Datasheet

ManualsBrandsCisco Manualschassis componentsFAN-MOD-6HS=

191

192

193

194

195

196

197

198

199

200

196

Release Notes for Cisco IOS Release 12.1E on the Catalyst 6500 and Cisco 7600 Supervisor Engine and MSFC

OL-2310-11

Caveats

• A new vulnerability in the OpenSSL implementation for SSL has been announced on March 17,

2004.

An affected network device running an SSL server based on an affected OpenSSL implementation

may be vulnerable to a Denial of Service (DoS) attack. There are workarounds available to mitigate

the effects of this vulnerability on Cisco products in the workaround section of this advisory. Cisco

is providing fixed software, and recommends that customers upgrade to it when it is available.

This advisory will be posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml

This problem is resolved in Release 12.1(20)E3. (CSCee00041)

• After Cisco IOS ACLs have been updated dynamically or after responding dynamically to an IDS

signature, a reload might occur following attempts to access a low memory address. This problem

is resolved in Release 12.1(20)E3. (CSCed35253)

• The dynamic NAT pool allocation can reach 100% utilization if you configure a static NAT entry

with an IP address that is part of a dynamic pool. This problem is resolved in Release 12.1(20)E3.

(CSCec54341)

• Following a reload with a large number of active interfaces, an Open Shortest Path First (OSPF)

interface might be in the down state while the port and the line protocol might be in the up state,

which causes missing OSPF neighbor adjacencies on the OSPF interface that is in the down state.

This problem is resolved in Release 12.1(20)E3. (CSCeb04048)

• If you enter the ip verify unicast reverse-path interface configuration command on ATM

subinterfaces, some ingress traffic is dropped. This problem is resolved in Release 12.1(20)E3.

(CSCdt51547)

• Many memory allocation failure (MALLOCFAIL) messages might occur for a Cisco Discovery

Protocol (CDP) process:

%SYS-2-MALLOCFAIL: Memory allocation of -1732547824 bytes failed from x605111F0, pool

Processor, alignment 0

-Process= "CDP Protocol", ipl= 0, pid= 42

-Traceback= 602D5DF4 602D78A0 605111F8 60511078 6050EC88 6050E684 602D0E2C 602D0E18

This problem is resolved in Release 12.1(20)E3. (CSCdz32659)

• With both static and dynamic Port Address Translation (PAT) configured and if the ip nat pool

inside_pool_name command has been entered for only one IP address, the IP addresses that are used

for overloading might be used as one-to-one translations. This problem is resolved in

Release 12.1(20)E3. (CSCdx19396)

Resolved General Caveats in Release 12.1(20)E2

• With server load balancing (SLB) configured on a Supervisor Engine 1 and an MSFC1, you might

see INPUTQ messages and interfaces might stop passing traffic. This problem is resolved in

Release 12.1(20)E2. (CSCed49443)

• With high traffic levels and when the reverse forwarding path (RPF) towards the rendezvous point

and the multicast source are different, partially hardware-switched multicast flows might not be

forwarded correctly. This problem is resolved in Release 12.1(20)E2. (CSCec80654)

• After “MALLOCFAIL” messages and tracebacks, a reload might occur. This problem is resolved in

Release 12.1(20)E2. (CSCec71297)