Specifications

ManualsBrandsCisco ManualsComputer equipmentOL-10426-01

321

322

323

324

325

326

327

328

329

330

1353

Cross-Platform Release Notes for Cisco IOS Release 12.0S

OL-1617-14 Rev. Q0

Resolved Caveats—Cisco IOS Release 12.0(27)S2

Conditions: This symptom is observed when a policy is attached to the interface.

Workaround: There is no workaround.

• CSCin74347

Symptoms: Outbound security ACLs are not applied properly on Cisco10000 series routers.

Conditions: This symptom is observed on all Cisco IOS Release 12.0 S images that contain the fix

for CSCed72686.

Workaround: There is no workaround.

• CSCuk48013

Symptoms: A Cisco 7500 series router that is running 12.0S may drop traffic to a static route after

a microcode reload. The symptom may also occur in other releases.

Conditions: Traffic loss will occur for static routes to /32 prefixes that are attached to an interface,

that is, the ip route prefix mask interface-type interface-number command is enabled.

Workaround: Disable Cisco Express Forwarding (CEF) by entering the no ip cef command. Then,

reenable CEF by entering the ip cef distributed command.

• CSCuk48808

Symptoms: Following an OIR, the show ip cef inconsistency now command may report an

inconsistency between an RP and a VIP. There are no inconsistencies reported on the VIP itself.

Conditions: This symptom is observed on Cisco 7500 series that runs Cisco IOS Release 12.0 S.

Workaround: There is no workaround.

• CSCuk48818

Symptoms: On a Cisco 12000 ATM ISE line card, shaping resources may be used up after different

policy-maps are attached and then removed from a VC many times.

Conditions: This symptom is observed on a Cisco 12000 series router.

Workaround: Microcode reload the line card.

TCP/IP Host-Mode Services

• CSCeb21552

Symptoms: The following error message may be displayed when a router receives a connection

request on command-shell (TCP, 514) and Kerberos-shell (kshell) (TCP, 544) ports:

%RCMD-4-RSHPORTATTEMPT: Attempted to connect to RSHELL from 192.168.2.2

Conditions: This symptom is observed on a Cisco router that has the remote shell (rsh) disabled.

Workaround: Filter the traffic that is destined for command-shell (TCP, 514) and Kerberos-shell

(kshell) (TCP, 544) ports.

First, enter the show ip interface brief EXEC command to display the usability status of interfaces

that are configured for IP. The output may look like the following:

Interface IP-Address OK? Method Status Protocol Ethernet0/0 172.16.1.1 YES NVRAM up

up Ethernet1/0 unassigned YES NVRAM administratively down down Serial2/0 192.168.2.1

YES NVRAM up up Serial3/0 192.168.3.1 YES NVRAM up up Loopback0 10.1.1.1 YES NVRAM up

Then, create the following access control list (ACL) for the router and apply this ACL to all

interfaces that are enabled with the ip access-group 177 in router configuration command:

access-list 177 deny tcp any host 172.16.1.1 eq 514