Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentOL-10426-01
71727374757677787980
1106
Cross-Platform Release Notes for Cisco IOS Release 12.0S
OL-1617-14 Rev. Q0
Resolved Caveats—Cisco IOS Release 12.0(28)S3
1. Attacks that use ICMP “hard” error messages 2. Attacks that use ICMP “fragmentation needed
and Don’t Fragment (DF) bit set” messages, also known as Path Maximum Transmission Unit
Discovery (PMTUD) attacks 3. Attacks that use ICMP “source quench” messages
Successful attacks may cause connection resets or reduction of throughput in existing connections,
depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are
workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security
Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple
vendors whose products are potentially affected.
CSCef63272
Symptoms: A recursive static default route may not have an outgoing MPLS label, causing all
packets to be dropped.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(9) but
may also occur in other releases.
Workaround: Add a nonrecursive static route to the BGP next-hop.
CSCef67911
Symptoms: Multicast traffic stops on a PE router that is configured for mVPN.
Conditions: This symptom is observed on a Cisco 12000 series that functions as a PE router when a
default MDT switchover to the data MDT occurs.
Workaround: Clear the VRF mroutes on the affected line card by entering the clear ip mds vrf
vrf-name forwarding command.
CSCef69631
Symptoms: All line cards may reset and may not enter the “RUN” state after a software OIR or the
primary CSC occurs on a Cisco 12000 series that has 40 GB of fabric.
Conditions: This symptom is observed on a Cisco 12000 series that runs the gsr-p-mz image of an
interim release for Cisco IOS Release 12.0(30)S. However, this caveat is resolved in
Release 12.0(30)S.
Workaround: Power cycle the router.
CSCef70242
Symptoms: Low latency queueing (LLQ) and class-based weighted fair queueing (CBWFQ) may
not function for MPLS packets. The MPLS packets that conform to the bandwidth that is allocated
to these classes may be dropped.
Conditions: This symptom is observed on a Cisco 7200 series that runs Cisco IOS Release 12.2S
when MPLS packets leave an interface that has an output policy map with priority or bandwidth
commands, or both, configured within its classes. The symptom may also occur in other releases.
Workaround: There is no workaround.
CSCef70566
Symptoms: After you have configured an ACL on a router to deny a traffic stream, traffic is shaped
unexpectedly.