Datasheet
222
Release Notes for Cisco IOS Release 12.1E on the Catalyst 6500 and Cisco 7600 Supervisor Engine and MSFC
OL-2310-11
Caveats
• The following error messages are displayed immediately after a reload:
%SYS-2-INTSCHED: 'sleep for' at level 3 -Process= "Init", ipl= 3, pid= 2 -Traceback=
6064AA94 60633C04 60FFD1C4 611867AC 6066D1CC 60596134 603D1EB0 603D30BC
603C3110 603D1C20 603BCB30601F2480 601F0460 601F09F0 601F0840 60599A60
The ip cef global configuration command and the police settings are class-map configurations and
need to have a packet identification mechanism before anything is policed (such as match protocol
http). This condition does not occur until the policy map is attached to an interface. This symptom
is observed after a reload after it had been configured with the following commands:
ip cef
policy-map test-policy
class-map test-class
match protocol http
police cir 64000 bc 16000 pir 64000 be 16000
conform-action set-clp-transmit
exceed-action set-clp-transmit
violate-action set-clp-transmit
interface e3/1
service-policy input test-policy
This problem is resolved in Release 12.1(14)E. (CSCdw20801)
• The Open Shortest Path First (OSPF) designated router might generate router link states but not
network link states for a connected network. The OSPF neighbors might come up correctly on all
the routers in the network. This problem is resolved in Release 12.1(14)E. (CSCdu08686)
• When multicast support is configured, a spurious memory access or a reload might occur. This
problem is resolved in Release 12.1(14)E. (CSCdy85185)
• The show power command might incorrectly display a standby Supervisor Engine 2 as a Supervisor
Engine 1. This problem is resolved in Release 12.1(14)E. (CSCdy56620)
• Cisco IOS software incorrectly replies to TCP packets that are destined to broadcast/multicast
addresses. Replies are sourced from the broadcast/multicast address.
The problem is applicable to all ports except HTTP (default 80) and HTTPS (default 443) ports.
With the fix in this DDTS, behavior is changed so that Cisco IOS software will only reply to packets
that are destined to broadcast/multicast addresses HTTP (default 80) and HTTPS (default 443) ports.
This behavior is further modified by CSCdv30676.
Although this behavior does not cause any problem for router operation, it may be used for
bypassing packet filters (that are configured either in front of or on the router) to reach the services
running on TCP (i.e Telnet or SSH) authentication (if configured) still takes place for these services.
This may be possible if the packet filter allows broadcast/multicast destinations but filter the unicast
address of the router.
A filter that can be bypassed on the affected router may be similar to the following
access-list 100 deny ip any host <routers-interface-IP-address>
access-list 100 permit ip any any
interface X/Y
ip access-group 100 in
This problem is resolved in Release 12.1(14)E. (CSCdy20364)
• When an Internet Group Management Protocol (IGMP) receive message is entered on the incoming
interface toward the Route Processor (RP), and a source, group (S,G) R state already exists for a
source, the -R flag does not clear. The receiver does not receive traffic for that particular (S,G) entry.
This problem is resolved in Release 12.1(14)E. (CSCdx95449)