Datasheet

ManualsBrandsCisco Manualschassis componentsFAN-MOD-6HS=

141

142

143

144

145

146

147

148

149

150

144

Release Notes for Cisco IOS Release 12.1E on the Catalyst 6500 and Cisco 7600 Supervisor Engine and MSFC

OL-2310-11

Caveats

• When EoMPLS is configured on a system that is functioning as the PE router and a FlexWAN

module is used to connect to the core router, packets sent by the CE router are dropped. This problem

is resolved in Release 12.1(26)E2. (CSCei01835)

• The system may reset if it receives a invalid VTP packet. The invalid VTP packet must be received

on a port configured for ISL or 802.1q trunking and must correctly match the VTP domain name.

This problem does not affect switch ports configured for the voice VLAN. This problem is resolved

in Release 12.1(26)E2. (CSCsa67294)

• A system with a Supervisor Engine 2 and an MSFC2 may experience a memory leak in a CEF IPC

background process on the route processor and on the switch processor during stress testing that

introduces routing instability. This problem is resolved in Release 12.1(26)E2. (CSCsa83923)

• When a port is configured as a SPAN destination port, multicast traffic that is generated or processed

by the system floods the SPAN destination port and overruns any legitimate SPAN packets. This

problem is resolved in Release 12.1(26)E2. (CSCsa87021)

Resolved General Caveats in Release 12.1(26)E1

• A document that describes how the Internet Control Message Protocol (ICMP) could be used to

perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol

(TCP) has been made publicly available. This document has been published through the Internet

Engineering Task Force (IETF) Internet Draft process, and is entitled “ICMP Attacks Against TCP”

(draft-gont-tcpm-icmp-attacks-03.txt).

These attacks, which only affect sessions terminating or originating on a device itself, can be of

three types:

1. Attacks that use ICMP “hard” error messages.

2. Attacks that use ICMP “fragmentation needed and Don’t Fragment (DF) bit set” messages, also

known as Path Maximum Transmission Unit Discovery (PMTUD) attacks.

3. Attacks that use ICMP “source quench” messages.

Successful attacks may cause connection resets or reduction of throughput in existing connections,

depending on the attack type.

Multiple Cisco products are affected by the attacks described in this Internet draft.

Cisco has made free software available to address these vulnerabilities. In some cases there are

workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.

The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security

Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple

vendors whose products are potentially affected. Its posting can be found at:

http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.

This problem is resolved in Release 12.1(26)E1. (CSCef60659, CSCsa59600, CSCef44699)

• If you configure fallback bridging on a Layer 3 LAN port, established OSPF neighbors might be put

into the INIT state. This problem is resolved in Release 12.1(26)E1. (CSCef66899)

• With a Supervisor Engine 2, QoS does not preserve the CoS value derived from IP precedence in

traffic that originates on the MSFC2. This problem is resolved in Release 12.1(26)E1.

(CSCef68801)