response in another 8 retries (i.e.
in the next 80 secs.) Check `sami health-monitoring' configuration and see `show sami
health-monitoring' for more info
The IXP fails to respond to HM messages sent from the PPC.
•
CSCtt32257—Mechanism to detect health of IXP Lookup threads
While debugging, it is observed on rare occasions that all of the lookup threads become stuck,
resulting in the IXP not processing any packets. The Cisco SAMI IXP has more than 50 look threads.
If a few threads fail, the system might not report the failure right away, but continue to work in
degraded mode.
•
CSCtx38172—Red zone corruption on the CSG2 leads to a crash
When the TP receives bad trailers from the IXP, the bad trailer count on the TP increases, and the
CSG2 might crash as a result of Memory Block Red Zone corruption.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
54
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB5a
Caveats for Cisco IOS Release 12.4(24)MDB5a
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB5a.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats, page 55
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats, page 56
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats, page 56
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats, page 56
•
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 56
CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB5a:
•
CSCtt08817—RTSP protocol statistics report a 0 value
When control-url is configured for a content, the output for the show ip csg stats protocol
command displays 0 for the RTSP protocol.
Workaround: Remove the control-url configuration from the content.
•
CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU
The CSG2 truncates VRF table names that are longer than 32 characters.
Workaround: Configure VRF table names of 15 characters or less.
•
CSCtu53660—CSG2- Diameter error- Dia Transport: TCP port unavailable
In the Gx interface, the TCP port to the PCRF server might become unavailable.
The TCP connection on the Gx interface between the CSG2 and the PCRF is not coming up. The
issue is encountered after the PCRF connection goes down and comes up multiple times. This causes
the local port leak to accumulate, and the local port becomes unavailable to establish the TCP
connection.
Workaround: Reboot the CSG2.
•
CSCtx38172—Red zone corruption on the CSG2 leads to a crash
When the TP receives bad trailers from the IXP, the bad trailer count on the TP increases, and the
CSG2 might crash as a result of Memory Block Red Zone corruption.
Workaround: None.
•
CSCty02688—CSG2: Improper session synchronization during upgrade
When performing an in-service upgrade and synchronizing sessions from the active CSG2
Release 4, or any earlier release, to the standby CSG2 Release 5, or any later release, the
synchronization might not complete correctly. The standby CSG2 is synchronized with an
unexpectedly huge number of IP bytes uploaded and downloaded for all sessions. When the standby
CSG2 becomes active, it reports this huge number of uploaded and downloaded IP bytes to the
BMA, causing all sessions to be overcharged.
Workaround: Do not perform an in-service upgrade from CSG2 Release 4, or any earlier release,
to CSG2 Release 5, or any later release.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
55
Caveats for Cisco IOS Release 12.4(24)MDB5a
CSG2 Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB5a:
•
CSCtx25063—Increased CPU usage when using Gx service group volume thresholds
The CSG2 experiences increased CPU usage on its traffic processors (TPs) when using volume
thresholds over Gx service groups.
•
CSCtx35215—Volume threshold aggregate objects are not being cleaned up
When volume thresholds are configured for acceleration via the hardware (that is, either the service
is configured with records granularity bytes or volume threshold triggers are enabled via Gx), the
CSG2 performance can degrade. The degraded performance is exhibited through higher than normal
CPU usage, as more and more packets that had been accelerated and switched by the hardware are
forced up to the transaction processor and switched by the software.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB5a:
•
CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP’s interfaces
An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP’s interfaces. The
TP interfaces and statistics are not shown.
Workaround: None.
•
CSCts68928—SAMI: write erase and reload cause CFG_DNLD_ERROR
Issuing an erase bootflash on the PCOP results in a configuration download error with the following
error message:
%IPC-0-CFG_DOWNLOAD_ERROR: Configuration download/parse error: Failed to
download config on one or more processors, traffic will get blocked -Process= “Init”, ipl=
0, pid= 3
Workaround: On PPC3, issue a CLI:Write Memory.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5a - Closed Caveats
There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS
Release 12.4(24)MDB5a.
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats
The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release
12.4(24)MDB5a:
•
CSCti46171
Cisco IOS Software contains four vulnerabilities related to Cisco IOS Zone-Based Firewall features.
These vulnerabilities are as follows:
– Memory Leak Associated with Crafted IP Packets
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
56
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB5a
– Memory Leak in HTTP Inspection
– Memory Leak in H.323 Inspection
– Memory Leak in SIP Inspection
Workarounds that mitigate these vulnerabilities are not available.
Cisco has released free software updates that address these vulnerabilities.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-zbfw
•
CSCtr28857
A vulnerability in the Multicast Source Discovery Protocol (MSDP) implementation of Cisco IOS
Software and Cisco IOS XE Software could allow a remote, unauthenticated attacker to cause a
reload of an affected device. Repeated attempts to exploit this vulnerability could result in a
sustained denial of service (DoS) condition.
Cisco has released free software updates that address this vulnerability. Workarounds that mitigate
this vulnerability are available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-msdp
•
CSCtr49064
The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software
contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An
unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login
with a crafted username. Successful exploitation of this vulnerability could allow an attacker to
create a DoS condition by causing the device to reload. Repeated exploits could create a sustained
DoS condition.
The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its
use is highly recommended as a security best practice for the management of Cisco IOS devices.
Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability.
Cisco has released free software updates that address this vulnerability. This advisory is available at
the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ssh
•
CSCtr91106
A vulnerability exists in the Cisco IOS Software that may allow a remote application or device to
exceed its authorization level when authentication, authorization, and accounting (AAA)
authorization is used. This vulnerability requires that the HTTP or HTTPS server is enabled on the
Cisco IOS device.
Products that are not running Cisco IOS Software are not vulnerable.
Cisco has released free software updates that address these vulnerabilities.
The HTTP server may be disabled as a workaround for the vulnerability described in this advisory.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-pai
•
CSCts38429
The Cisco IOS Software Internet Key Exchange (IKE) feature contains a denial of service (DoS)
vulnerability.
Cisco has released free software updates that address this vulnerability. This advisory is available at
the following link:
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
57
Caveats for Cisco IOS Release 12.4(24)MDB5
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ike
Caveats for Cisco IOS Release 12.4(24)MDB5
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB5.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats, page 58
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats, page 58
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats, page 59
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats, page 59
CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB5:
•
CSCtt08817—RTSP protocol statistics report a 0 value
When control-url is configured for a content, the output for the show ip csg stats protocol
command displays 0 for the RTSP protocol.
Workaround: Remove the control-url configuration from the content.
•
CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU
The CSG2 truncates VRF table names that are longer than 32 characters.
Workaround: Configure VRF table names of 15 characters or less.
•
CSCtu53660—CSG2- Diameter error- Dia Transport: TCP port unavailable
In the Gx interface, the TCP port to the PCRF server might become unavailable.
The TCP connection on the Gx interface between the CSG2 and the PCRF is not coming up. The
issue is encountered after the PCRF connection goes down and comes up multiple times. This causes
the local port leak to accumulate, and the local port becomes unavailable to establish the TCP
connection.
Workaround: Reboot the CSG2.
CSG2 Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB5:
•
CSCtw59173—Time-based eG-CDR services should not track service-level volume aggregates
CPU performance begins to suffer when more than seven sessions are directed over a single user
service that is configured with records granularity service seconds. This issue can also result in
incrementing of the aggregate trig acceleration counter.
•
CSCtw59533—Tracebacks occur in the HTTP protocol handler
The following spurious memory access might be seen during URL-redirection:
0x80F03A4z 0x80F1DB0z 0x80884A8z 0x8089E20z 0x838E624z 0x838E830z 0x827ACECz
0x827D850z
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
58
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB4
This issue can occur if the same memory block used for relative redirection is deallocated, then
allocated for non-relative redirection.
•
CSCtw68505—User's billing is unknown
Some subscribers associated with a secondary PDP are not assigned a billing plan, because the 3GPP
charging ID (as part of the RADIUS attributes) is missing in the user’s Profile Request that is sent
to the quota server.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB5:
•
CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP’s interfaces
An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP’s interfaces. The
TP interfaces and statistics are not shown.
Workaround: None.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB5 - Closed Caveats
•
There are no Closed caveats in the Cisco SAMI software that impact the CSG2 software for
Cisco IOS Release 12.4(24)MDB5.
Caveats for Cisco IOS Release 12.4(24)MDB4
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB4.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats, page 59
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats, page 60
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats, page 62
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats, page 62
•
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 63
CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB4:
•
CSCtt08817—RTSP protocol statistics report a 0 value
When control-url is configured for a content, the output for the show ip csg stats protocol
command displays 0 for the RTSP protocol.
Workaround: Remove the control-url configuration from the content.
•
CSCtu19283—CSG2 needs to support 32 char VRF name in ExtendedUserIndex TLV of SCU
The CSG2 truncates VRF table names that are longer than 32 characters.
Workaround: Configure VRF table names of 15 characters or less.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
59
Caveats for Cisco IOS Release 12.4(24)MDB4
•
CSCtu53660—CSG2- Diameter error- Dia Transport: TCP port unavailable
In the Gx interface, the TCP port to the PCRF server might become unavailable.
The TCP connection on the Gx interface between the CSG2 and the PCRF is not coming up. The
issue is encountered after the PCRF connection goes down and comes up multiple times. This causes
the local port leak to accumulate, and the local port becomes unavailable to establish the TCP
connection.
Workaround: Reboot the CSG2.
CSG2 Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB4:
•
CSCto53563—CSG2 R6: Deceleration not working for time/volume trigger with distributed Gx
The CSG2 is unable to accelerate flows for users with large volume thresholds. The CSG2 is also
unable to clean up the session objects for these flows when the flows end.
For this problem to occur, the following conditions must be met:
– Gx must send a rule for a user with a volume threshold that is larger than MAX_INT32,
2147483647.
– Flows for the user must match a content that is configured for acceleration.
•
CSCtq94337—eGGSN- Packets are stuck in the quota server queue
In an eGGSN configuration, packets might become stuck in the quota server queue.
•
CSCtr08631—The CSG2 is reporting negative usage to the BMA after a failover
After a failover, the Service Usage reported as quadrans in an intermediate or final BMA CDR is
less than that reported in a prior intermediate CDR.
For this problem to occur, all of the following conditions must be met:
– Intermediate CDRs must be configured for type OTHER or NBAR.
– A CSG2 failover must have occurred after an intermediate CDR has been generated for one or
more long-lived Layer 4 sessions.
•
CSCtr69315—The CSG2 is delaying CCRs
The CSG2 might not send a CCR to the PCRF immediately after receiving accounting messages
from the PGW. Therefore the CCR timeout occurs before the CCA is received, even though the CCA
is received immediately. The retransmit CCR is sent to the next PCRF in the configuration. The CCA
received for the retransmit CCR has 5012 - error in CCA Result code AVP.
A burst of 20 to 40 CCRs is sent to the PCRF, then no messages for almost two minutes.
•
CSCtr88344—RAR received before CCA-I is dropped; further RARs after CCA-I handled
When the PCRF places the CCA-I and the RAR in the same packet, the RAR message and all
subsequent RAR messages are ignored. Since no RAA is returned for the first RAR, all subsequent
RARs are also rejected.
•
CSCts04905—CSG2: Socket leak in Diameter transport code
The CSG2 cannot get the socket to set up the Diameter TCP connection to the PCRF.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
60
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB4
•
CSCts08568—Ability to tweak the TCP MSS for indirectly connected network
If the Diameter TCP peer is on a different subnet than the CSG2 Diameter peer, the TCP MSS cannot
be tuned for the indirectly connected network for the Diameter application. This occurs for either a
Gx or a Gy implementation on the CSG2. By default, a value of 536 bytes is chosen for the TCP
MSS, and the ip tcp mss 1460 global configuration command does not increase the MTU to 1460.
•
CSCts13678—Charging ID missing in Service Stop message when Gx enabled
When a subscriber is Gx-enabled, and the user is deleted, the CSG2 sends a Service Stop message
to the quota server, but the CSG2 does not include the RADIUS attribute Charging ID in the
message.
•
CSCts47723—CSG2 sends wrong usage count in CCR-F when CCA-U timeout or failure occur
If a CCA-U timeout/failure occurs on the CSG2, the CSG2 might send the wrong usage count in the
CCR-F. The CSG2 continues to count the usage even after the CCA-U timeout/failure occurs.
•
CSCts73889—CSG2 ACCEL encap lookup failed
If there is more than one path to the source or destination IP address, the CSG2 ACCEL encap
lookup might fail.
•
CSCts84547—Include QoS in CCR-U for EPS users even without QoS change
The CSG2 might not include Quality of Service (QoS) information in the CCR-U.
•
CSCtt45725—CSG2: Traceback seen on CP console
Traceback might be seen on the CP console. This can occur when there is no enough buffer space to
accommodate all of the content. Part of the output for the show command for that particular content
might be truncated. The traceback has no other functional impact.
•
CSCtu00081—CSG2 rejects a RAR with a nexthop of 0.0.0.0
When a RAR is sent with a nexthop uplink IP address of 0.0.0.0, the CSG2 discards it as an invalid
address.
•
CSCtu13157—[CSG2 R6] Issue appending original URL after HTTP redirect
When relative URL processing is enabled, the CSG2 might not encode a fully qualified URL after
a redirect URL. The host information might not be included in the redirection URL for a relative
URL.
•
CSCtu23680—Failover in-between call, newly active CSG2 sends 5012 for RAR-rule-remove
If a failover occurs in-between a call, the newly active CSG2 sends 5012 for the RAR-rule-remove
and does not send the COA.
When that issue is fixed, the newly active CSG2 sends a COA with an UNKNOWN source-IP
address.
When that issue is fixed, tracebacks are generated when the sticky entry is created.
•
CSCtu31661—New CLI to stop counting if CCR-U failed
The CSG2 stops counting usage if the CCR-U fails. This CDETS introduces the ip csg ccr-u-fail
stop-count command, which enables the CSG2 to continue to count usage in the event of a CCR-U
failure.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
61
Caveats for Cisco IOS Release 12.4(24)MDB4
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Open Caveats
The following list identifies Open caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB4:
•
CSCtr09086—CSG2:R5:SNMPWALK for interface table displays only the CP’s interfaces
An SNMP walk on the CSG2 interface table in the Cisco SAMI shows only the CP’s interfaces. The
TP interfaces and statistics are not shown.
Workaround: None.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB4 - Closed Caveats
The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB4:
•
CSCsx82030—Specific configuration sequence causes configuration download/parse error on the
SAMI
A specific configuration sequence causes a configuration download/parse error on the SAMI.
The condition is logged as follows:
SAMI 1/3: Feb 18 09:27:43.779: %IPC-0-CFG_DOWNLOAD_ERROR: Configuration
download/parse error: Failed to download config on one or more processors,
traffic will get blocked -Process= “Init”, ipl= 0, pid= 3
If inter-device redundancy is configured, a peer SAMI might reload with the redundancy framework
(RF)/Cisco IOS Hot Standby Routing Protocol (HSRP) state broken.
The following configuration sequence causes the configuration download/parse error:
a. The “snmp-server community” is using a standard ACL.
b. The standard ACL is removed.
c. A new extended ACL is created with the same name as the previous standard ACL.
d. The SAMI is reloaded.
After the reload, the SAMI receives the configuration download/parse error.
•
CSCtc95114—Flash file system raises interrupt level during write operations
When performing a write memory or copying a file to the bootflash of a PowerPC (PPC), the Cisco
SAMI drops a few packets.
•
CSCtj29848—SME crash on LCP while trying to collect coredump
The Cisco SAMI LCP crashes and reloads while attempting to collect core dump information. This
condition occurs only when the IXP network processor is hung.
•
CSCtr32221—Decrease time-interval of PPC to IXP health-monitoring messages
In an active-standby Cisco SAMI pair, if the standby SAMI has a higher HSRP priority than the
active SAMI, the active SAMI might reload when the IXP on the standby SAMI fails.
•
CSCtr81828—SRAM dequeue diagnostic in QM
The Cisco SAMI reloads with the following syslog error message:
%PLATFORM-1-DP_HM_FAIL: Failed to receive response from IXP<1/2>. Check `sami
health-monitoring' configuration and see `show sami health-monitoring' for more info
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
62
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB4
The SAMI reloads when the IXP fails to respond to a health monitoring (HM) message sent by the
PPCs. The IXP fails to respond to HM messages because the hardware assist that maintains the
buffers known as the q-array is corrupted, A Null buffer handle (invalid) is de-queued.
The IXP maintains packets, including HM messages, in DRAM buffers, Pointers (buffer handles) to
these buffers are maintained by q-arrays, and it is expected that q-arrays give valid buffer handles,
when a Null buffer handle (invalid) is de-queued by a q-array, the IXP can no longer process
incoming packets.
•
CSCts39548—The core: in LCP uses more bytes than the sum of the file sizes
The core: directory in the LCP shows more “total used” bytes than the sum of the size of the files
that it contains.
•
CSCts39558—Free space script in LCP deletes crashinfo files at time of crash
If the core: directory in the LCP shows more “total used” bytes than the sum of the size of files that
it contains, the CSG2 might reload due to a failure. The IXP core: is collected, but the IXP crashinfo
file is missing in the crashinfo tar.
•
CSCtt37393—To disable write mem in TCOPS
Cron job might execute write memory CLI that executes on TCOPS. Check for the size of
startup-config file in nvram: directory of TCOPS.
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats
The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDB4:
•
CSCtg47129
The Cisco IOS Software implementation of the virtual routing and forwarding (VRF) aware network
address translation (NAT) feature contains a vulnerability when translating IP packets that could
allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
Cisco has released free software updates that address this vulnerability. Workarounds that mitigate
this vulnerability are not available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat
Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes
seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each
Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the
vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases
that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.
Individual publication links are in “Cisco Event Response: Semiannual Cisco IOS Software Security
Advisory Bundled Publication” at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html
•
CSCti35326
The Cisco IOS Software Network Address Translation (NAT) feature contains a denial of service
(DoS) vulnerability in the translation of Session Initiation Protocol (SIP) packets.
The vulnerability is caused when packets in transit on the vulnerable device require translation on
the SIP payload.
Cisco has released free software updates that address this vulnerability. A workaround that mitigates
the vulnerability is available.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
63
Caveats for Cisco IOS Release 12.4(24)MDB3
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-nat
Caveats for Cisco IOS Release 12.4(24)MDB3
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB3.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats, page 64
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats, page 65
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats, page 66
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats, page 66
CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats
•
CSCto53563—CSG2 R6: Deceleration not working for time/volume trigger with distributed Gx
The CSG2 is unable to accelerate flows for users with large volume thresholds. The CSG2 is also
unable to clean up the session objects for these flows when the flows end.
For this problem to occur, the following conditions must be met:
– Gx must send a rule for a user with a volume threshold that is larger than MAX_INT32,
2147483647.
– Flows for the user must match a content that is configured for acceleration.
Workaround: If a content is configured for acceleration and is referenced by a Gx rule, do not set
the rule's volume threshold larger than 2147483647.
•
CSCtq94337—eGGSN- Packets are stuck in the quota server queue
In an eGGSN configuration, packets might become stuck in the quota server queue.
Workaround: None.
•
CSCtr08631—The CSG2 is reporting negative usage to the BMA after a failover
After a failover, the Service Usage reported as quadrans in an intermediate or final BMA CDR is
less than that reported in a prior intermediate CDR.
For this problem to occur, all of the following conditions must be met:
– Intermediate CDRs must be configured for type OTHER or NBAR.
– A CSG2 failover must have occurred after an intermediate CDR has been generated for one or
more long-lived Layer 4 sessions.
Workaround: Disable intermediate CDR reporting.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
64
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB3
CSG2 Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB3:
•
CSCtl04589—CSG2 R6: Fix Diameter and MPCC statistics for distributed Gx
For distributed Gx, an SNMP GET for Diameter and MPCC statistics does not include Diameter
connections or MPCC sessions statistics on the TPs. The output of the show diameter command
does not include total Diameter connection statistics for all of the TPs, and the output of the show
mpcc command does not include total MPCC session statistics for all of the TPs.
•
CSCtn62963—Support HTTPS URL redirection
Modify the CSG2 to support HTTPS URL redirection.
•
CSCtq46748—The standby CSG2 might reload when processing an HA update message
In a high-stress, high availability (HA) environment, with many RADIUS attributes configured for
reporting in the Packet of Disconnect (PoD), the standby CSG2 might reload.
•
CSCtq60404—The CSG2 reloads when creating and deleting Gx users with traffic
The CSG2 might reload when creating and deleting tens of thousands of Gx users with traffic. The
CSG2 must be under heavy load, creating and deleting 100,000 to 180,000 users and processing 10
sessions per user.
•
CSCtq60705—The CSG2 fails to parse the egcdr_correlator_id correctly in RADIUS messages
If eG-CDRs are configured for use between the eGGSN/PGW and the CSG2, the eGGSN/PGW
might reject the GTP message from the CSG2. The CSG2 displays the following message:
%CSG-3-GTP_REJECT: GTP received
•
CSCtq76436—The ip csg rate-limit mid-flow-syn command might leak packet buffers
I/O memory (in the form of packet buffers) might be leaked on the CSG2 traffic processors (TPs).
To detect the leak:
– Issue the show memory statistics command several times on the TPs and verify that the entry
corresponding to row I/O and column Used (b) rises steadily.
– Issue the show buffers command several times on the TPs and verify that the total number of
buffers in use by any pool rises consistently.
For this problem to occur, all of the following conditions must be met:
– The ip csg rate-limit mid-flow-syn command must be configured on the CSG2.
– The mid flow SYN drop counters in the Session L4 Stats section of the output of the show ip
csg stat command from the TPs must be non-zero.
•
CSCtq83846—Possible leak due to an out-of-order mid-flow SYN with the ACK bit set
The CSG2 might experience a memory leak due to an out-of-order mid-flow SYN with the ACK bit
set. To detect the leak, examine the Pct Used value in the Application column in the CSG Buffer
Management Stats section of the output of the show ip csg stats command.
•
CSCtr18288—CSG2 crash: Content not inservice with and without multiple attribute map
CSG2 processors might experience high CPU usage after changing CSG2 contents with CLI. The
processes that cause the high CPU usage include the CSG BGCFG and the IPC message handler.
For this problem to occur, all of the following conditions must be met:
– A content must be configured with Layer 7 parsing.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
65
Caveats for Cisco IOS Release 12.4(24)MDB3
– At least one policy on the content must be configured with an attribute map.
– At least one policy on the content must be configured without an attribute map.
– The content must be brought inservice.
– The content must match traffic, or the content must be taken out of service.
•
CSCtr21100—Potential crash with a concurrent service idle timeout and RADIUS Accounting Stop
The CSG2 might crash when processing a service idle timeout and a RADIUS Accounting Stop for
given user at the same time.
•
CSCtr33104—Accelerated TCP connections are not deleted or idled under high stress
When running under high stress and high CPU, the CSG2 might fail to free or clean up some
accelerated flows after idling for a long time.
•
CSCtr54105—The CSG2 does not decelerate sessions after an eG-CDR usage request from the
PGW
The CSG2 might report incorrect usage for accelerated users after a request from the PGW via the
SCR.
•
CSCtr64807—Enhanced Diameter retry logic
A new user session might not be allowed when the PCRF responds with 5012 to a retransmitted
packet. The CSG2 might show a very high number of CCA failures as a result of timeout and reject.
The relevant CCA Failure statistics are:
CCA Failure:
pcrf failure
pcrf timeout
pcrf reject
= 0
= 91893
= 107559
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Open Caveats
There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS
Release 12.4(24)MDB3.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB3 - Closed Caveats
The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB3:
•
CSCto66682—The CSG2 is losing a RADIUS PoD
A RADIUS PoD sent through the CSG2 never appears on the egress.
•
CSCto72922—The SAMI IXP is not dropping packets larger than the maximum supported packet
size
Packets larger than 3072 bytes (the maximum supported packet size for the Cisco SAMI) might be
forwarded to the PowerPC processors, resulting in the following error:
%ETSEC-1-ERROR_INT_CAUSE IEVENT_BABR
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
66
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB1
Caveats for Cisco IOS Release 12.4(24)MDB1
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB1.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats, page 67
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats, page 67
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats, page 68
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats, page 68
•
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 68
CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats
The following list identifies Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB1:
•
CSCto53563—CSG2 R6: Deceleration not working for time/volume trigger with distributed Gx
The CSG2 is unable to accelerate flows for users with large volume thresholds. The CSG2 is also
unable to clean up the session objects for these flows when the flows end.
For this problem to occur, the following conditions must be met:
– Gx must send a rule for a user with a volume threshold that is larger than MAX_INT32,
2147483647.
– Flows for the user must match a content that is configured for acceleration.
Workaround: If a content is configured for acceleration and is referenced by a Gx rule, do not
set the rule's volume threshold larger than 2147483647.
CSG2 Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release
12.4(24)MDB1:
•
CSCtb17999—Tracebacks on DPR from server, client closes TCP before sending DPA
When the PCRF (Policy and Charging Rules Function) sends a Diameter DPR (Disconnect Peer
Request) followed by a TCP FIN to the CSG2 that is acting as the PCEF (Policy Charging
Enforcement Function), the CSG2 first sends a TCP FIN-ACK and then tries to send a Diameter
DPA (Disconnect Peer Answer) back to the PCRF. However, the DPA is not delivered because the
TCP connection has been closed, and tracebacks are seen on the CSG2/PCEF. The CSG2/PCEF
should instead send the DPA message first and then follow up the TCP connection termination by
sending the FIN-ACK.
•
CSCto46730—CSG2 crash during creation of dual-stack user at high rate and MPCC error
The PCRF might stop responding to CCR-Is, and the PCRF timeout might cause the CSG2 MPCC
error counter to keep incrementing.
For this problem to occur, the following conditions must be met:
– A dual-stack user must be created.
– Data traffic must flow at a high rate.
– Many MPCC errors must occur.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
67
Caveats for Cisco IOS Release 12.4(24)MDB
•
CSCto77259—CSG2 WAP storage corruption
If the CSG2 is performing Layer 7 WAP 1.x data packet inspection on a POST request that contains
a segmented URL, the CSG2 might crash.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Open Caveats
There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS
Release 12.4(24)MDB1.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB1 - Closed Caveats
The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB1:
•
CSCto93053—CSG2 SAMI IXP crash while sending a high volume of accelerated traffic
The CSG2 might stop passing traffic and reload.
For this problem to occur, the following conditions must be met:
– The CSG2 must be configured to accelerate Layer 4 flows or Layer 7 HTTP transactions.
– The CSG2 must accelerate flows that participate in aggregate accounting. Examples include
prepaid accounting, service-level CDR reporting, and user-level volume thresholds via Gx.
– Accelerated transactions using multiple aggregate types must occur at a high rate.
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats
The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDB1:
•
CSCtj41194
Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack
implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected
device that has IPv6 enabled. The vulnerability may be triggered when the device processes a
malformed IPv6 packet.
Cisco has released free software updates that address this vulnerability. There are no workarounds
to mitigate this vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110928-ipv6.shtml.
Caveats for Cisco IOS Release 12.4(24)MDB
This section lists and describes all caveats, both Open and Closed, that affect the CSG2 or Cisco SAMI
software for Cisco IOS Release 12.4(24)MDB.
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB - Open Caveats, page 69
•
CSG2 Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats, page 69
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Open Caveats, page 69
•
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats, page 69
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
68
OL-24560-01
Caveats for Cisco IOS Release 12.4(24)MDB
•
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats, page 70
CSG2 Software for Cisco IOS Release 12.4(24)MDB - Open Caveats
There are no Open caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB.
CSG2 Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats
The following list identifies Closed caveats in the CSG2 software for Cisco IOS Release 12.4(24)MDB:
•
CSCtn15950—Configuration rollback fails while taking a content out-of-service
Rolling back the CSG2 configuration might fail while taking a content out-of-service.
•
CSCtn80399—The CSG2 must include the default bearer's accounting session ID in the PoD
The CSG is sending the dedicated bearer session ID in Packet of Disconnect (PoD) requests to clear
users instead of the default bearer ID.
•
CSCtn82586—For virtual prepaid users, the ip csg report block prepaid command should not
block CDRs
For virtual prepaid users, the ip csg report block prepaid command is blocking all CDRs.
•
CSCtn86043—QoS parameters to QCI mapping is incorrect for REL99 QoS
The mapping of Quality of Service (QoS) parameters to QoS Class Identifier (QCI) is incorrect for
Release 99 QoS.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Open Caveats
There are no Open caveats in the Cisco SAMI software that impact the CSG2 software for Cisco IOS
Release 12.4(24)MDB.
Cisco SAMI Software for Cisco IOS Release 12.4(24)MDB - Closed Caveats
The following list identifies Closed caveats in the Cisco SAMI software that impact the CSG2 software
for Cisco IOS Release 12.4(24)MDB:
•
CSCtn95286—SAMI: Summit registers workaround for FRU power failure
At high traffic loads, the Cisco SAMI might reload as a result of a failure of power convertor 0x5.
%OIR-SP-6-PWRFAILURE: Module 2 is being disabled due to power convertor failure 0x5
%C6KPWR-SP-4-DISABLED: power to module in slot 2 set off (FRU-power failed)
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
69
Documentation and Technical Assistance
Cisco Product Security Incident Response Team (PSIRT) - Closed Caveats
The following list identifies Cisco PSIRT closed caveats that impact Cisco IOS Release 12.4(24)MDB:
•
CSCtl79577
A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway-Second
Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An
unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP
packets to an affected device. Exploitation could cause the device to reload.
There are no workarounds available to mitigate exploitation of this vulnerability other than blocking
ICMP traffic destined to the affected device.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110706-csg.shtml
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal
CVSS scores as of the time of evaluation are 7.8/6.4:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?
dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
CVE ID CVE-2011-2064 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Documentation and Technical Assistance
This section contains the following information:
•
Related Documentation, page 70
•
Obtaining Documentation and Submitting a Service Request, page 72
Related Documentation
Use these release notes with these documents:
•
CSG2 Documentation, page 70
•
Release-Specific Documents, page 71
•
Platform-Specific Documents, page 71
•
Cisco IOS Software Documentation Set, page 71
CSG2 Documentation
For more detailed installation and configuration information, see the following publication:
•
Cisco Content Services Gateway - 2nd Generation Release 6 Installation and Configuration Guide
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
70
OL-24560-01
Documentation and Technical Assistance
Release-Specific Documents
The following documents are specific to Cisco IOS Release 12.4 and are located at Cisco.com:
•
Cisco IOS Release 12.4 Mainline Release Notes
Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline > Release
Notes
•
Cisco IOS Release 12.4 T Release Notes
Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 T > Release Notes
•
Product bulletins, field notices, and other release-specific documents on Cisco.com at:
Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline
Note
If you have an account with Cisco.com, you can use Bug Navigator II to find the most current list of
caveats of any severity for any software release. You can reach Bug Navigator II on Cisco.com at
http://www.cisco.com/support/bugtools.
Platform-Specific Documents
These documents are available for the Cisco 7600 series router platform on Cisco.com and the
Documentation CD-ROM:
•
Cisco Service and Application Module for IP User Guide
•
Diameter Credit Control Application feature guide
•
Cisco 7600 series routers documentation:
– Cisco 7600 Series Cisco IOS Software Configuration Guide
– Cisco 7600 Series Cisco IOS Command Reference
– Release Notes for Cisco IOS Release 12.2SR for the Cisco 7600 Series Routers
Cisco IOS Software Documentation Set
The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS
command references, and several other supporting documents that are shipped with your order in
electronic form on the Documentation CD-ROM, unless you specifically ordered the printed versions.
Documentation Modules
Each module in the Cisco IOS documentation set consists of two books: a configuration guide and a
corresponding command reference guide. Chapters in a configuration guide describe protocols,
configuration tasks, Cisco IOS software functionality, and contain comprehensive configuration
examples. Chapters in a command reference guide list command syntax information. Use each
configuration guide with its corresponding command reference. The Cisco IOS documentation modules
are available on Cisco.com at:
•
Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline >
Command References
•
Documentation > Cisco IOS Software > Cisco IOS Software Releases 12.4 Mainline >
Command References > Configuration Guides
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
71
Documentation and Technical Assistance
Note
To view a list of MIBs supported by Cisco, by product, go to:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a
service request, and gathering additional information, see What’s New in Cisco Product Documentation
at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco
technical documentation, as an RSS feed and deliver content directly to your desktop using a reader
application. The RSS feeds are a free service.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
72
OL-24560-01
Documentation and Technical Assistance
This document is to be used in conjunction with the documents listed in the “Related Documentation” section.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of
Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners.
The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
Copyright © 2014 Cisco Systems, Inc. All rights reserved.
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
OL-24560-01
73
Documentation and Technical Assistance
Release Notes for Cisco Content Services Gateway - 2nd Generation Release 6.0 Cisco IOS Release 12.4(24)MDB17
74
OL-24560-01