Asr1k RN Rel Notes

Cisco ASR 1000 Series Aggregation Services
Routers Release Notes

Published: September 3, 2013, OL-26698-16
This release notes document provides information about Cisco ASR 1000 Series Aggregation Services
Routers Release 3.7.4S.
Note
Cisco ASR 1001 Routers support the Cisco IOS XE Release 3.10aS image.
For release notes information about the Cisco ASR 1000 Series Aggregation Services Routers releases
prior to Release 3.6.0S, see Cisco IOS XE 3S Release Notes.
About Cisco ASR 1000 Series Aggregation Services Routers

Cisco ASR 1000 Series Aggregation Services Routers are Cisco routers deployed as managed service
provide routers, enterprise edge routers, and service provider edge routers. These routers use an
innovative and powerful hardware processor technology known as the Cisco QuantumFlow Processor.
Cisco ASR 1000 Series Aggregation Services Routers run the Cisco IOS XE software and introduce a
distributed software architecture that moves many operating system responsibilities out of the IOS
process. In this architecture, Cisco IOS, which was previously responsible for almost all of the internal
software processes, now runs as one of many Cisco IOS XE processes while allowing other Cisco IOS
XE processes to share responsibility for running the router.
Cisco ASR 1000 Series Aggregation Services Routers Release 3.8.0S have several new software
features. For details on the new Cisco ASR 1002-X Router, Cisco ASR 1000 Series Aggregation
Services Routers 100-Gbps Embedded Services Processor, and the new features, see the New Software
Features in Cisco ASR 1000 Series Aggregation Services Routers Release 3.8S, page 2.
New hardware support and several new software features were introduced as part of the Cisco ASR 1000
Series Aggregation Services Routers Release 3.7.1. For details on the new Cisco ASR 1002-X Router,
Cisco ASR 1000 Series Aggregation Services Routers 100-Gbps Embedded Services Processor, and the
new features, see the New and Changed Information, page 1.
The Cisco ASR 1000 Series Aggregation Services Routers consists of the following routers:
Cisco Systems, Inc.

www.cisco.com
The Cisco ASR 1001 Router is a small form factor router targeted at high-end branch offices
needing integrated services, including voice and security with high-speed connectivity (2.5 Gbps
w/optional SW license for 5 Gbps). It is designed with integrated Cisco ASR1000-RP, Cisco
ASR1000-SIP, and Cisco ASR1000-ESP, with Nitrox complex providing hardware based encryption
and decryption. Input/output options include half-height SPA, 4x1GE built-in ports, and
factory-installed integrated daughtercard (IDC) with different options.
The Cisco ASR 1002 Router is a 3-SPA, 2-rack-unit (RU) chassis with integrated Route Processor
(RP), Cisco ASR 1000 Series Aggregation Services Routers Shared Port Adapter Interface
Processor (SIP), and four Gigabit Ethernet ports built in.
The Cisco ASR 1002-F Router supports the same features and components as the Cisco ASR 1002
Router and supports 2.5 Gbps bandwidth limit with a single half height SPA. In addition, the Cisco
ASR 1002-F Router has an integrated 4x1GE built-in ports and 2.5 GB of fixed system bandwidth.
The Cisco ASR 1002-X Router is a 3-SPA, 2-RU chassis. The embedded services processor and
route processor are integrated into the chassis. There are 6 small form factor pluggable (SFP)
Gigabit Ethernet ports. The router provides a forwarding bandwidth of up to 36 Gbps.
The Cisco ASR 1004 Router is an 8-SPA, 4-RU chassis with one ESP slot, one RP slot, and two SIP
slots.
The Cisco ASR 1006 Router is a 12-SPA, 6-RU, hardware-redundant chassis with two ESP slots,
two RP slots, and three SIP slots. The platform offers RP and ESP hardware redundancy, Cisco
Nonstop Forwarding (NSF), In-Service Software Upgrade (ISSU), and future RP hardware
upgrades.
The Cisco ASR 1013 Router is a 24-SPA, 13-RU, hardware-redundant chassis with two ESP slots,
two RP slots, and six SIP slots. The platform offers full RP hardware redundancy, Cisco Nonstop
Forwarding (NSF), In-Service Software Upgrade (ISSU), and future RP hardware upgrades and
services upgrades.
For the single-RP Cisco ASR 1000 Router platforms, Cisco ASR 1001, Cisco ASR 1002, Cisco ASR
1002-F, Cisco ASR 1002-X and Cisco ASR 1004, the RP has a dual Cisco IOS software option that
allows these routers to use Cisco IOS software redundancy, Cisco high-availability features, and
Nonstop Forwarding (NSF). Single-route-processor Cisco ASR 1000 platforms do not support ISSU
upgrade or downgrade. Instead sub-package software upgrade is supported only if the router is running
in sub-package mode.
The Cisco ASR 1006 Router supports fully redundant RPs that allow for full RP hardware redundancy,
NSF, ISSU, and future RP service upgrades.
The Cisco ASR 1013 Router extends the Cisco ASR 1000 Series Routers to a chassis that can hold six
SIPs and provides superslots (more height and power) for the route processors and embedded services
processors.
Note
Software redundancy is not supported on the Cisco ASR 1006 Router and the Cisco ASR 1013 Router.
Cisco IOS XE 3S Releases and Cisco IOS Release Number Mapping
The Cisco ASR 1000 Series Aggregation Services Routers releases correspond to the Cisco IOS XE
releases. For example, Cisco IOS XE Release 3.7.0 is the software release for Cisco ASR 1000 Series
Aggregation Services Routers Release 3.7.0.
Cisco ASR 1000 Series Aggregation Services Routers Release Notes
OL-26698-16
Table 1 lists the mappings between the Cisco IOS XE 3S releases and their associated Cisco IOS
releases.
Table 1
Cisco IOS XE 3StoCisco IOS Release Number Mapping
Cisco IOS XE 3S Release
Cisco IOS Release
3.1.0S
15.0(1)S
3.1.1S
15.0(1)S1
3.1.2S
15.0(1)S2
3.1.3S
15.0(1)S3
3.1.4S
15.0(1)S4
3.1.4aS
15.0(1)S4a
3.2.0S
15.1(1)S
3.2.1S
15.1(1)S1
3.2.2S
15.1(1)S2
3.3.0S
15.1(2)S
3.3.1S
15.1(2)S1
3.3.2S
15.1(2)S2
3.4.0S
15.1(3)S
3.4.0aS
15.1(3)S0a
3.4.1S
15.1(3)S1
3.4.2S
15.1(3)S2
3.4.3S
15.1(3)S3
3.4.4S
15.1(3)S4
3.5.0S
15.2(1)S
3.5.1S
15.2(1)S1
3.5.2S
15.2(1)S2
3.6.0S
15.2(2)S
3.6.1S
15.2(2)S1
3.6.2S
15.2(2)S2
3.7.0S
15.2(4)S
3.7.1S
15.2(4)S1
3.7.2S
15.2(4)S2
3.7.3S
15.2(4)S3
3.7.4S
15.2(4)S4
3.8.0S
15.3(1)S
3.8.1S
15.3(1)S
3.8.2S
15.3(1)S2
3.9.0S
15.3(2)S
3.9.1S
15.3(2)S1

OL-26698-16
Table 1
Cisco IOS XE 3StoCisco IOS Release Number Mapping (continued)
Cisco IOS XE 3S Release
Cisco IOS Release
3.9.2S
15.3(2)S2
3.10.0
15.3(3)S
Transition from Cisco IOS XE Release 2.6 to Cisco IOS XE Release 3.1S
In July 2010, the Cisco IOS XE software moved from Cisco IOS XE Release 2.6 to Cisco IOS
XE Release 3.1S to introduce new hardware (Cisco ASR1000-ESP40, Cisco ASR1000-SIP40, and
Cisco ASR 1013 Router) and an enhanced Cisco IOS Release 15.0(1)S software that runs on improved
componentized code for Cisco IOS features.
One of the key features of the Cisco IOS XE 3.1S software was support for dual Cisco IOS software
consolidated packages in a single RP for software redundancy in the 2-RU and 4-RU chassis systems
(The dual IOS support was extended to ASR1001). The dual Cisco IOS consolidated packages can
consist of the same software consolidated packages for backup or different software consolidated
packages for resilient upgrade.
The Cisco IOS XE release numbering scheme was modified by adding the suffix S to the release number
to denote the release branch that differentiate the different products using the Cisco IOS XE release.
The underlying Cisco IOS software numbering scheme for the Cisco ASR 1000 Series Routers changed
from 12.2(33)XNx to 15.0(1)S. This change was aimed at simpler numbering for new feature releases
(the number in parenthesis) and rebuilds.
Cisco IOS Release 15S aggregates feature inheritance from Cisco IOS Release 12.2SR.The 15.x(x)Sx
releases will continue to be time-based and time-synchronized with the Cisco IOS XE releases.
The Cisco IOS XE 3S releases inherit all the Cisco IOS XE Release 2 features that were released prior
to the introduction of Cisco IOS XE Release 3.1.0S, with a few exceptions. For information about
inherited features, see Release Notes for Cisco ASR 1000 Series Aggregation Services Routers for Cisco
IOS XE Release 2.
OL-26698-16
System Requirements for Cisco ASR 1000 Series

Aggregation Services Routers
The following sections describe the system requirements for Cisco ASR 1000 Series Aggregation
Services Routers:
Software Packaging, page 1
Cisco ASR 1000 Series Aggregation Services Routers Software Package Compatibility for ISSU,
page 4
Hardware Supported, page 32
ROMmon Release Requirements, page 32
Determining the Release Number of the Installed Software, page 38
Upgrading to a New Software Release, page 43
Software Packaging
Cisco ASR 1000 Series Aggregation Services Routers run Cisco IOS XE 3S and use a software
packaging model that consists of the following components:
Consolidated packages
Individual software subpackages within a consolidated package
Optional software subpackages outside the consolidated packages
Each consolidated package contains a collection of individual software subpackages. Each individual
software subpackage is an individual software file that controls a different element or elements of the
router. Some individual subpackages may be installed per element, for example, per SPA.
Note
The subpackage functionality is intended for both upgrade and field support. However, not all
combinations of subpackages are supported.
Each individual software subpackage can be upgraded individually, or all individual software
subpackages for a specific Cisco IOS XE 3S consolidated package can be upgraded as part of a complete
Cisco IOS XE 3S consolidated package upgrade.
Cisco Systems, Inc.

www.cisco.com
Software Packaging
Importantly, IOS (the RPIOS individual software subpackage) is considered one of the individual
software subpackages that makes up the complete Cisco IOS XE 3S consolidated package.
The following are the individual software subpackages within a consolidated package:
Route Processor
RPBase: Provides the RP operating system.
RPControl: Provides the control plane processes that interface between Cisco IOS software and
the rest of the platform.

RPIOS: Provides the Cisco IOS software kernel, which is where Cisco IOS software features
are stored and run. Each consolidated image variant has a different RPIOS subpackage:
RPIOS-ipbase, RPIOS-ipbasek9, RPIOS-advipservices, RPIOS-advipservicesk9,
RPIOS-adventservices, and RPIOS-adventservicesk9.
The RPIOS-advipservices and RPIOS-adventservices subpackages are available from Cisco IOS
XE Release 2.2.1 onward. These two subpackages are not available with Cisco IOS XE Release
2.1.2 and earlier releases.
Note
RPAccess: Provides components to manage enhanced router access functionality.
ESP
ESPBase: Provides the ESP operating system and control processes, and the Cisco
QuantumFlow Processor client, driver, and ucode.
SIP
SIPBase: Provides the SIP operating system and control processes
SIPSPA: Provides the SPA drivers and the associated field-programmable device (FPD) images
(SPA FPGA images)

A Cisco IOS XE 3S consolidated package allows users to upgrade all the individual software
subpackages on a router with a single Cisco IOS XE 3S image download. The Cisco IOS XE 3S
consolidated packages that are available vary based on the RP (RP1 or RP2) installed in the system and
the Cisco IOS XE 3S release.
The following are the RP1 consolidated packages:
Cisco ASR 1000 Series Aggregation Services Routers RP1 IP BASE W/O CRYPTO
Cisco ASR 1000 Series Aggregation Services Routers RP1 IP BASE
Cisco ASR 1000 Series Aggregation Services Routers RP1 ADVANCED IP SERVICES
Cisco ASR 1000 Series Aggregation Services Routers RP1 ADVANCED IP SERVICES W/O
CRYPTO
Cisco ASR 1000 Series Aggregation Services Routers RP1 ADVANCED ENTERPRISE SERVICES
W/O CRYPTO
The following are the RP2 consolidated packages:
Cisco ASR 1000 Series Aggregation Services Routers RP2 IP BASE W/O CRYPTO
Cisco ASR 1000 Series Aggregation Services Routers RP2 IP BASE
Cisco ASR 1000 Series Aggregation Services Routers RP2 ADVANCED IP SERVICES
System Requirements for Cisco ASR 1000 Series Aggregation Services Routers
OL-26698-16
Software Packaging
Cisco ASR 1000 Series Aggregation Services Routers RP2 ADVANCED IP SERVICES W/O
CRYPTO
W/O CRYPTO
The individual software subpackages within the consolidated packages cannot be downloaded from
cisco.com; only the Cisco IOS XE S consolidated packages and optional subpackages can be
downloaded. Users who want to run the router using individual software subpackages must first
download the consolidated package from cisco.com and extract the individual software subpackages
from the consolidated package.
In addition to the individual software subpackages within a consolidated package, optional software
subpackages that are not part of a consolidated package are available. Optional software subpackages
can be downloaded separately from cisco.com; their installation is similar to the installation of an
individual software subpackage using a provisioning file. The optional subpackage must be located in
the same directory with the provisioning file and the other individual subpackage files. The optional
software subpackages that are available vary based on the RP installed in the system: RP1 or RP2:
For RP1, the optional software subpackage available is the Cisco ASR 1000 Series Aggregation
Services Routers RP1 WebEx Node (asr1000rp1-sipspawmak9.version.pkg)
For RP2, the optional software subpackage available is the Cisco ASR 1000 Series Aggregation
Services Routers RP2 WebEx Node (asr1000rp2-sipspawmak9.version.pkg)
Note
The Cisco ASR 1000 Series Aggregation Services Routers RP1 WebEx Node and Cisco ASR 1000
Series Aggregation Services Routers RP2 WebEx Node optional software subpackages are available
only from Cisco IOS XE Release 2.4.0 onward and are supported only in conjunction with a related
RP-based Cisco ASR 1000 Series Aggregation Services Routers RPx IP BASE, Cisco ASR 1000 Series
Aggregation Services Routers RPx ADVANCED IP SERVICES, or Cisco ASR 1000 Series Aggregation
Services Routers RPx ADVANCED ENTERPRISE SERVICES consolidated package. These optional
software subpackages are not supported with earlier Cisco IOS XE releases or with any of the
non-CRYPTO consolidated packages.
Note
ISSU operation on the Cisco ASR 1002 Router, Cisco ASR 1002-X Router and Cisco ASR 1004 Router
requires the router to be operating in subpackage mode.
Note
USB (or any other removable media) cannot be used to boot the system in the subpackage mode.
For more information about the advantages and disadvantages of running individual subpackages or a
complete Cisco IOS XE 3S consolidated package, and the process of extracting the individual
subpackages, see Cisco ASR 1000 Series Aggregation Services Router Software Configuration Guide at
the following location:
http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/asrswcfg.html
OL-26698-16
Cisco ASR 1000 Series Aggregation Services Routers Software Package Compatibility for ISSU
Cisco ASR 1000 Series Aggregation Services Routers Software

Package Compatibility for ISSU
Cisco IOS XE Release 3.1S is an ISSU break release. ISSU upgrade and subpackage software upgrade
from Cisco IOS XE Release 2.x to Cisco IOS XE Release 3.xS, including Release 3.1S, is not supported.
ISSU downgrade from Cisco IOS XE Release 3.xS, including Release 3.1S to Release 2.x, is not
supported either.
Support for ISSU upgrade and subpackage software upgrade has been resumed from Cisco IOS XE
Release 3.1S onward. Therefore, rebuilds and releases after Cisco IOS XE Release 3.1S will support
ISSU and software upgrade and downgrade, based on the ISSU compatibility matrix tables. For example,
ISSU upgrade and downgrade between Cisco IOS XE Release 3.1.0S (15.0(1)S) to Cisco IOS XE
Release 3.xS are supported.
For information about Cisco IOS XE 2.x releases that support ISSU and software upgrade and
downgrade, based on the ISSU compatibility matrix tables in Cisco IOS XE Release 2, see the "Cisco
IOS XE Release Compatibility Tables" section in Release Notes for Cisco ASR 1000 Series Aggregation
Services Routers for Cisco IOS XE Release 2.
Note
Cisco IOS XE software compatibility is supported only between images that are of the same type, for
example, advipservicesk9 to advipservicesk9, adventerprisek9 to adventerprisek9, and so on.
Cross-image-type upgrades or installations are not supported in the ISSU process. For example, you
cannot upgrade ipbase to advipservicesk9 or advipservices to advipservicesk9.
Fields in the ISSU Compatibility Tables

In these ISSU compatibility tables, the following information is provided:
C (SSO)
A Cisco IOS XE release stating C for all supported SSO-capable features is fully compatible for
upgrades using ISSU but not explicitly tested, even if some of the SSO-capable features are not
ISSU capable. Two different versions of the software are denoted as supporting SSO if they are able
to reach an SSO state when run simultaneously, regardless of the impact on specific features.
C&T (SSO Tested)

A Cisco IOS XE release stating C&T indicates that the two releases are fully compatible and
tested, supported as interoperable, and will retain state across a switchover. ISSU upgrades between
the releases are supported.
The tables in the following sections give the ISSU compatibility details of Cisco IOS XE software
releases from Release 3.1S onward:
ISSU Compatibility of Cisco ASR 1000 Series Aggregation Services Routers 3.1S-Based Releases,
page 5
page 7
page 9
page 11
OL-26698-16
page 13
page 16
page 18
page 20
page 22
page 24
ISSU Compatibility of Cisco ASR 1000 Series Aggregation Services Routers 3.1S-Based Releases
Table 1 describes the ISSU upgrade and downgrade compatibility of Cisco ASR 1000 Series
Aggregation Services Routers 3.1S-based releases.
Table 1
ISSU Compatibility of Cisco IOS XE 3.1S-Based Releases
Target Cisco IOS XE

Release
Deployed Cisco IOS XE Release
3.1.0S
3.1.1S
3.1.2S
3.1.3S
3.1.4S
15.0(1)S
15.0(1)S1
15.0(1)S2
15.0(1)S3
15.0(1)S4
3.1.0S
15.0(1)S
C&T
C&T
C&T
C&T
3.1.1S
15.0(1)S1
C&T
C&T
C&T
C&T
3.1.2S
15.0(1)S2
C&T
C&T
C&T
C&T
3.1.3S
15.0(1)S3
C&T
C&T
C&T
C&T
3.1.4S
15.0(1)S4
C&T
C&T
C&T
C&T
3.2.0S
15.1(1)S
C&T
C&T
C&T
C&T
3.2.1S
15.1(1)S1
C&T
C&T
3.2.2S
15.1(1)S2
C&T
C&T
3.3.0S
15.1(2)S
C&T
C&T
3.3.1S
15.1(2)S1
C&T
OL-26698-16
Table 1
ISSU Compatibility of Cisco IOS XE 3.1S-Based Releases (continued)
Target Cisco IOS XE

Release
3.1.0S
3.1.1S
3.1.2S
3.1.3S
3.1.4S
15.0(1)S
15.0(1)S1
15.0(1)S2
15.0(1)S3
15.0(1)S4
3.3.2S
15.1(2)S2
C&T
3.4.0S
15.1(3)S
3.4.1S
15.1(3)S1
3.4.2S
15.1(3)S2
3.4.3S
15.1(3)S3
3.4.4S
15.1(3)S4
3.4.5S
15.1(3)S5
3.5.0S
15.2(1)S
3.5.1S
15.2(1)S1
3.5.2S
15.2(1)S2
3.6.0S
15.2(2)S
3.6.1S
15.2(2)S1
3.6.2S
15.2(2)S2
3.7.0S
15.2(4)S
3.7.1S
15.2(4)S1
3.7.2S
15.2(4)S2
3.7.3S
15.2(4)S3
3.7.4S
15.2(4)S4
3.8.0S
15.3(1)S
OL-26698-16
Table 1
Target Cisco IOS XE

Release
3.1.0S
3.1.1S
3.1.2S
3.1.3S
3.1.4S
15.0(1)S
15.0(1)S1
15.0(1)S2
15.0(1)S3
15.0(1)S4
3.8.1S
15.3.(1)S1
3.8.2S
15.3.(1)S2
3.9.0S
15.3(2)S
3.9.1S
15.3(2)S1
3.9.2S
15.3(2)S2
3.10.0S
15.3(3)S
Aggregation Services Routers 3.2S-based releases
Table 2

Target Cisco IOS XE Release
3.2.0S
3.2.1S
3.2.2S
15.1(1)S
15.1(1)S1
15.1(1)S2
3.1.0S
15.0(1)S
C&T
3.1.1S
15.0(1)S1
C&T
3.1.2S
15.0(1)S2
C&T
C&T
3.1.3S
15.0(1)S3
C&T
C&T
C&T
3.1.4S
15.0(1)S4
C&T
3.2.0S
15.1(1)S
C&T
C&T
3.2.1S1
15.1(1)S1
C&T
C&T
OL-26698-16
Table 2

3.2.0S
3.2.1S
3.2.2S
15.1(1)S
15.1(1)S1
15.1(1)S2
3.2.2S
15.1(1)S2
C&T
C&T
3.3.0S2
15.1(2)S
C&T
C&T3
C&T
3.3.1S
15.1(2)S1
3.3.2S
15.1(2)S2
C&T
3.4.0S
15.1(3)S
C&T
3.4.1S
15.1(3)S1
C&T
3.4.2S
15.1(3)S2
C&T
3.4.3S
15.1(3)S3
C&T
3.4.4S
15.1(3)S4
C&T
3.4.5S
15.1(3)S5
C&T
3.5.1S
15.2(1)S1
3.5.2S
15.2(1)S2
3.6.0S
15.2(2)S
3.6.1S
15.2(2)S1
3.6.2S
15.2(2)S2
3.7.0S
15.2(4)S
3.7.1S
15.2(4)S1
3.7.2S
15.2(4)S2
3.7.3S
15.2(4)S3
OL-26698-16
Table 2

3.2.0S
3.2.1S
3.2.2S
15.1(1)S
15.1(1)S1
15.1(1)S2
3.7.4S
15.2(4)S4
3.8.0S
15.3(1)S
3.8.1S
15.3.(1)S1
3.8.2S
15.3.(1)S2
3.9.0S
15.3(2)S
3.9.1S
15.3(2)S1
3.9.2S
15.3(2)S2
3.10.0S
15.3(3)S
1. From Release 3.2.1, the recommended approach for installing the IPv6 Per User ACL feature is the consolidated package upgrade.
2. If the forwarding processor is running Cisco IOS XE Release 3.2.0 and the route processor is running Cisco IOS XE Release 3.3.0,
the SSH server fails during the ISSU process. In addition, broadband traffic is dropped on the standby RP while an ISSU upgrade
from Cisco IOS XE Release 3.2.0 or Release 3.2.1 to 3.3.0 is in progress. L2TPv3 traffic is lost and cannot be recovered after the
ISSU is completed. See CSCtl95778 for more information about an ISSU upgrade process from Cisco IOS XE Release 3.2.0 to
Release 3.3.0.
3. Because of the issue described in CSCtn71898, direct ISSU upgrade from Release 3.2.1 to Release 3.3.0 is not supported. The
recommended approach is to first upgrade from Release 3.2.1 to Release 3.2.2 and then upgrade to Release 3.3.0.
Table 3

3.3.0S
3.3.1S
3.3.2S
15.1(2)S
15.1(2)S1
15.1(2)S
3.1.0S
15.0(1)S
3.1.1S
15.0(1)S1
OL-26698-16
Table 3

3.3.0S
3.3.1S
3.3.2S
15.1(2)S
15.1(2)S1
15.1(2)S
3.1.2S
15.0(1)S2
C&T
3.1.3S
15.0(1)S3
C&T
3.1.4S
15.0(1)S4
C&T
C&T
3.2.0S1
15.1(1)S
C&T
3.2.1S
15.1(1)S1
C&T
3.2.2S
15.1(1)S2
C&T
C&T
3.3.0S
15.1(2)S
C&T
C&T
3.3.1S
15.1(2)S1
C&T
C&T
3.3.2S
15.1(2)S2
C&T
C&T
3.4.0S
15.1(3)S
C&T
C&T
C&T
3.4.1S
15.1(3)S1
C&T
3.4.2S
15.1(3)S2
C&T
3.4.3S
15.1(3)S3
C&T
3.4.4S
15.1(3)S4
C&T
3.4.5S
15.1(3)S5
C&T
3.5.0S
15.2(1)S
C&T
3.5.1S
15.2(1)S1
C&T
3.5.2S
15.2(1)S2
C&T
3.6.0S
15.2(2)S
10
OL-26698-16
Table 3

3.3.0S
3.3.1S
3.3.2S
15.1(2)S
15.1(2)S1
15.1(2)S
3.6.1S
15.2(2)S1
3.6.2S
15.2(2)S2
3.7.0S
15.2(4)S
3.7.1S
15.2(4)S1
3.7.2S
15.2(4)S2
3.7.3S
15.2(4)S3
3.7.4S
15.2(4)S4
3.8.0S
15.3(1)S
3.8.1S
15.3.(1)S1
3.8.2S
15.3.(1)S2
3.9.0S
15.3(2)S
3.9.1S
15.3(2)S1
3.9.2S
15.3(2)S2
3.10.0S
15.3(3)S
1. If the forwarding processor is running Cisco IOS XE Release 3.2.0 and the route processor is running Cisco IOS XE Release 3.3.0,
the SSH server fails during the ISSU process.
OL-26698-16
11
Table 4
Target Cisco IOS XE

Release
3.4.0S
3.4.1S
3.4.2S
3.4.3S
3.4.4S
3.4.5S
15.1(3)S
15.1(3)S1
15.1(3)S2
15.1(3)S3
15.1(3)S4
15.1.(3)S5
3.1.0S
15.0(1)S
3.1.1S
15.0(1)S1
3.1.2S
15.0(1)S2
3.1.3S
15.0(1)S3
3.1.4S
15.0(1)S4
3.2.0S
15.1(1)S
3.2.1S
15.1(1)S1
3.2.2S
15.1(1)S2
C&T
C&T
C&T
C&T
C&T
C&T
3.3.0S
15.1(2)S
C&T
3.3.1S
15.1(2)S1
C&T
3.3.2S
15.1(2)S2
C&T
C&T
C&T
C&T
C&T
C&T
3.4.0S
15.1(3)S
C&T
C&T
C&T
C&T
3.4.1S
15.1(3)S1
C&T
C&T
C&T
C&T
3.4.2S
15.1(3)S2
C&T
C&T
C&T
C&T
3.4.3S
15.1(3)S3
C&T
C&T
C&T
C&T
C&T
3.4.4S
15.1(3)S4
C&T
C&T
C&T
C&T
C&T
3.4.5S
15.1(3)S5
C&T
C&T
3.5.0S
15.2(1)S
C&T
C&T
C&T
3.5.1S
15.2(1)S1
C&T
12
OL-26698-16
Table 4
Target Cisco IOS XE

Release
3.4.0S
3.4.1S
3.4.2S
3.4.3S
3.4.4S
3.4.5S
15.1(3)S
15.1(3)S1
15.1(3)S2
15.1(3)S3
15.1(3)S4
15.1.(3)S5
3.5.2S
15.2(1)S2
C&T
C&T
C&T
3.6.0S
15.2(2)S
C&T
C&T
C&T
3.6.1S
15.2(2)S1
C&T
3.6.2S
15.2(2)S2
C&T
C&T
3.7.0S
15.2(4)S
3.7.1S
15.2(4)S1
3.7.2S
15.2(4)S2
3.7.3S
15.2(4)S3
3.7.4S
15.2(4)S4
3.8.0S
15.3(1)S
3.8.1S
15.3.(1)S1
3.8.2S
15.3.(1)S2
3.9.0S
15.3(2)S
3.9.1S
15.3(2)S1
3.9.2S
15.3(2)S2
3.10.0S
15.3(3)S
OL-26698-16
13
Table 5
3.5.0S
3.5.1S
3.5.2S
15.2(1)S
15.2(1)S1
15.2(1)S2
3.1.0S
15.0(1)S
3.1.1S
15.0(1)S1
3.1.2S
15.0(1)S2
3.1.3S
15.0(1)S3
3.1.4S
15.0(1)S4
3.2.0S
15.1(1)S
3.2.1S
15.1(1)S1
3.2.2S
15.1(1)S2
3.3.0S
15.1(2)S
3.3.1S
15.1(2)S1
3.3.2S
15.1(2)S2
C&T
C&T
C&T
3.4.0S
15.1(3)S
C&T
3.4.1S
15.1(3)S1
C&T
3.4.2S
15.1(3)S2
C&T
3.4.3S
15.1(3)S3
C&T
C&T
3.4.4S
15.1(3)S4
C&T
3.4.5S
15.1(3)S5
C&T
3.5.0S
15.2(1)S
C&T
C&T
3.5.1S
15.2(1)S1
C&T
C&T
14
OL-26698-16
Table 5
3.5.0S
3.5.1S
3.5.2S
15.2(1)S
15.2(1)S1
15.2(1)S2
3.5.2S
15.2(1)S2
C&T
C&T
3.6.0S
15.2(2)S
C&T1
C&T
C&T
3.6.1S
15.2(2)S1
C&T
3.6.2S
15.2(2)S2
C&T
3.7.0S
15.2(4)S
C&T
C&T
3.7.1S
15.2(4)S1
C&T
3.7.2S
15.2(4)S2
C&T
3.7.3S
15.2(4)S3
C&T
3.7.4S
15.2(4)S4
C&T
3.8.0S
15.3(1)S
3.8.1S
15.3.(1)S1
3.8.2S
15.3.(1)S2
3.9.0S
15.3(2)S
3.9.1S
15.3(2)S1
3.9.2S
15.3(2)S2
3.10.0S
15.3(3)S
1. Because of the issue described in CSCty09535, some BGP IPv4 packet loss may be observed after an ISSU upgrade from Release 3.5.0 to Release 3.6.0
on a Cisco ASR 1004 Router on which RP2 is installed.
OL-26698-16
15
Table 6
3.6.0S
3.6.1S
3.6.2S
15.2(2)S
15.2(2)S1
15.2(2)S2
3.1.0S
15.0(1)S
3.1.1S
15.0(1)S1
3.1.2S
15.0(1)S2
3.1.3S
15.0(1)S3
3.1.4S
15.0(1)S4
3.2.0S
15.1(1)S
3.2.1S
15.1(1)S1
3.2.2S
15.1(1)S2
3.3.0S
15.1(2)S
3.3.1S
15.1(2)S1
3.3.2S
15.1(2)S2
3.4.0S
15.1(3)S
3.4.1S
15.1(3)S1
C&T
3.4.2S
15.1(3)S2
C&T
3.4.3S
15.1(3)S3
C&T
3.4.4S
15.1(3)S4
C&T
C&T
3.4.5S
15.1(3)S5
C&T
16
OL-26698-16
Table 6
3.6.0S
3.6.1S
3.6.2S
15.2(2)S
15.2(2)S1
15.2(2)S2
3.5.0S
15.2(1)S
C&T
3.5.1S
C&T
C&T
C&T
C&T
3.6.0S
15.2(2)S
C&T
C&T
3.6.1S
15.2(2)S1
C&T
C&T
3.6.2S
15.2(2)S2
C&T
C&T
3.7.0S
15.2(4)S
C&T
C&T
3.7.1S
15.2(4)S1
C&T
3.7.2S
15.2(4)S2
C&T
3.7.3S
15.2(4)S3
C&T
3.7.4S
15.2(4)S4
C&T
3.8.0
15.3(1)S
C&T
C&T
3.8.1S
15.3.(1)S1
C&T
3.8.2S
15.3.(1)S2
C&T
3.9.0S
15.3(2)S
3.9.1S
15.3(2)S1
3.9.2S
15.3(2)S2
3.10.0S
15.3(3)S
15.2(1)S1
3.5.2S
15.2(1)S2
OL-26698-16
17
Table 7
3.7.0S
3.7.1S
3.7.2S
3.7.3S
3.7.4S
15.2(4)S
15.2(4)S1
15.2(4)S2
15.2(4)S3
15.2(4)S4
3.1.0S
15.0(1)S
3.1.1S
15.0(1)S1
3.1.2S
15.0(1)S2
3.1.3S
15.0(1)S3
3.1.4S
15.0(1)S4
3.2.0S
15.1(1)S
3.2.1S
15.1(1)S1
3.2.2S
15.1(1)S2
3.3.0S
15.1(2)S1
3.3.1S
15.1(2)S1
3.3.2S
15.1(2)S2
3.4.0S
15.1(3)S
3.4.1S
15.1(3)S1
3.4.2S
15.1(3)S2
3.4.3S
15.1(3)S3
OL-26698-16
18
Table 7
3.7.0S
3.7.1S
3.7.2S
3.7.3S
3.7.4S
15.2(4)S
15.2(4)S1
15.2(4)S2
15.2(4)S3
15.2(4)S4
3.4.5S
15.1(3)S5
3.5.0S
C&T
C&T
C&T
C&T
C&T
C&T
3.6.0S
15.2(2)S
C&T
3.6.1S
15.2(2)S1
3.6.2S
15.2(2)S2
C&T
C&T
C&T
C&T
C&T
3.7.0S
15.2(4)S
C&T
C&T
3.7.1S
15.2(4)S1
C&T
C&T
3.7.2S
15.2(4)S2
C&T
C&T
C&T
3.7.3S
15.2(4)S3
C&T
C&T
3.7.4S
15.2(4)S4
C&T
3.8.0S
15.3(1)S
C&T
C&T
C&T
3.8.1S
15.3.(1)S1
C&T
C&T
3.8.2S
15.3.(1)S2
C&T
C&T
3.9.0S
15.3(2)S
C&T
C&T
C&T
3.9.1S
15.3(2)S1
C&T
C&T
3.4.4S
15.1(3)S4
15.2(1)S
3.5.1S
15.2(1)S1
3.5.2S
15.2(1)S2
OL-26698-16
19
Table 7
3.7.0S
3.7.1S
3.7.2S
3.7.3S
3.7.4S
15.2(4)S
15.2(4)S1
15.2(4)S2
15.2(4)S3
15.2(4)S4
3.9.2S
15.3(2)S2
C&T
3.10.0S
15.3(3)S
C&T
Note
The output of show platform hardware qfp active feature ess state command is not working. The
output is displayed in XML format during ISSU sub-pkg downgrade from XE3.7.0 to lower releases on
Cisco ASR1000 with 4RU when the FP is running IOS XE3.7.0 image and the active RP is running
non-IOS XE 3.7.0 images. This does not impact any functionality.
Table 8
3.8.0S
3.8.1S
3.8.2S
15.3(1)S
15.3.(1)S1
15.3.(1)S2
3.1.0S
15.0(1)S
3.1.1S
15.0(1)S1
3.1.2S
15.0(1)S2
3.1.3S
15.0(1)S3
3.1.4S
15.0(1)S4
3.2.0S
15.1(1)S
3.2.1S
15.1(1)S1
3.2.2S
15.1(1)S2
20
OL-26698-16
Table 8
3.8.0S
3.8.1S
3.8.2S
15.3(1)S
15.3.(1)S1
15.3.(1)S2
3.4.5S
15.1(3)S5
3.5.0S
3.6.0S
15.2(2)S
3.6.1S
15.2(2)S1
C&T
3.6.2S
15.2(2)S2
C&T
C&T
C&T
3.7.0S
15.2(4)S
C&T
3.7.1S
15.2(4)S1
C&T
3.3.0S
15.1(2)S1
3.3.1S
15.1(2)S1
3.3.2S
15.1(2)S2
3.4.0S
15.1(3)S
3.4.1S
15.1(3)S1
3.4.2S
15.1(3)S2
3.4.3S
15.1(3)S3
3.4.4S
15.1(3)S4
15.2(1)S
3.5.1S
15.2(1)S1
3.5.2S
15.2(1)S2
OL-26698-16
21
Table 8
3.8.0S
3.8.1S
3.8.2S
15.3(1)S
15.3.(1)S1
15.3.(1)S2
3.7.2S
15.2(4)S2
C&T
C&T
3.7.3S
15.2(4)S3
C&T
3.7.4S
15.2(4)S4
C&T
3.8.0S
15.3(1)S
C&T
C&T
3.8.1S
15.3.(1)S1
C&T
C&T
3.8.2S
15.3.(1)S2
C&T
C&T
3.9.0S
15.3(2)S
C&T
C&T
C&T
3.9.1S
15.3(2)S1
C&T
3.9.2S
15.3(2)S2
C&T
3.10.0S
15.3(3)S
C&T
C&T
Table 9

3.9.0S
3.9.1S
3.9.2S
15.3(2)S
15.3(2)S1
15.3(2)S2
3.1.0S
15.0(1)S
3.1.1S
15.0(1)S1
3.1.2S
15.0(1)S2
3.1.3S
15.0(1)S3
22
OL-26698-16
Table 9

3.9.0S
3.9.1S
3.9.2S
15.3(2)S
15.3(2)S1
15.3(2)S2
3.1.4S
15.0(1)S4
3.2.0S
15.1(1)S
3.2.1S
15.1(1)S1
3.2.2S
15.1(1)S2
3.3.0S
15.1(2)S1
3.3.1S
15.1(2)S1
3.3.2S
15.1(2)S2
3.4.0S
15.1(3)S
3.4.1S
15.1(3)S1
3.4.2S
15.1(3)S2
3.4.3S
15.1(3)S3
3.4.4S
15.1(3)S4
3.4.5S
15.1(3)S5
3.5.0S
15.2(1)S
3.5.1S
15.2(1)S1
3.5.2S
15.2(1)S2
3.6.0S
15.2(2)S
3.6.1S
15.2(2)S1
3.6.2S
15.2(2)S2
OL-26698-16
23
Table 9

3.9.0S
3.9.1S
3.9.2S
15.3(2)S
15.3(2)S1
15.3(2)S2
3.7.0S
15.2(4)S
3.7.1S
15.2(4)S1
C&T
3.7.2S
15.2(4)S2
C&T
3.7.3S
15.2(4)S3
C&T
C&T
3.7.4S
15.2(4)S4
C&T
C&T
3.8.0S
15.3(1)S
C&T
3.8.1S
15.3.(1)S1
C&T
3.8.2S
15.3.(1)S2
C&T
C&T
C&T
3.9.0S
15.3(2)S
C&T
C&T
3.9.1S
15.3(2)S1
C&T
C&T
3.9.2S
15.3(2)S2
C&T
C&T
3.10.0S
15.3(3)S
C&T
C&T
C&T
Table 10
3.10.0S
15.3(3)S
3.1.0S
15.0(1)S
3.1.1S
15.0(1)S1
24
OL-26698-16
3.10.0S
15.3(3)S
3.1.2S
15.0(1)S2
3.1.3S
15.0(1)S3
3.1.4S
15.0(1)S4
3.2.0S
15.1(1)S
3.2.1S
15.1(1)S1
3.2.2S
15.1(1)S2
3.3.0S
15.1(2)S1
3.3.1S
15.1(2)S1
3.3.2S
15.1(2)S2
3.4.0S
15.1(3)S
3.4.1S
15.1(3)S1
3.4.2S
15.1(3)S2
3.4.3S
15.1(3)S3
3.4.4S
15.1(3)S4
3.4.5S
15.1(3)S5
3.5.0S
15.2(1)S
3.5.1S
15.2(1)S1
3.5.2S
15.2(1)S2
3.6.0S
15.2(2)S
3.6.1S
15.2(2)S1
OL-26698-16
25
3.10.0S
15.3(3)S
3.6.2S
15.2(2)S2
3.7.0S
15.2(4)S
3.7.1S
15.2(4)S1
3.7.2S
15.2(4)S2
3.7.3S
15.2(4)S3
3.7.4S
15.2(4)S4
3.8.0S
15.3(1)S
3.8.1S
15.3.(1)S1
C&T
3.8.2S
15.3.(1)S2
C&T
3.9.0S
15.3(2)S
C&T
3.9.1S
15.3(2)S1
C&T
3.9.2S
15.3(2)S2
C&T
3.10.0S
15.3(3)S
26
OL-26698-16
RP Memory Recommendations
The Cisco IOS XE 3S images and packages that are available vary based on the RP (either RP1 or RP2)
installed in the system:
Table 11 describes the RP1 consolidated package images, their individual software subpackage
contents, and their memory recommendations.
Table 12 describes the RP1 optional subpackage images and their memory recommendations.
Table 13 describes the RP2 consolidated package images, their individual software subpackage
contents, and their memory recommendations.
Table 14 describes the RP2 optional subpackage images and their memory recommendations.
Each Cisco IOS XE 3S image also contains two provisioning files:

asr1000rpx-packages.image.version.conf and packages.conf. A provisioning file is used for booting only
in scenarios where individual modules are extracted from the Cisco IOS XE 3.1S image and then used
to run the router. Any one of the provisioning files can be used.
Table 11
Platforms
RP1 Memory Recommendations for the Cisco ASR 1000 Series Aggregation Services Routers Consolidated
Package Images
Image Name
Cisco ASR 1002 Cisco

Router
ASR 1000
Software Image
Individual Subpackage Contents
asr1000rp1-ipbase.version.bin
asr1000rp1-rpbase.version.pkg
asr1000rp1-rpcontrol.version.pkg
Cisco ASR 1004 Series RP1 IP

BASE W/O
Router
Cisco ASR 1006
Router
asr1000rp1-rpaccess.version.pkg
CRYPTO
asr1000rp1-rpios-ipbase.version.pkg
asr1000rp1-espbase.version.pkg
asr1000rp1-sipbase.version.pkg
DRAM
Memory
4 GB (for
Cisco ASR
1002 Router)
24 GB (for
Cisco ASR
1004 and
Cisco ASR
1006 routers)
asr1000rp1-sipspa.version.pkg
asr1000rp1-packages-ipbase.version.
conf
packages.conf
Router
ASR 1000
BASE
Router
Cisco ASR 1006
Router
asr1000rp1-ipbasek9.version.bin
4 GB (for
Cisco ASR
1002 Router)
24 GB (for
asr1000rp1-rpios-ipbasek9.version.pk Cisco ASR
1004 and
g
Cisco ASR
1006 routers)
asr1000rp1-packages-ipbasek9.versio
n.conf
packages.conf
OL-26698-16
27
Table 11
Package Images (continued)
Platforms
Image Name

Router
ASR 1000
Software Image
asr1000rp1-advipservices.version.
bin
Cisco ASR 1004 Series RP1

ADVANCED
Router
IP SERVICES
asr1000rp1-rpios-advipservices.
version.pkg
Cisco ASR 1006

W/O CRYPTO
Router
DRAM
Memory
4 GB (for
Cisco ASR
1002 Router)
24 GB (for
Cisco ASR
1004 and
Cisco ASR
1006 routers)
asr1000rp1-packages-advipservices.
version.conf
packages.conf
Router
ASR 1000
ADVANCED
Router
Cisco ASR 1006
Router
IP SERVICES
asr1000rp1-advipservicesk9.versio
n.bin
4 GB (for
Cisco ASR
1002 Router)
24 GB (for
asr1000rp1-rpios-ipbasek9.version.pk Cisco ASR
g
1004 and
Cisco ASR
1006 routers)
asr1000rp1-packages-advipservicesk
9.
version.conf
packages.conf

Router
ASR 1000
ADVANCED
Router
ENTERPRISE
Cisco ASR 1006
SERVICES
Router
W/O CRYPTO
asr1000rp1-adventservices.version. asr1000rp1-rpbase.version.pkg
bin
asr1000rp1-rpios-adventservices.
version.pkg
4 GB (for
Cisco ASR
1002 Router)
24 GB (for
Cisco ASR
1004 and
Cisco ASR
1006 routers)
asr1000rp1-packages-adventservices.
version.conf
packages.conf
28
OL-26698-16
Table 11
Platforms
Image Name

Router
ASR 1000
Software Image
asr1000rp1-adventservicesk9.versi
on.bin

ADVANCED
Router
ENTERPRISE
asr1000rp1-rpios-adventservicesk9.
version.pkg
Cisco ASR 1006

SERVICES
Router
DRAM
Memory
4 GB (for
Cisco ASR
1002 Router)
24 GB (for
Cisco ASR
1004 and
Cisco ASR
1006 routers)
asr1000rp1-packages-adventservicesk
9.
version.conf
packages.conf
Table 12
Platforms
RP1 Memory Recommendations for the Cisco ASR 1000 Series Routers Optional Subpackage Image
Image Name
Cisco ASR 1002 Cisco ASR 1000 Series Aggregation Services

Router
Routers RP1 WebEx Node1
Software Image
Flash
Memory
asr1000rp1-sipspawmak9.version.XND.pkg
100 MB
Cisco ASR 1004

Router
Cisco ASR 1006
Router
1. The Cisco ASR 1000 Series Aggregation Services Routers RP1 WebEx Node (asr1000rp1-sipspawmak9.version.pkg) optional software subpackage is
available only from Cisco IOS XE Release 2.4.0 and is supported only in conjunction with the Cisco ASR 1000 Series Aggregation Services Routers RP1
IP BASE, Cisco ASR 1000 Series Aggregation Services Routers RP1 ADVANCED IP SERVICES, or Cisco ASR 1000 Series Aggregation Services
Routers RP1 ADVANCED ENTERPRISE SERVICES consolidated package. This subpackage is not supported in Cisco IOS XE releases prior to Release
2.4.0 or with any of the non-CRYPTO consolidated packages.
Note
RP2 images are available from Cisco IOS XE Release 2.3.0.
OL-26698-16
29
Table 13
Package Images
Platforms
Image Name

Router
ASR 1000
Software Image
asr1000rp2-ipbase.version.bin

BASE W/O
Router
Cisco ASR 1013
Router
CRYPTO
asr1000rp2-rpios-ipbase.version.pkg
DRAM
Memory
816 GB (for
Cisco ASR
1004 Router,
Cisco ASR
1006 Router,
and Cisco
ASR 1013
Router)
asr1000rp2-packages-ipbase.version.
conf
packages.conf
Router
ASR 1000
asr1000rp2-ipbasek9.version.bin

BASE
Router
asr1000rp2-rpios-ipbasek9.version.
pkg
Cisco ASR 1013

Router
816 GB (for
Cisco ASR
1004 Router,
Cisco ASR
1006 Router,
and Cisco
ASR 1013
Router)
asr1000rp2-packages-ipbasek9.versio
n.conf
packages.conf
Router
ASR 1000
ADVANCED
Router
IP SERVICES
Cisco ASR 1013

W/O CRYPTO
Router
asr1000rp2-advipservices.version.
bin
asr1000rp2-rpios-advipservices.
version.pkg
816 GB (for
Cisco ASR
1004 Router,
Cisco ASR
1006 Router,
and Cisco
ASR 1013
Router)
asr1000rp2-packages-advipservices.
version.conf
packages.conf
30
OL-26698-16
Table 13
Platforms
Image Name

Router
ASR 1000
Software Image
asr1000rp2-advipservicesk9.
version.bin

ADVANCED
Router
Cisco ASR 1013
Router
IP SERVICES
asr1000rp2-rpios-advipservicesk9.
version.pkg
DRAM
Memory
816 GB (for
Cisco ASR
1004 Router,
Cisco ASR
1006 Router,
and Cisco
ASR 1013
Router)
asr1000rp2-packages-advipservicesk
9.
version.conf
packages.conf
Router
ASR 1000
ADVANCED
Router
asr1000rp2-adventservices.version. asr1000rp2-rpbase.version.pkg
bin
ENTERPRISE
asr1000rp2-rpios-adventservices.
version.pkg
Cisco ASR 1013

SERVICES
Router
W/O CRYPTO
816 GB (for
Cisco ASR
1004 Router,
Cisco ASR
1006 Router,
and Cisco
ASR 1013
Router)
asr1000rp2-packages-adventservices.
version.conf
packages.conf
Router
ASR 1000
ADVANCED
Router
ENTERPRISE
Cisco ASR 1013
SERVICES
Router
asr1000rp2-adventservicesk9.
version.bin
asr1000rp2-rpios-adventservicesk9.
version.pkg
816 GB (for
Cisco ASR
1004 Router,
Cisco ASR
1006 Router,
and Cisco
ASR 1013
Router)
asr1000rp2-packages-adventservicesk
9.
version.conf
packages.conf
OL-26698-16
31
Hardware Supported
Table 14
RP2 Memory Recommendations for the Cisco ASR 1000 Series Routers Optional Subpackage Image
Platforms
Image Name
Cisco ASR 1004 Cisco ASR 1000 Series Aggregation Services

Router
Routers RP2 WebEx Node1
Software Image
Flash
Memory
asr1000rp2-sipspawmak9.version.XND.pkg
100 MB
Cisco ASR 1006

Router
Cisco ASR 1013
Router
1. The Cisco ASR 1000 Series Aggregation Services Routers RP2 WebEx Node (asr1000rp1-sipspawmak9.version.pkg) optional software subpackage is
available only from Cisco IOS XE Release 2.4.0 and is supported only in conjunction with the Cisco ASR 1000 Series Aggregation Services Routers RP2
IP BASE, Cisco ASR 1000 Series Aggregation Services Routers RP2 ADVANCED IP SERVICES, or Cisco ASR 1000 Series Aggregation Services
Routers RP2 ADVANCED ENTERPRISE SERVICES consolidated package. This subpackage is not supported in Cisco IOS XE releases prior to Release
2.4.0 or in any of the non-CRYPTO consolidated packages.
Hardware Supported
Cisco IOS XE 3S releases support the following Cisco ASR 1000 Series Routers:
Cisco ASR 1001 Router
Cisco ASR 1002-F Router
Cisco ASR 1002-X Router
ROMmon Release Requirements

Table 15 provides information about the field-replaceable units (FRUs) of the Cisco ASR 1000 Series
Aggregation Services Routers supported by each ROMmon release.
Table 15
FRU Support by ROMmon Release
FRU
ROMmon Release
XN
XN1 XN2 XNB XNC XNC0 XND
15.0 15.2 15.2 15.2 15.3 15.3 15.3

(1r) (1r) (4r) (4r) (1r) (3r) (3r)
XND1 S
S
S
S1
S
S
S1
ASR1000 RP1
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes Yes Yes
Yes
Yes
Yes
ASR1002 RP1
Yes
Yes
Yes
Yes
Yes
Yes Yes Yes
Yes
Yes
Yes
ASR1000 RP2
Yes
Yes
Yes Yes Yes
Yes
Yes
Yes
ASR1001
Yes Yes Yes
Yes
Yes
Yes
ASR1002-X
Yes
Yes
Yes
32
OL-26698-16
Table 15
FRU Support by ROMmon Release (continued)
FRU
ROMmon Release
XN
XN1 XN2 XNB XNC XNC0 XND
15.0 15.2 15.2 15.2 15.3 15.3 15.3

(1r) (1r) (4r) (4r) (1r) (3r) (3r)
XND1 S
S
S
S1
S
S
S1
ASR1000-ESP5
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes Yes Yes
Yes
Yes
Yes
ASR1000-ESP10
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes Yes Yes
Yes
Yes
Yes
ASR1000-ESP20
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes Yes Yes
Yes
Yes
Yes
ASR1000-ESP40
Yes Yes Yes
Yes
Yes
Yes
ASR1000-ESP100
Yes
Yes
Yes
Yes
ASR1000-ESP200
Yes
Yes
ASR1000-SIP10
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
ASR1000-SIP40
Yes Yes Yes
Yes
Yes
Yes
ASR 1000 Fixed

Ethernet Line
Card
Yes Yes
OL-26698-16
33
Table 16 lists the minimum ROMmon release supported by each FRU, for each Cisco IOS XE release.
Table 16
Cisco
IOS XE
Release
Minimum ROMmon Release Supported by Each FRU
FRU
ASR
1000
ESP
100
ASR
1000
ESP
200
ASR
1000
Fixed
Ethernet ASR
Line
1000Card
SIP10
ASR
1000SIP40
ASR
1000
RP1
ASR
1002
RP1
ASR
1000
RP2
ASR
1001
ASR
1002
-X
ASR
1000ESP5
ASR
1000
ASR
ASR
1000- 1000- ESP
ESP10 ESP20 40
2.0.x
XNC
XNC
XNC
2.1.x
XNC
XNC
XNC
XNC
XNC
2.2.0
XNC
XNC
XNC
XNC
XNC
2.2.1
XNC
XNC
XNC
XNC
XNC
XNC
2.2.2
XNC
XNC
XNC
XNC
XNC
XNC
2.3.0
XNC
XNC
XNC0
XNC
XNC
XNC
XNC
2.3.1
XNC
XNC
XNC0
XNC
XNC
XNC
XNC
2.3.2
XNC
XNC
XNC0
XNC
XNC
XNC
XNC
2.4.x
XND1 XND1 XND
XNC
XNC
XNC
XNC
2.5.x
XND1 XND1 XND
XNC
XNC
XNC
XNC
2.6.x
XND1 XND1 XND
XNC
XNC
XNC
XNC
3.1.x
XND1 XND1 XND
XNC
XNC
XNC
15.0
(1r)
S
XNC
3.2.x
XND1 XND1 XND
15.0
(1r)
S
XNC
XNC
XNC
15.0
(1r)
S
XNC
15.0(1r)S
3.3.x
XND1 XND1 XND
15.0
(1r)
S
XNC
XNC
XNC
15.0
(1r)
S
XNC
15.0(1r)S
3.4.x
XND1 XND1 XND
15.0
(1r)
S
XNC
XNC
XNC
15.0
(1r)
S
XNC
15.0(1r)S
3.5.x
XND1 XND1 XND
15.0
(1r)
S
XNC
XNC
XNC
15.0
(1r)
S
XNC
15.0(1r)S
3.6.x
XND1 XND1 XND
15.0
(1r)
S
XNC
XNC
XNC
15.0
(1r)
S
XNC
15.0(1r)S
3.7.x
XND1 XND1 XND
15.0
(1r)
S
15.3
(1r)
S
XNC
XNC
XNC
15.0 15.3
(1r) (1r)
S
S
XNC
15.0(1r)S
34
OL-26698-16
Table 16
Cisco
IOS XE
Release
Minimum ROMmon Release Supported by Each FRU (continued)
FRU
ASR
1000
ESP
100
ASR
1000
ESP
200
ASR
1000
Fixed
Ethernet ASR
Line
1000Card
SIP10
ASR
1000SIP40
ASR
1001
ASR
1002
-X
ASR
1000ESP5
ASR
1000
ASR
ASR
1000- 1000- ESP
ESP10 ESP20 40
3.8.x
XND1 XND1 15.2(1r) 15.0

S
(1r)
S
15.3
(1r)
S
XNC
XNC
XNC
15.0 15.3
(1r) (1r)
S
S
XNC
15.0(1r)S
3.9.x
XND1 XND1 15.2(1r) 15.0

S
(1r)
S
15.3
(1r)
S
XNC
XNC
XNC
15.0 15.3
(1r) (1r)
S
S
XNC
15.0(1r)S
3.10.x
XND1 XND1 15.2(1r) 15.0

S
(1r)
S
15.3
(1r)
S
XNC
XNC
XNC
15.0 15.3 15.3 15.3(3r) XNC

(1r) (1r) (1r) S1
S
S
S
15.0(1r)S
ASR
1000
RP1
ASR
1002
RP1
ASR
1000
RP2
Table 17 lists the recommended ROMmon release for each FRU, for each Cisco IOS XE release.
Table 17
Recommended ROMmon Release for Each FRU
Cisco
FRU
IOS XE
Release
ASR
1000
-ESP
10
ASR
1000
-ESP
20
ASR
1000
-ESP
40
ASR
1000
-ESP
100
ASR
1000
-ESP
200
ASR 1000
Fixed
Ethernet
Line Card
ASR1000- ASR1000
SIP10
-SIP40
ASR1000
RP1
ASR1002
RP1
ASR
ASR ASR ASR 1000
1000 1001 1002 -ESP
5
RP2
-X
2.0.x
XNC
15.3 15.3
(3r) (3r)
S
S
15.3(3r)S
2.1.x
XNC
XNC
15.3 15.3
(3r) (3r)
S
S
15.3(3r)S
2.2.0
XNC
XNC
15.3 15.3
(3r) (3r)
S
S
15.3(3r)S
2.2.1
XNC
XNC
15.3 15.3 15.3

(3r) (3r) (3r)
S
S
S
15.3(3r)S
2.2.2
XNC
XNC
15.3 15.3 15.3

(3r) (3r) (3r)
S
S
S
15.3(3r)S
OL-26698-16
35
Table 17
Recommended ROMmon Release for Each FRU (continued)
Cisco
FRU
IOS XE
Release
ASR
ASR ASR ASR 1000
1000 1001 1002 -ESP
5
RP2
-X
ASR
1000
-ESP
10
ASR
1000
-ESP
20
ASR
1000
-ESP
40
ASR
1000
-ESP
100
ASR
1000
-ESP
200
ASR 1000
Fixed
Ethernet
Line Card
ASR1000- ASR1000
SIP10
-SIP40
ASR1000
RP1
ASR1002
RP1
2.3.0
XNC1
XNC
15.2
(1r)
S
15.3 15.3 15.3

(3r) (3r) (3r)
S
S
S
15.3(3r)S
2.3.1
XNC
XNC
15.2
(1r)
S
15.3 15.3 15.3

(3r) (3r) (3r)
S
S
S
15.3(3r)S
2.3.2
15.3(3r)S 15.3(3r)S 15.2

(1r)
S
15.3 15.3 15.3

(3r) (3r) (3r)
S
S
S
15.3(3r)S
2.4.x
15.3(3r)S 15.3(3r)S 15.2

(1r)
S
15.3 15.3 15.3

(3r) (3r) (3r)
S
S
S
15.3(3r)S
2.5.x
15.3(3r)S 15.3(3r)S 15.2

(1r)
S
15.3 15.3 15.3

(3r) (3r) (3r)
S
S
S
15.3(3r)S
2.6.x
15.3(3r)S 15.3(3r)S 15.2

(1r)
S
15.3 15.3 15.3

(3r) (3r) (3r)
S
S
S
15.3(3r)S
3.1.x
15.3(3r)S 15.3(3r)S 15.2

(1r)
S
15.3 15.3 15.3 15.2

(3r) (3r) (3r) (1r)
S
S
S
S
15.3(3r)S
3.2.x
15.3(3r)S 15.3(3r)S 15.2 15.2

(1r) (1r)
S
S
15.3 15.3 15.3 15.2

(3r) (3r) (3r) (1r)
S
S
S
S
15.3(3r)S 15.3(3r)
S
3.3.x
15.3(3r)S 15.3(3r)S 15.2 15.2

(1r) (1r)
S
S
15.3 15.3 15.3 15.2

(3r) (3r) (3r) (1r)
S
S
S
S
15.3(3r)S 15.3(3r)
S
3.4.x
15.3(3r)S 15.3(3r)S 15.2 15.2

(1r) (1r)
S
S
15.3 15.3 15.3 15.2

(3r) (3r) (3r) (1r)
S
S
S
S
15.3(3r)S 15.3(3r)
S
3.5.x
15.2(1r)S 15.3(1r)S 15.2 15.2

(1r) (1r)
S
S
15.3 15.3 15.3 15.2

(3r) (3r) (3r) (1r)
S
S
S
S
15.3(3r)S 15.3(3r)
S
3.6.x
15.3(3r)S 15.3(3r)S 15.2 15.2

(1r) (1r)
S
S
15.3 15.3 15.3 15.2

(3r) (3r) (3r) (1r)
S
S
S
S
15.3(3r)S 15.3(3r)
S
3.7.x
15.3(3r)S 15.3(3r)S 15.2 15.2 15.3 15.3 15.3 15.3 15.2 15.3
(1r) (1r) (1r) (3r) (3r) (3r) (1r) (1r)
S
S
S
S
S
S
S
S
15.3(3r)S 15.3(3r)
S
36
OL-26698-16
Table 17
Recommended ROMmon Release for Each FRU (continued)
Cisco
FRU
IOS XE
Release
ASR1002
RP1
ASR
ASR ASR ASR 1000
1000 1001 1002 -ESP
5
RP2
-X
ASR
1000
-ESP
10
ASR
1000
-ESP
20
ASR
1000
-ESP
40
ASR
1000
-ESP
100
ASR
1000
-ESP
200
ASR 1000
Fixed
Ethernet
Line Card
ASR1000- ASR1000
SIP10
-SIP40
ASR1000
RP1
3.8.x
15.3(3r)S 15.3(3r)S 15.2 15.2 15.3 15.3 15.3 15.3 15.2 15.3
(1r) (1r) (1r) (3r) (3r) (3r) (1r) (1r)
S
S
S
S
S
S
S
S
15.3(3r)S 15.3(3r)
S
3.9.x
15.3(3r)S 15.3(3r)S 15.2 15.2 15.3 15.3 15.3 15.3 15.2 15.3
(1r) (1r) (1r) (3r) (3r) (3r) (1r) (1r)
S
S
S
S
S
S
S
S
15.3(3r)S 15.3(3r)
S
3.10.x
15.3(3r)S 15.3(3r)S 15.2 15.2 15.3 15.3 15.3 15.3 15.2 15.3
(1r) (1r) (1r) (3r) (3r) (3r) (1r) (1r)
S
S
S
S
S
S
S
S
15.3
(1r)
S
15.3(3r)S1 15.3(3r)S 15.3(3r)

S
1. For Cisco IOS XE Release 2.3.0d and Release 2.3.0e, ROMmon Release 15.2(1r)S is the recommended release.
OL-26698-16
37
Determining the Release Number of the Installed Software

This section provides information about determining the release number of the installed software.
Determining the Version of the Consolidated Package

To determine the version of the Cisco IOS XE Software (consolidated package) running on your router,
log in to the router and enter the show version EXEC command.
The following is sample output of the show version command. The actual output displayed when you
run the command will vary depending on the version of the product that you are using.
Router# show version
Cisco IOS Software, IOS-XE Software (X86_64_LINUX_IOSD-ADVENTERPRISEK9-M), Version
15.2(1)S, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Sun 27-Nov-11 21:19 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2011 by cisco Systems, Inc.

All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON

Router uptime is 1 minute
Uptime for this control processor is 3 minutes
System returned to ROM by reload
System restarted at 22:07:05 UTC Sun Nov 27 2011
System image file is "tftp:/auto/tftp-smoke2/mcpdt-rp2-14/vmlinux"
Last reload reason: PowerOn
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco ASR1006 (RP2) processor with 4252282K/6147K bytes of memory.
5 Gigabit Ethernet interfaces
2 Channelized T3 ports
32768K bytes of non-volatile configuration memory.
38
OL-26698-16
8388608K bytes of physical memory.

1925119K bytes of eUSB flash at bootflash:.
78085207K bytes of SATA hard disk at harddisk:.
Configuration register is 0x2102
Determining the Version of the Individual Subpackages

To determine the version of the individual subpackages running on your router, log in to the router and
enter the show version installed command in the User EXEC, Privileged EXEC, or Diagnostic mode.
The following is sample output of the show version installed command. The actual output displayed
when you run the command will vary depending on the version of the product that you are using.
Router# show version installed
Package: Provisioning File, version: n/a, status: active
File: consolidated:packages.conf, on: RP0
Built: n/a, by: n/a
File SHA1 checksum: 96de495067ade7bb7e17f833fb3e4136addff0a7
Package: rpbase, version: 03.05.00.S.152-1.S, status: active
File: consolidated:asr1000rp2-rpbase.03.05.00.S.152-1.S.pkg, on: RP0
Built: 2011-11-27_15.35, by: mcpre
File SHA1 checksum: aadf1bfa5ff97720c3eeaed32e4d9941e54b0ea8
Package: rpcontrol, version: 03.05.00.S.152-1.S, status: active
File: consolidated:asr1000rp2-rpcontrol.03.05.00.S.152-1.S.pkg, on: RP0/0
Built: 2011-11-27_15.35, by: mcpre
File SHA1 checksum: 57f1f2c5536098d761d228d3a4d5031bf1f885fb
Package: rpios-adventerprisek9, version: 03.05.00.S.152-1.S, status: active
File: consolidated:asr1000rp2-rpios-adventerprisek9.03.05.00.S.152-1.S.pkg, on: RP0/0
Built: 2011-11-27_15.41, by: mcpre
File SHA1 checksum: 632836be203f1f5a94d7cbb4eb042890649d5b0d
Package: rpaccess, version: 03.05.00.S.152-1.S, status: active
File: consolidated:asr1000rp2-rpaccess.03.05.00.S.152-1.S.pkg, on: RP0/0
Built: 2011-11-27_15.35, by: mcpre
File SHA1 checksum: adc4045026a793a1523431f10860b6bf1fa1fb2c
Package: rpcontrol, version: 03.05.00.S.152-1.S, status: n/a
Built: 2011-11-27_15.35, by: mcpre
Package: rpios-adventerprisek9, version: 03.05.00.S.152-1.S, status: n/a
Built: 2011-11-27_15.41, by: mcpre
Package: rpaccess, version: 03.05.00.S.152-1.S, status: n/a
Built: 2011-11-27_15.35, by: mcpre
Package: rpbase, version: 03.05.00.S.152-1.S, status: n/a
File: consolidated:asr1000rp2-rpbase.03.05.00.S.152-1.S.pkg, on: RP1
Built: 2011-11-27_15.35, by: mcpre
File SHA1 checksum: aadf1bfa5ff97720c3eeaed32e4d9941e54b0ea8
OL-26698-16
39

Built: 2011-11-27_15.35, by: mcpre
Built: 2011-11-27_15.41, by: mcpre
Built: 2011-11-27_15.35, by: mcpre
Built: 2011-11-27_15.35, by: mcpre
Built: 2011-11-27_15.41, by: mcpre
Built: 2011-11-27_15.35, by: mcpre
Package: espbase, version: 03.05.00.S.152-1.S, status: active
File: consolidated:asr1000rp2-espbase.03.05.00.S.152-1.S.pkg, on: ESP0
Built: 2011-11-27_15.14, by: mcpre
File SHA1 checksum: 6867ebbf53d4e17b88c45859175ad70891c49f05
Package: espx86base, version: 03.05.00.S.152-1.S, status: inactive
File: consolidated:asr1000rp2-espx86base.03.05.00.S.152-1.S.pkg, on: ESP0
Built: 2011-11-27_15.35, by: mcpre
File SHA1 checksum: 6d11715ea722191f6d5e8bec077512fd22c473ae
Package: espbase, version: 03.05.00.S.152-1.S, status: active
File: consolidated:asr1000rp2-espbase.03.05.00.S.152-1.S.pkg, on: ESP1
Built: 2011-11-27_15.14, by: mcpre
File SHA1 checksum: 6867ebbf53d4e17b88c45859175ad70891c49f05
Package: espx86base, version: 03.05.00.S.152-1.S, status: inactive
File: consolidated:asr1000rp2-espx86base.03.05.00.S.152-1.S.pkg, on: ESP1
Built: 2011-11-27_15.35, by: mcpre
File SHA1 checksum: 6d11715ea722191f6d5e8bec077512fd22c473ae
Package: sipbase, version: 03.05.00.S.152-1.S, status: active
File: consolidated:asr1000rp2-sipbase.03.05.00.S.152-1.S.pkg, on: SIP0
Built: 2011-11-27_15.14, by: mcpre
File SHA1 checksum: 216029d6fb614f3b65225015008d25e70b513169
Package: sipspa, version: 03.05.00.S.152-1.S, status: n/a
File: consolidated:asr1000rp2-sipspa.03.05.00.S.152-1.S.pkg, on: SIP0/0
Built: 2011-11-27_15.14, by: mcpre
File SHA1 checksum: 58250807ef37ef9da6c3952babce9a9a5b5e29b5
Built: 2011-11-27_15.14, by: mcpre
40
OL-26698-16
Package: sipspa, version: 03.05.00.S.152-1.S, status: active

Built: 2011-11-27_15.14, by: mcpre
Package: sipspa, version: 03.05.00.S.152-1.S, status: active
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Package: sipbase, version: 03.05.00.S.152-1.S, status: n/a
Built: 2011-11-27_15.14, by: mcpre
OL-26698-16
41

Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
Built: 2011-11-27_15.14, by: mcpre
42
OL-26698-16
Upgrading to a New Software Release

Built: 2011-11-27_15.14, by: mcpre

Only Cisco IOS XE 3S consolidated packages can be downloaded from cisco.com; users who want to
run a router using individual subpackages must first download the image from cisco.com and extract the
individual subpackages from the consolidated package.
For information about upgrading to a new software release, see Cisco ASR 1000 Series Aggregation
Services Router Software Configuration Guide at the following location:
http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/asrswcfg.html
OL-26698-16
43
44
OL-26698-16
Limitations and Restrictions in Cisco ASR 1000

Series Aggregation Services Routers
This following section describes limitations and restrictions pertaining to Cisco ASR 1000 Series
Aggregation Services Routers:
Note
Limitations and Restrictions in Release 3.10.0, page 1
For information about limitations and restrictions pertaining to releases prior to Release 3.6.0, see Cisco
IOS XE 3S Release Notes.
Limitations and Restrictions in Release 3.10.0

There are no new limitations or restrictions in Release 3.10.0.


Cisco Systems, Inc.

www.cisco.com

General Limitations
RF billing and Lawful Interception do not work together.

DMVPN Limitations
Cisco ASR 1000 devices does not support the ip nhrp server-only command used to configure an
interface to operate in Next Hop Resolution Protocol (NHRP) server-only mode.
In a phase 2 deployment, NHRP server-only mode configured on one spoke stops all traffic from the
configured spoke to other spokes.
In a phase 3 deployment, NHRP server-only mode configured on one spoke stops the shortcut tunnel
from the configured spoke to other spokes and consequently all traffic from the configured spoke to other
spokes have to be forwarded by Hub.
We recommend that you do not use the ip nhrp server-only command on Cisco ASR 1000 devices.
MPLS over IPv6 GRE Tunnel is not supported
The mpls ip command can be configured on the IPv6 GRE Tunnel, but it does not take effect.

Limitations and Restrictions in Cisco ASR 1000 Series Aggregation Services Routers
OL-26698-16
New Features in and Important Notes About

Routers Release 3.10S
This chapter provides information about the new features introduced in Cisco ASR 1000 Series
Aggregation Services Routers Release 3.10S. In addition, important notes about this release are also
included.
This chapter contains the following sections:
New and Changed Information, page 3
Important Notes, page 18
New and Changed Information

The following sections list the new hardware and software features that are supported by the
Cisco ASR 1000 Series Routers for Cisco IOS XE Release 3.10S:
New Software Features in Cisco ASR 1000 Series Aggregation Services Routers Release 3.10.0S,
page 3
New Software Features in Cisco ASR 1000 Series Aggregation Services

Routers Release 3.10.0S
The following are the new software features introduced in Cisco ASR 1000 Series Aggregation Services
1-port OC-192c/STM-64 POS/RPR Shared Port Adapter, XFP Optics

For detailed information, see the following Cisco document:
http://www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/ASR1000/
ASRspasw.html
Cisco Systems, Inc.

www.cisco.com
Add support for more than 32 FNF fields

http://www.cisco.com/en/US/docs/ios-xml/ios/fnetflow/configuration/xe-3s/asr1000/fnf-fnetflow.html
Aliases
http://www.cisco.com/en/US/docs/ios-xml/ios/avc/configuration/xe-3s/asr1000/avc-fld-alias.html
ASR1000 - 16k policy map scaling

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_mqc/configuration/xe-3s/asr1000/qos-apply.html
ASR-1000 Minimal Disruptive Restart (MDR) Phase 2 - POS SPA MDR

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/issu.html
ASRspasw.html
ASR1000: 40G Native Ethernet Line card

http://www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/ASR1000/fi
xed_ethernet_linecard/ASRfelcconf_guide.html
ASR1000-ESP200
http://www.cisco.com/en/US/docs/routers/asr1000/install/guide/asr1routers/asr1ESP3.html
ATM support on SPA-24CHT1-CE-ATM on ASR1000

ASRspasw.html
Auto-IP
http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_ipv4/configuration/xe-3s/ipv4-xe-3s-book_chapt
er_011.html
New Features in and Important Notes About Cisco ASR 1000 Series Aggregation Services Routers Release 3.10S
OL-26698-14
BGP - L3VPN iBGP pe-ce (RFC 6368)

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/L3VPN_iBGP_PE-CE.
html
BGP NSR Support for MPLS VPNv4 and VPNv6 Inter AS Option B
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-bgp-nsr-inter-as-op
tion-b.html
Bidirectional MPLS-TP LSP

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_basic/configuration/xe-3s/mp-basic-xe-3s-book.htm
l
Bowflex - NHRP snmp restructuring

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpnnhrp-mib.html
Bulk-logging and port block allocation

http://cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/iadnat-bpa.html
Cisco 8-Port Channelized T1/E1 Shared Port Adapter (SPA-8XCHT1/E1-V2)

ASRspasw.html
Configurable RTP port range per IP Address for RTP session connectivity
For ASR boxes, the RTP port range has been increased to a range of 8000 to 48200 to scale high call
volumes. This port range allows up 10000 calls on a single interface.
CUBE Inter-Cluster Look up Service (ILS)

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_interop/configuration/xe-3s/voi-cube-ils-ser
vice.html
OL-26698-14
CUBE Serviceability for event logging and debug classification

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_mgmt/configuration/xe-3s/asr1000/voi-cube
-service-evntlog-debugclass.html
http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_mgmt/configuration/xe-3s/voi-cube-serviceevntlog-debugclass.html
CUCM Lineside support

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_interop/configuration/xe-3s/voi-cucm-linesi
de.html
http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_interop/configuration/xe-3s/asr1000/voi-cuc
m-lineside.html
Debuggability enhancement in IOS-XE Zone Based Firewall (Phase-II)

The Debuggability Enhancement Zone-Based Firewall provides the following functionalities:
Severity levels for debug logs. For more information see the Firewall High-Speed Logging module
at:
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-zone-pol-fw.h
tml
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/asr1000/sec-zone
-pol-fw.html
Conditional Debugging: Prior to the introduction of this feature, when firewall debug is enabled,
debug messages are logged for all traffic passing through the firewall. To enable conditional
debugging of a single flow of traffic, the following debug command was added: debug platform
condition
The following commands are also introduced in Cisco IOS XE Release 3.10S:
show policy-firewall config platform
show policy-firewall sessions platform
show policy-firewall stats platform
DHCP-SIP and Walkby Integration

http://www.cisco.com/en/US/docs/ios-xml/ios/isg/configuration/xe-3s/isg-wlkby-supp.html
Disabling Flow Cache Entreis in NAT and NAT64

http://cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/iadnat-disable-flow-ent.html
OL-26698-14
http://cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/iadnat-disable-flow-e
nt.html
Easy Performance monitor

http://www.cisco.com/en/US/docs/ios-xml/ios/avc/configuration/xe-3s/asr1000/avc-ezpm.html
Ethernet over GRE Tunnels

http://www.cisco.com/en/US/docs/ios-xml/ios/interface/configuration/xe-3s/ir-eogre.html
EVC On Port-channel
http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/EVCs_on_portchannel.
html
eiBGP multipath for non VRF interfaces (IPv4/IPv6)

www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-eibgp-multipath-for-nonv
rf-interfaces.html
EIGRP Over the Top

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_eigrp/configuration/15-s/ire-eigrp-over-the-top.
html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-eigrp-over-the-top
.html
FlexVPN Mixed Mode support

The FlexVPN Mixed Mode feature provides support for carrying IPv4 traffic over IPsec IPv6 transport.
This is the first phase towards providing dual stack support on the IPsec stack. This implementation does
not support using a single IPsec security association (SA) pair for both IPv4 and IPv6 traffic.
This feature is only supported for Remote Access VPN with IKEv2 and Dynamic VTI.
GETVPN CRL Checking

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/sec-get-vpn-crl-c
hecking.html
OL-26698-14
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/asr1000/sec-get-v
pn-crl-checking.html
GETVPN Resiliency - GM Error Detection

pn-resiliency-gm-error-detection.html
GETVPN support with SuiteB

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/sec-get-vpn-suite
b.html
GTPv2 support in iWAG - Intelligent Wireless Access Gateway on ASR1K

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/iwag_asr1k.html#wp10
92054
IKE Profile based tunnel selection

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_vpnips/configuration/xe-3s/sec-ipsec-virt-tun
nl.html
IKEv1 SHA-2 support

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/sec-get-vpn.html
IOS BGP - BGP C-Route Full SM Support

The IOS BGP - BGP C-Route Full SM Support feature introduces a new CLI command, mvpn
single-forwarder-selection highest-ip-address, which configures the BGP MVPN UMH chosen via the
highest ip address.
For detailed information, see the following Cisco documents:
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/command/irg-cr-book.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_mvpn/configuration/xe-3s/imc_bgp_croute.htm
l
IOS-XE GTP TEID based ECMP

OL-26698-14
http://www.cisco.com/en/US/docs/ios-xml/ios/ipswitch_cef/configuration/xe-3s/asr1000/isw-cef-loadbalancing.html#GUID-8BDF5B19-7AA9-461D-9863-B56784C126D0
IP SLAs - Asymmetric probe support for UDP jitter

http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/xe-3s/sla_udp_jitter.html
IPSec debugability enhancement

The IPSec debugability enhancement feature implements the following:
An unique session ID for IPsec and IKE debugs. This session is allocated for each active peer and
groups the IPsec and IKE debugs.
The session ID is displayed in the show crypto session command.
Support for crypto IPsec event tracing.
Conditional debugging and filtering mechanism for peer sessions.
For more information on these two commands, see the following:

Cisco IOS Security Command Reference: Commands S to Z
IPv6 SNMP MIB support for voice features

The MIB objects relevant to Cisco UBE that have transport-related information such as IPV6 address
and type of IP (IPV4 or IPV6) have been verified.
The criteria used for the enhanced MIBs are:
The MIB should have voice/video related information.
MIB objects should have IP address element in them.
The following MIBs satisfied the above criteria:
CISCO-VOICE-DIAL-CONTROL-MIB
CISCO-RTTMON-MIB
CISCO-RTTMON-IP-EXT-MIB
CISCO-SIP-CALLS-MIB
CISCO-POP-MGMT-MIB
IPv6 Static Route support for Object Tracking

iWAG - Intelligent Wireless Access Gateway SSO support for GTP on ASR1K
99408
OL-26698-14
iWAG Scale Enhancements

99408
L2VPN Static to Dynamic PW Interconnection & PW Preferred Path for MPLS-TP Tunnels
http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_transport_profile.html
http://www.cisco.com/en/US/docs/ios-xml/ios/mp_basic/configuration/xe-3s/mp-mpls-tp.html#GUID1A1B84C1-51B6-4A61-9E17-8B14109EDCA7
L3VPN per CE label

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-3s/asr1000/mp-vpn-ce-la
bel.html
LI support for IPoE sessions

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_cfg/configuration/xe-3s/asr1000/sec-lawful-int
ercept-IPoE.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_cfg/configuration/xe-3s/sec-lawful-intercept-IP
oE.html
Loose Checking Option for TCP Window Scaling in ZBFW

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/asr1000/sec-loose-che
ck-option-TCP.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-loose-check-optio
n-TCP.html
MPLS Traffic Engineering Non-Stop Routing Support

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_ha/configuration/xe-3s/mp-nsr-supp.html
MPLS VPN over mGRE

http://www.cisco.com/en/US/docs/ios/interface/configuration/guide/ir_mplsvpnomgre.html
http://www.cisco.com/en/US/docs/ios-xml/ios/interface/configuration/xe-3s/ir-mpls-vpnomgre-xe.html
10
OL-26698-14
MPLS VPN Per CE Label Allocation

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-3s/asr1000/mp-vpn-ce-la
bel.html
MPLS-TP OAM: Continuity Check via BFD

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_basic/configuration/xe-3s/mp-mpls-tp.html#GUID5FAE56DC-1B64-474D-923E-AF54B9D8129D
MPLS-TP OAM: Fault Management

MPLS-TP OAM: GACH

MPLS-TP OAM: Ping/Trace

MPLS-TP Path Protection

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_basic/configuration/xe-3s/mp-mpls-tp.html#GUID4E3C4BA8-0777-4CC3-9CC4-84D5956756E4
MVPN BGP C-Route Full SM Support

OL-26698-14
11
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_mvpn/configuration/15-s/imc_vpn_bgp_croute.
html
MVPN mLDP Partitioned MDT including wildcard

http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_mvpn/configuration/xe-3s/imc_mldp_mdt.html
NAT increase VRF scale to 4k

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/iadnat-addr-consv.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/iadnat-addr-con
sv.html
Network-based recording of video calls using Cisco UBE

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/voi-ntwk-based-r
ec-video-calls.html
http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/15-mt/voi-ntwk-based-r
ec-video-calls.html
NHRP SNMP Restructuring

The NHRP SNMP Restructuring feature provides hardening support to NHRP MIBs. The snmp mib nhrp
command is disabled by default. To enable you must explicitly configure it using the snmp mib nhrp
command.
The snmp mib nhrp status command displays information about the following:
The state of the tree.
The enable or disable status of the NHRP MIB.
The number of allocation tree nodes.
The debug snmp mib nhrp command enables debugging for NHRP MIBs.
For more information, see the following documents:
Cisco IOS Debug Command Reference - Commands S through Z
Cisco IOS SNMP Support Command Reference
No Service Password-Recovery
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_cfg/configuration/xe-3s/asr1000/sec-usr-cfg-xe
-3s-asr-1000-book.html
12
OL-26698-14
OSPFv2 Cryptographic Authentication

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/iro-ospfv2-crypto-auth
en-xe.html
OSPFv2 Multi Area Adjacency

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/asr1000/iro-multi-area
-adj-xe.html
OTV Enhancements
The OTV enhancement include:
OTV VRF Aware

OTV join interfaces can be part of a VRF. This allows for OTV forwarding of L2 packets via a VRF
L3 domain.
OTV Sub-interface as join interface

Sub-interfaces can be configured as OTV join interfaces. This allows more flexibility with the L3
side OTV configuration.
OTV Port-channel as join interface

Port-channel interfaces can be configured as OTV join interfaces. This allows interface redundancy
for L3 side OTV connections.
OTV Port-channel as internal interface

Port-channel interfaces can be configured as OTV internal interfaces. This allows interface
redundancy for L2 side OTV connections.
For detailed information, see the following Cisco document

http://www.cisco.com/en/US/docs/ios-xml/ios/wan_otv/configuration/xe-3s/wan-otv-confg.html
Per ACE QoS Statistics

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_mqc/configuration/xe-3s/qos-per-ace.html
Per COS Storm Control for Broadcast/Unknown Unicast/Multicast for EVC ports in ASR1k
http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/Storm_Control_ASR1
K.html
OL-26698-14
13
PKI - New cert attributes

The PKI New Cert Attributes feature provides the following enhancements to Public Key Infrastructure
(PKI):
NVRAM Exhaustion
Fresh Enrollment
NVRAM Exhaustion
Certificates and certificate revocation lists (CRLs) are used by devices when a certificate authority (CA)
is used. Certificates and CRLs can be stored in NVRAM or an external database. If an external database
is used to store certificates, there is no need to delete the expired certificates. Each certificate and CRL
uses a moderate amount of memory. The following are stored in NVRAM:
CA certificates and CRLs
Certificates issued by CA server to clients
When a client renews its certificate, the new certificate, along with old certificates, is stored in NVRAM.
This decreases the NVRAM space. As more certificates are stored, the NVRAM space is exhausted and
this brings down the CA server, which then is unable to retrieve certificates. Manual intervention is
required to restore space in NVRAM and bring the CA server up again.
To avoid NVRAM space exhaustion and manual intervention to bring up the CA server, a new timer
triggers the database cleanup event. The timer starts when the first certificate is issued, and the timer
interval is based on the client certificate life time configuration in the CA server. The timer scans the
database and removes expired certificates that are not required, thereby preventing the CA server from
going down because of NVRAM exhaustion. The timer information is displayed in the output from the
show crypto pki timer command. Note that the timer applies only when certificates are stored in
NVRAM and the database level is set to complete. However, when NVRAM is used to store
certificates and the database level is configured with minimum or names, there is no need to delete the
expired certificates because the certificates do not consume much space.
The certificates in the CA server can also be deleted by using the no crypto pki server name command.
the following warning appears, when you configure this command:
Device(config)# no crypto pki server ABC-CA
CA certificate, Keypair, CRL and database files will be deleted.
[yes/no]:
Do you wish to continue?
If yes is entered, all files are removed from the database.

For more information on commands, see the following documents:
Cisco IOS Security Command Reference: Commands A to C
Fresh Enrollment
The auto-enroll feature helps the device to renew the router certificate when it expires. Sometimes, the
router certificate may not be enrolled if the CA server is not reachable or if the client is shut down. The
back off mechanism prevents the device from having an expired certificate by renewing the certificates.
The certificates are renewed by continuous contact with the CA server at specific intervals by using the
retry count and retry period keywords in the enrollment command.
When a device certificate expires, the back off mechanism does the following:
Issues a fresh enrollment request and starts the default back off mechanism or follow the configured
retry counts. This step is repeated to obtain a fresh certificate.
14
OL-26698-14
The enrollment request does not contain expired certificate keys, if the trustpoint is configured with
the regenerate command. The regenerate command assigns new keys. To issue an enrollment request
with the expired certificate keys, do not specify the regenerate command.
The following example shows how to configure the retry count and period keywords:
Device(config)# no crypto pki server ABC-CA
redundancy
enrollment retry count 10
enrollment retry period 1
enrollment url http://ABC_CA:80
revocation-check crl
auto-enroll 70
hash sha1
end
The default retry count is 10. The following table provides information when the enrollment does not
happen:
Retry
Timeout
1 minute
1 minute
2 minutes
5 minutes
10 minutes
20 minutes
40 minutes
60 minutes
90 minutes
10
120 minutes
After the default retry count, the enrollment request is deleted. If the certificate expires, the 5-second
interval is employed to reach the CA.
For more information on the commands, see the following documents:
Cisco IOS Security Command Reference: Commands D to L
Cisco IOS Security Command Reference: Commands M to R
PMIP: Multipath support on MAG

http://www.cisco.com/en/US/docs/ios-xml/ios/mob_pmipv6/configuration/xe-3s/asr1000/imo-pmipv6multipath-support.html
http://www.cisco.com/en/US/docs/ios-xml/ios/mob_pmipv6/configuration/xe-3s/imo-pmipv6-multipat
h-support.html
Pseudowire Group Switchover

OL-26698-14
15
http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/asr903/l2vpn-pw-grou
p-switchover.html
RFC4303 IP Encapsulating Security Payload (ESP) dummy packet for traffic flow confidentiality (TFC)
The RFC 4303 IP Encapsulating Security Payload (ESP) dummy packet for traffic flow confidentiality
(TFC) feature provides RFC 4303 support in Cisco software. RFC 4303 describes two methods to hide
the characteristics of traffic that is passing through an IPsec flow. The first method involves adding extra
padding beyond the allowed maximum of 255 bytes after the payload data when using the Encapsulating
Security Payload (ESP) protocol for traffic confidentiality. The second method involves adding extra
"dummy" packets to the traffic flow. The generation and transmission of dummy packets is implemented
in Cisco software through the RFC4303 IP Encapsulating Security Payload (ESP) dummy packet for
traffic flow confidentiality (TFC) feature. A dummy packet is designated by setting the next header field
in the ESP packet to a value of 59. The dummy packets are discarded when the packets are received by
the device. The standard ESP header and trailer fields are present in a dummy packet. The payload (plain
text) in the dummy packet contains zero which becomes random data after encryption. You can specify
the time interval at which to generate the dummy packets. You can enable generating dummy packets
globally using the crypto ipsec security-association dummy command or you can enable dummy packets
for a crypto map using the set security-association dummy command. When enabled for a crypto map,
dummy packets are enabled for all flows that are created using the crypto map.
For more information on commands, see the following documents:
Cisco IOS Security Command Reference: Commands A to C
Secure CDP
http://www.cisco.com/en/US/docs/ios-xml/ios/cdp/configuration/xe-3s/asr1000/nm-cdp-secure.html
Secure Shell-Configuring User Authentication Methods

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_ssh/configuration/xe-3s/asr1000/sec-ssh-config
-auth.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_ssh/configuration/xe-3s/sec-ssh-config-auth.ht
ml
SPA-4XOC3-POS-V2 support on ASR-1000

ASRspasw.html
Support for dynamic payload type interworking for DTMF and codec packets for SIP to SIP calls
16
OL-26698-14
http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/voi-negt-aud-cod
e.html
TDOS Attack prevention on CUBE

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/voi-cube-tdos-att
ack-mitigation.html
TrustSec SGT Handling: L2 SGT imposition and forwarding

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_cts/configuration/xe-3s/cts-sgt-handling-imp-f
wd.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_cts/configuration/xe-3s/asr1000/cts-sgt-handlin
g-imp-fwd.html
UC GW Services - media forking service

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/voi-cube-uc-gate
way-services.html
VASI (VRF Aware Software Infrastructure) 2000 pairs scale

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/asr1000/conf-vasi.htm
l
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/conf-vasi.html
VP/VC Shaping for PPPoEoA/PPPoA

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_plcshp/configuration/xe-3s/asr1000/qos-plcshp-xe3s-asr-1000-book.html
VRF-Aware IPv6 Rapid Deployment Tunnel

http://www.cisco.com/en/US/docs/ios-xml/ios/interface/configuration/xe-3s/ip6-6rd-vrf-tunnels-xe.ht
ml
VRRP aware PIM

OL-26698-14
17
Important Notes
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_pim/configuration/xe-3s/imc_vrrp_aware.html
VRRPv3: Object Tracking Integration

http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-3s/asr1000/fhrp-vrrpv3-obj
-trk.html
WCCPv2 - IPv6 Support

http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp/configuration/xe-3s/asr1000/iap-xe-3s-asr1000-b
ook.html
Important Notes
The following sections contain important notes about Cisco ASR 1000 Series Aggregation Services
Routers Release 3.10S.
End-of-Sale and End-of-Life of the Cisco Traditional NetFlow Feature

Cisco announces the end-of-sale and end-of-life of the Cisco Traditional NetFlow (TNF) Feature on the
Cisco ASR1000 platform. Cisco will not have any future development, CLI support, TAC support, and
documentation pertaining to the Cisco TNF feature beyond Cisco IOS XE Software Release 3.10.
Customers with the Cisco TNF feature on the Cisco ASR1000 platform are encouraged to migrate to the
Cisco Flexible NetFlow (FNF) feature on the Cisco ASR1000 platform.
For details on transition to Cisco FNF, see the Migrating from Traditional to Flexible NetFlow white
paper:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/ps6601/ps6965/white_paper_c11
-545581.html
Deferrals
Cisco IOS software images are subject to deferral. We recommend that you view the deferral notices at
the following location to determine whether your software release is affected:
http://www.cisco.com/en/US/products/products_security_advisories_listing.html
Field Notices and Bulletins
Field NoticesWe recommend that you view the field notices for Release 3.9S to determine
whether your software or hardware platforms are affected. You can find the field notices at the
following location:
http://www.cisco.com/en/US/support/tsd_products_field_notice_summary.html
18
OL-26698-14
Important Notes
BulletinsYou can find bulletins at the following location:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5012/prod_literature.html
Important Notes About Cisco ASR 1000 Series Aggregation Services Routers
Release 3.10S
There are no important notes specific to Cisco ASR 1000 Series Aggregation Services Routers Release
3.10S.
OL-26698-14
19
Important Notes
20
OL-26698-14

included.

page 1
page 2
page 2

Cisco Systems, Inc.

www.cisco.com
SFR Counter Support

Added support for collecting total L3 packets and total L3 bytes sent by client or server.
http://www.cisco.com/en/US/docs/routers/access/ISRG2/AVC/api/guide/AVC_Metric_Definition_Gui
de.html

SP WiFi: Integrated Ethernet over GRE Support

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/EoGRE.html

ALG/AIC Serviceability
The ALG-AIC Serviceability feature performs packet filtering. When a packet matches the configured
filters, debug messages are logged. The ALG-AIC Serviceability feature provides the following
functions:
Debugs a single traffic flow.

Enables debug logs for specific application layer gateways (ALGs) and application inspection and
control (AIC) policies.
The following commands were introduced or modified for the ALG-AIC Serviceability feature:
show platform hardware qfp feature alg
show platform hardware qfp feature td
show tech-support alg
AppNav-XE
http://www.cisco.com/en/US/partner/docs/routers/access/4400/appnav/csr-asr/apnavcsr.html
OL-26698-16
AVCEnhanced Connection/Transaction Metrics

http://www.cisco.com/en/US/docs/ios/solutions_docs/avc/ios_xe3_9/avc_soln_guide_iosxe3_9.html
AVCMonitoring QoS Metrics

AVCEnforcement of NBAR Advanced Mode

Note
Beginning with the IOS XE 3.9 release, using NBAR advanced mode requires a license for AVC
functionality. License details vary according to router model.
BB/ISG IOSXE Serviceability Enhancement

http://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg_m1.html#wp3145726977
BFD Support for Multicast (PIM)

http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_pim/configuration/15-s/imc_bfdpim.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_pim/configuration/xe-3s/asr1000//imc_bfdpim.
html
BGPIPv6 NSR
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-ipv6-nsr.ht
ml
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-ipv6-nsr.html
BGPLocal-AS Allow-Policy
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/15-s/irg-local-as-policy.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-local-as-po
licy.html
OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-local-as-policy.htm
l
BGPRT or VPN-ID Attribute Rewrite Wildcard

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/15-s/irg-rtp-vpn-distinguishe
r.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-rtp-vpn-distinguish
er.html
BGPVRF Aware Conditional Advertisement

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/15-s/irg-vrf-conditional-adv.
html For Cisco IOS Release 15.3(2)S
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-vrf-conditi
onal-adv.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-vrf-conditional-adv
.html
EIGRP Debug for EVN

http://www.cisco.com/en/US/docs/ios-xml/ios/evn/configuration/xe-3s/evn-mgt-ts.html
EIGRP Support for 6PE/6VPE

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_eigrp/configuration/15-s/ire-15-s-book_chapter
_010000.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-xe-3s-book_chapt
er_010010.html
Flexible NetFlowPermanent Cache

http://www.cisco.com/en/US/docs/ios/fnetflow/configuration/guide/fnetflow_overview.html
Flexible NetFlowMPLS Support

http://www.cisco.com/en/US/docs/ios-xml/ios/fnetflow/configuration/xe-3s/fnf-mpls-support.html
OL-26698-16
GTP v2 Support
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-data-zbf-gtpv2.ht
ml
IPSec Serviceability Debug

The IPSec Serviceability Debug feature enhances Cisco IOS XE software by improving the following
areas:
Packet tracingTraces a packet through the data path and identifies the area where and why a packet
was dropped.
show commandsProvides accurate and relevant information in the command output. Cisco IOS XE
software provide an easy means to locate feature specific commands.
debug commandsProvides better control plane and data plane debugging.
System trace filesProvides ability to log structured messages.
For more information on show commands, refer to the Cisco IOS Security Command Reference:
Commands S to Z (http://www.cisco.com/en/US/docs/ios-xml/ios/security/s1/sec-s1-cr-book.html).
For more information on debug commands, refer to the Cisco IOS Debug Command Reference Commands I through L
(http://www.cisco.com/en/US/docs/ios-xml/ios/debug/command/i1/db-i1-cr-book.html).
IPv6 Destination Guard

http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6/configuration/15-2s/ipv6-dest-guard.html
http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/IPv6_Security.html
IPv6 Neighbor Discovery Multicast Suppress

http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6_fhsec/configuration/xe-3s/asr1000/ip6-nd-mcast-s
upp.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6_fhsec/configuration/xe-3s/ip6-nd-mcast-supp.html
IPv6RIPng VRF Aware Support

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_rip/configuration/15-s/irr-ipv6-ripng.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_rip/configuration/xe-3s/irr-ipv6-ripng.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_rip/configuration/xe-3s/asr1000/irr-ipv6-ripng.h
tml
IP SLA - Service Performance Testing Infrastructure

OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/15-s/sla_y1564.html
IPv6 Snooping
http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6_fhsec/configuration/15-s/ip6-snooping.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6_fhsec/configuration/xe-3s/asr1000/ip6-snooping.ht
ml
http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6_fhsec/configuration/xe-3s/ip6-snooping.html
IPv6 Source or Prefix Guard

http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6_fhsec/configuration/xe-3s/ip6-src-guard.html
IPv6Unicast Router Advertisement Support

http://www.cisco.com/en/US/docs/ios-xml/ios/isg/configuration/xe-3s/isg-ipv6-unicast-ra.html
L2VPN Protocol Base CLIs

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/mp-l2-vpns-xe-3s-boo
k.html
http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/l2vpn-prot-based.html
Layer 2 Local SwitchingATM to Ethernet

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fslocal.html
LISP Host Mobility Extended Subnet

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_lisp/configuration/xe-3s/irl-host-mob.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_lisp/configuration/15-mt/irl-host-mob.html
LISP Host Mobility Across Subnet

OL-26698-16
LISPSHA-2 Support for Site Registration

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_lisp/configuration/xe-3s/irl-overview.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_lisp/configuration/15-mt/irl-overview.html
mDNS for kWAAS

http://www.cisco.com/en/US/docs/ios-xml/ios/wan_waas/configuration/xe-3s/wan-waas-mdns-kwaas.h
tml
MediaTrace 3.0MIB, IPv6, MIB Profiles and Reverse MediaTrace

http://www.cisco.com/en/US/docs/ios-xml/ios/media_monitoring/configuration/15-mt/mm-mediatrace.
html
MPLSTP: Linear Protection or PSC support

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_basic/configuration/xe-3s/asr903/mp-basic-xe-3s-as
r903-book.html
NATPaired Address Pooling Support

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/iadnat-addr-pool.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/iadnat-addr-poo
l.html
Network-Based Recording Using Cisco UBE

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/voi-ntwk-based.ht
ml
NSRLDP Support
http://www.cisco.com/en/US/docs/ios-xml/ios/mp_ha/configuration/xe-3s/asr1000/mp-nsr-ldp-supp.ht
ml
http://www.cisco.com/en/US/docs/ios-xml/ios/mp_ha/configuration/xe-3s/mp-nsr-ldp-supp.html
OL-26698-16
OTV Adjacency Server

http://www.cisco.com/en/US/docs/ios-xml/ios/wan_otv/configuration/xe-3s/wan-otv-adj-server.html
Parent Level Overhead Accounting

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_plcshp/configuration/xe-3s/asr1000/qos-plcshp-eth
er-ohead-actg.html
http://www.cisco.com/en/US/docs/ios-xml/ios/qos_plcshp/configuration/xe-3s/qos-plcshp-ether-ohead
-actg.html
PMIP Mobility3G Mobility Anchor

http://www.cisco.com/en/US/docs/ios-xml/ios/mob_pmipv6/configuration/xe-3s/imo-pmipv6-3gma-su
pport.html
PPTP ALG for PAT Support

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/iadnat-pptp-pat.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/iadnat-pptp-pat.
html
RaBaPol Shorten Policy Map Names

http://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg_m1.html
Radius Event Timestamp Attribute Support

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_radatt/configuration/15-s/sec-rad-att-55-event-t
imestamp.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_radatt/configuration/xe-3s/sec-rad-att-55-eventtimestamp.html
Recursive Static Route

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_pi/configuration/15-s/iri-15-s-book_chapter_01
101.html
OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_pi/configuration/xe-3s/iri-xe-3s-book_chapter_
01110.html
Scale up to 128K for Bridge Domain Mac Address

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/cether/configuration/xe-3s/ce-mac-addlmt-bdsin
.html
Simple Network Time ProtocolV4 (SNTPV4)

http://www.cisco.com/en/US/docs/ios-xml/ios/bsm/configuration/15-s/bsm-sntpv4.html
SP or WiFi: iWAG Access Tunnels: PMIPv6 LMA (128k tunnels)

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/iwag_asr1k.html
Storm Control for Broadcast or Unknown Unicast or Multicast For EVC Ports in ASR1K
http://www.cisco.com/en/US/docs/ios-xml/ios/mpls/command/mp-cr-book.html
Unidirectional Link Detection Protocol (UDLD) on ASR 1000

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/udld_on_asr1k.html
ZBFW Serviceability Phase-1

The zone-Based Firewall Serviceability feature provides granular drop counters:
Prior to the introduction of the granular drop counters, only a globaldrop count was available. The
granular drop counter provides more information about the reasons for packet drops, than the global drop
count. See the show platform hardware qfp feature firewall drop command for more information
about firewall drop counters.
The following commands were introduced or modified by this feature:
show platform hardware qfp feature firewall
show platform hardware qfp active feature firewall datapath
show platform hardware qfp active feature firewall drop
show platform software firewall
show policy-firewall stats global
show tech-support firewall
OL-26698-16
Important Notes
Important Notes

paper:
-545581.html
Deferrals
following location:

Release 3.9S
3.9S.
10
OL-26698-16

included.

New Hardware Features in Cisco ASR 1000 Series Aggregation Services Routers Release 3.8S,
page 1
New Software Features in Cisco ASR 1000 Series Aggregation Services Routers Release 3.8S,
page 2
New Hardware Features in Cisco ASR 1000 Series Aggregation Services

The following are the new hardware features introduced in Cisco ASR 1000 Series Aggregation Services
Cisco Systems, Inc.

www.cisco.com
8 port clear channel T3/E3 SPA - SPA-8XT3/E3

http://www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/install_upgrade/ASR1000
/asr_sip_spa_hw.html

8-Port Clear Channel T3/E3 SPA - SPA-8XT3/E3

ASRspasw.html
Add Path Support in EIGRP

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-add-path.html
Ambiguous VLAN Support for IP Sessions over ISG (Limited Feature Support)
http://www.cisco.com/en/US/docs/ios-xml/ios/isg/configuration/xe-3s/isg-ambig-vlan.html
ASR1K-SIP40 ISSU MDR Support

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/issu.html
AVC Limited Availability

Note
The AVC solution is currently in limited availability (LA) to control customer adoption, gain more
visibility about technical issues, and improve general usability for Cisco Prime Infrastructure throughout
the LA period. To ensure the smoothest possible implementation, please contact the AVC support team
at the following address as you plan your deployment: ask-avc-external@external.cisco.com.
BFD Dampening
OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bfd/configuration/xe-3s/irb-bfd-damp.html
BGPMulticast VPN BGP Dampening

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-mvpn-dam
p.html
BGPMultiple Cluster IDs

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-multicluster-id.htm
l
BGPVPN Distinguisher Attribute

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-vpn-distinguisher.h
tml
Call Escalation from Voice to Video

http://www.cisco.com/en/US/docs/ios/voice/cube/configuration/guide/vb-gw-sipsip.html
Cisco Data Collection Manager

http://www.cisco.com/en/US/docs/ios-xml/ios/bsdcm/configuration/15-mt/bsdcm-15-mt-book.html
http://www.cisco.com/en/US/docs/ios-xml/ios/bsdcm/configuration/15-mt/nm-bs-dcm.html
Classification Enhancements for IOS-XE3.8

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_nbar/prot_lib/config_library/xe38/configuration/nb
ar-prot-lib38.html
Configuring ITU-T Y.1731 Fault Management Functions

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/asr1000/ce-cfm-y1731-ieee.h
tml
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/ce-cfm-y1731-ieee.html
OL-26698-16
Diffserv MIB
http://www.cisco.com/en/US/docs/ios-xml/ios/qos_dfsrv/configuration/xe-3s/asr1000/qos-dfsrv-xe-3sasr1000-book.html
Embedded Packet Capture (EPC)

http://www.cisco.com/en/US/docs/ios-xml/ios/epc/command/monitor_capture_through_show_monitor
_capture.html
Enable Visualization of Application Usage

http://www.cisco.com/en/US/docs/ios-xml/ios/avc/configuration/xe-3s/avc-xe-3s-book.html
Enable Visualization of Service Path

http://www.cisco.com/en/US/docs/ios-xml/ios/avc/configuration/xe-3s/cfg-avc2-xe.html
E-OAM-CFM CCM Hardware Offload

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.html
Ethernet Local Management Interface (LMI) at Provider Edge (PE)

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/ce-elmi-pe.html
Flexible NetFlowEgress VRF Support

http://www.cisco.com/en/US/docs/ios-xml/ios/fnetflow/configuration/xe-3s/cust-fnflow-rec-mon-xe.ht
ml
iWAG Intelligent Wireless Access Gateway

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/iwag_asr1k.html
OL-26698-16
Excalibur Reverse L2GP for 7600

http://www.cisco.com/en/US/docs/routers/7600/install_config/ES20_config_guide/baldcfg.html
http://www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html
GDOI MIB Support for GET VPN

pn-gdoi-mib-support.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/sec-get-vpn-gdoimib-support.html
GETVPN GM Removal and Policy Trigger

pn-gm-removal-and-policy-trigger.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/xe-3s/sec-get-vpn-gm-r
emoval-and-policy-trigger.html
GETVPN Troubleshooting
pn.html
Graceful Shutdown Support for OSPFv3

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/15-s/iro-ospfv3-gshutdown.
html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/asr1000/ip6-route-osp
fv3-gr-rest-xe.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/iro-ospfv3-gshutdown.
html
OL-26698-16
3GPP Release 7 & 8 Support for GPRS Tunneling Protocol AIC

This feature provides support for the GPRS Tunneling Protocol (GTP) application inspection and control
(AIC) parser upgrade according to 3rd Generation Partnership Project (3GPP) Technical Specification
(TS) 29.060 release 7 and 8. All the configurations and restrictions that apply to the GTP AIC and
Gateway General packet radio service (GPRS) Support Node (GGSN) pooling specifications also apply
to this feature.
HSRP: Global IPv6 Address

http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp_fhrp/configuration/15-s/ip6-fhrp-hsrp.html
H-VPLS N-PE Redundancy for MPLS Access

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/mp-hvpls-npe-red-mpl
s-access.html
H-VPLS N-PE Redundancy for QinQ Access

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/mp-hvpls-npe-red.html
IEEE 802.1ab LLDP (Link Layer Discovery Protocol)

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/asr1000/ce-lldp-multivend.ht
ml
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/ce-lldp-multivend.html
IKEv1 Hardening
http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_call_addmsn_i
ke.html
IKEv2 Remote Access Hardware Client

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/xe-3s/sec-cfg-flex-clnt
.html
Inter-Chassis HA Support in IPV6 ZBFW

OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/asr1000/sec-data-ha-i
pv6-zbf.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-data-ha-ipv6-zbf.
html
IP Unnumbered Ethernet Polling Support

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_ipv4/configuration/xe-3s/IP-unnumbered-Ethern
et.html
IPSLA Multicast Support

http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/15-s/sla_mcast_suppt.html
IPV6 MVPN with MLDP

http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_lsm/configuration/xe-3s/asr1000/imc_mldp-bas
ed_mvpn.html
IPv6 Remote Access for IPSec VPN

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-2mt/sec-cfg-flex-cl
nt.html
IPv6 Transport for DMVPN

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-dmvpn.html
IPv6 ZBFW B2B HA Support

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/asr1000/sec-b2b-ha-ip
v6.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-b2b-ha-ipv6.html
ISDN/Dialer Access-Link Support for Broadband Aggregation

http://www.cisco.com/en/US/docs/ios-xml/ios/vpdn/configuration/xe-3s/asr1000/vpd-isdn-access-bba.
html
OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/vpdn/configuration/xe-3s/vpd-isdn-access-bba.html
ISIS No Hello Padding Always

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_isis/command/irs-cr-book.html
ISSUE-LMI Support
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/asr1000/ce-elmi-pe.html
L2VPN VPLS Inter-AS, Option B

www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/asr1000/mp-inter-as-optionb.html
www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/mp-inter-as-option-b.html
Label Switched Multicast (LSM) Multicast Label Distribution Protocol (mLDP) based Multicast VPN
(mVPN) Support
http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/7600_15_0s_book.html
LISP Delegate Database Tree (DDT)

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_lisp/configuration/xe-3s/irl-ddt.html
LISP Host Mobility Across Subnet

LISP-SEC, LISP Control Plane Security

The LISP Security (LISP-SEC) feature enables a set of security mechanisms that provide origin
authentication, integrity, and anti-replay protection for map-request/map-reply mapping resolution
exchanges.
OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_lisp/command/ip-lisp-cr-book.html
Mapping of Address and Port Using Translation (MAP-T)

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/ip-nat-divi-v4v
6.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/ip-nat-divi-v4v6.html
MGRE Tunnel Support over IPv6

http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-dmvpn.html
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-tunnel.html
MLDP-Based MVPN
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_lsm/configuration/xe-3s/asr1000/imc_mldp-bas
ed_mvpn.html
MLDP In-Band Signaling / Transit Mode

http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_lsm/configuration/15-s/imc-inband.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_lsm/configuration/xe-3s/asr1000/imc-inband.ht
ml
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_lsm/configuration/xe-3s/imc-inband.html
MPLS Virtual Private Networks

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-3s/mp-cfg-layer3-vpn.ht
ml
MVPNv6 Extranet
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti_mvpn/configuration/xe-3s/imc_mc_vpn_extran
et.html
NETCONF XML PI
http://www.cisco.com/en/US/docs/ios-xml/ios/cns/configuration/xe-3s/asr1000/cns-netconf.html
OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/cns/configuration/xe-3s/cns-netconf.html
Network-Based Recording Using Cisco UBE

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/voi-ntwk-based.ht
ml
NSF/SSOE-LMI Support
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/asr1000/ce-elmi-pe.html
OSPFv3 ABR Type 3 LSA Filtering

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/asr1000/iro-afsupportv3.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/iro-afsupport-v3.html
Per PW Layer 2 Service Policy in VFI

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/mpls/command/mp-s3.html
Per PW QOS in VFI

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/15-s/mp-l2vpn-qos-pw-vfi.ht
ml
http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/mp-l2vpn-qos-pw-vfi.
html
PfR Bandwidth Visibility Distribution for xDSL Access

http://www.cisco.com/en/US/docs/ios-xml/ios/pfr/configuration/xe-3s/asr1000/pfr-band-vis.html
PfR Scaling Improvement for Application Traffic Class (TC)

http://www.cisco.com/en/US/docs/ios-xml/ios/pfr/command/pfr-cr-book.html
10
OL-26698-16
PPPoGECPer Session QoS [Include Model F Support]

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_mqc/configuration/xe-3s/asr1000/qos-pppgec.html
Prefix Suppression Support for OSPFv3

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/15-s/iro-pref-supp-v3.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/asr1000/iro-pref-suppv3.html
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/iro-pref-supp-v3.html
SIP ALG Hardening for NAT and Firewall

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/iadnat-fw-sip-al
g-hardng.html
http://www.cisco.com/en/US/partner/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/iadnat-fw-sipalg-hardng.html
Suite-B Support in IOS SW Crypto

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_pki/configuration/xe-3s/sec-cert-enroll-pki.ht
ml
Support for Algorithms in the Suite B Specification for IPSec by the On-Board Crypto Engine in Cisco
ASR 1000 Series Aggregation Services Routers
The IPSec algorithms required by Suite B are now supported by the hardware crypto engine on the Cisco
ASR 1000 Series Aggregation Services Routers that have embedded hardware-accelerated VPN
encryption.
Suite B requirements comprise four user interface suites of cryptographic algorithms for use with IKE
and IPsec, which are described in RFC 6379 and RFC 6380 respectively. Each suite consists of an
encryption algorithm, a digital signature algorithm, a key agreement algorithm, and a hash or message
digest algorithm.
Suite B provides a comprehensive security enhancement for Cisco IPsec VPNs, and allows additional
security for large-scale deployments. Suite B is the recommended solution for organizations requiring
advanced encryption security for the wide-area network (WAN) between remote sites.
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_pki/configuration/xe-3s/sec-cert-enroll-pki.ht
ml
OL-26698-16
11
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_vpnips/configuration/xe-3s/sec-cfg-vpn-ipsec
.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/xe-3s/sec-cfg-ikev2-fl
ex.html
Support for Negotiation of an Audio Codec from a List of Codecs on Each Leg of a SIP-SIP Call on the
Cisco Unified Border Element
http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/voi-negt-aud-cod
e.html
TCP - Configurable Keepalive Timer

http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp/configuration/15-2mt/iap-tcp.html
TCP Reset Segment Control

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/tcp-rst-seg-con.html
Unicast Reverse Path Forwarding Loose Mode

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_urpf/configuration/xe-3s/sec-unicast-rpf-loose
-mode.html
VPLS BGP Signaling

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-vpls-bgp-s
ig.html
VPLS MAC Limit Enhancement

VRRPv3 Protocol Support

http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp_fhrp/configuration/15-1sy/fhrp-vrrpv3.html
12
OL-26698-16
Important Notes
WebEx SPA
ASRovwma.html
Y.1731 Performance Monitoring

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/asr1000/ce-y1731-perfmon.h
tml
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/ce-y1731-perfmon.html
Important Notes

paper:
-545581.html
Deferrals
following location:
OL-26698-16
13
Important Notes
Release 3.8S
3.8S.
14
OL-26698-16

included.

New Hardware Features in Cisco ASR 1000 Series Aggregation Services Routers Release 3.7S,
page 1
New Software Features in Cisco ASR 1000 Series Aggregation Services Routers Release 3.7S,
page 2

The following are the new hardware features in Cisco ASR 1000 Series Aggregation Services Routers
Release 3.7S:
Cisco Systems, Inc.

www.cisco.com
Cisco ASR 1002-X Router

The Cisco ASR 1002-X Router is a 3-SPA, 2-RU chassis. The embedded services processor and route
processor are integrated into the chassis. There are 6 small form factor pluggable (SFP) Gigabit Ethernet
ports. The router provides a forwarding bandwidth of up to 36 Gbps. The Cisco ASR 1002-X Router
supports all the general-purpose routing and security features of the Cisco ASR 1000 Series Aggregation
Services Routers.
http://www.cisco.com/en/US/docs/routers/asr1000/install/guide/asr1routers/asr1higV8.html
Cisco ASR 1000 Embedded Services Processor 100-Gbps

The Cisco ASR 1000 Series Aggregation Services Routers 100-Gbps Embedded Services Processor is a
centralized forwarding engine option for the Cisco ASR 1006 and ASR 1013 Routers.
Note
Availability of ASR1000 Series100-Gbps Embedded Services Processor is limited to those customers

whose feature set profiles are validated and approved by the corresponding Cisco Business Unit.

Routers Release 3.7S:
ALGH.323 vTCP with High Availability Support for Firewall and NAT
http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/iadnat-h323-vtcp-ha.htm
l
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-fw-h323-alg.html
ASR1000 IPSec Debuggability Enhancement - Phase I

The IOS-XE IPSec Debuggability Enhancements in IPsec VPN reduces the overall debugging effort for
customers by modifying the debug platform hardware qfp active feature (IPsec) command and
merging the output of several show commands into the output of the following commands that were
modified for this feature: show crypto engine accelerator statistic, show crypto ipsec sa, show crypto
ruleset, and show tech-support ipsec.
For more information, refer to the Cisco IOS Security Command Reference: Commands S to Z
(http://www.cisco.com/en/US/docs/ios-xml/ios/security/s1/sec-s1-cr-book.html), and Cisco IOS Debug
Command Reference, Commands M through R
(http://www.cisco.com/en/US/docs/ios-xml/ios/debug/command/m1/db-m1-cr-book.html).
OL-26698-16
BGPAttribute Filter and Enhance Attribute Error Handling

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-attribute-fi
lter.html
E-OAM : Multiple Port MAs Under Single MD

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/ce-cfm-ieee-xe.html
BGP Support for the L2VPN Address Family

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3sg/irg-sup-l2vpn.html
CUBE(SP): H.248 BAC Support

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/sbcu/sbc_h248.html
CUBE(SP): IMS: Support for RF Interface (charging)

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/sbcu/sbc_rx_diam.html
Flexible NetFlow: IPFIX Export Format

http://www.cisco.com/en/US/docs/ios-xml/ios/avc/configuration/xe-3s/asr1000/cfg-avc-xe.html
Flexible NetFlow: Export to an IPv6 Address

http://www.cisco.com/en/US/docs/ios-xml/ios/fnetflow/configuration/xe-3s/asr1000/cfg-de-fnflow-exp
rts-xe.html
FTP66 ALG support for IPv6 Firewall

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-ftp66-ipv6
-fw.html
OL-26698-16
GRE IPv6 Tunnels

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/interface/configuration/xe-3s/ir-gre-ipv6-tunls-x
e.html
IP SLA QFP Time Stamping

http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/xe-3s/asr1000/sla_timestmp.html
IPv6 Firewall Support for Prevention of DDoS Attacks and Resource Management
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-ipv6-ddos-rman.h
tml
IPv6 Zone-Based Firewall Support Over VASI Interfaces

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-fw-ipv6-vasi.html
Lawful Intercept License Monitoring Support

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/csa_rtu.html
NBAR Classification Enhancements for IOS-XE3.7

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_nbar/prot_lib/configuration/xe-3s/nbar-prot-lib.htm
l
NBAR Multi-stage classification

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_nbar/configuration/xe-3s/Classifying_Network_Tra
ffic_Using_NBAR_in_Cisco_IOS_XE_Software.html
Performance Routing (PfR) with NBAR/CCE Application Recognition

http://www.cisco.com/en/US/docs/ios-xml/ios/pfr/configuration/xe-3s/asr1000/pfr-nbar.html
OL-26698-16
Stateful NAT64Interchassis Redundancy

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/iadnat-stful-int-chas.htm
l
Suite-B Support in IOS SW Crypto

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ikevpn/configuration/15-2mt/sec-key-exch-ip
sec.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_vpnips/configuration/15-2mt/sec-cfg-vpn-ips
ec.html
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_pki/configuration/15-2mt/sec-cert-enroll-pki.
html
Unicast Reverse Path Forwarding ACL Support

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_urpf/configuration/xe-3s/urpf-acl-sup.html
Universal SIP40 support for ASR1K

VPLS Autodiscovery, BGP-based

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_vpls_auto_bgp.html
Walk-By User Support for PWLAN

GGSN Pooling Support for Firewalls

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-fw-ggsn-pool.htm
l
IPv6 Over DMVPN

OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6/configuration/xe-3s/ip6-ospf.html
IPv6 Remote Access for IPSec VPN

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-2mt/sec-cfg-flex-cl
nt.html
Bandwidth Based Call Admission Control (CAC)

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/asr1000/voi-cub-c
ac.html
Dynamic REFER Handling on CUBE

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_sip/configuration/xe-3s/asr1000/voi-cub-sip
-dyn-refer-handling.html
External: Support for Inclusion of Authorization Header in the Initial REGISTER Request
http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_sipsip/configuration/xe-3s/asr1000/voi-sip-t
runk-reg.html
Multiple Destination Pattern Support on Voice Dialpeer

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_fund/configuration/xe-3s/asr1000/vd-mdp-d
ialpeer.html
Supplementary Services Support on CUBE for RTP-SRTP calls

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/asr1000/voi-srtp-r
tp-int.html
Support for Populating Route Header Based on Proxy Server IP Address and Port, and Service-route
Header Present in the REGISTER Response
http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_proto/configuration/xe-3s/asr1000/voi-sip-tr
unk-reg.html
OL-26698-16
Support for SIP Registration Proxy on CUBE

http://www.cisco.com/en/US/docs/ios-xml/ios/voice/cube_sipsip/configuration/xe-3s/asr1000/voi-sip-r
eg-proxy.html
E-OAM : Multiple Port MAs Under Single MD

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/ce-cfm-ieee-xe.html
EIGRP IPv6 MIBs

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/eigrp-mib.html
Embedded Packet Capture (EPC)

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/epc/configuration/xe-3s/asr1000/nm-packet-capt
ure-xe.html
Flexible NetFlow: Extracted Fields Support

http://www.cisco.com/en/US/docs/ios-xml/ios/avc/configuration/xe-3s/asr1000/cfg-avc-xe.html
IPSLA 4.0 - IP v6 phase2

http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/xe-3s/sla_icmp_pathecho.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/xe-3s/sla_ftp.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/xe-3s/sla_dns.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/xe-3s/sla_icmp_pathjitter.html
http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/xe-3s/sla_http.html
ISIS client for BFD c-bit support

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bfd/configuration/xe-3s/irb-bfd-isis-cbit.html
MVPNv6
OL-26698-16
http://www.cisco.com/en/US/products/ps5845/products_installation_and_configuration_guides_list.ht
ml
OSPFv3 RFC 3101 Support

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/iro-cfg.html
OSPFv3 MIB
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/asr1000/iro-ospfv3-mi
b.html
Perf-mon V3
http://www.cisco.com/en/US/docs/ios-xml/ios/media_monitoring/configuration/xe-3s/mm-pasv-mon.ht
ml
FRF.12 Support on MFR Interfaces

http://www.cisco.com/en/US/docs/ios-xml/ios/wan_frly/configuration/xe-3s/wan_ml_fr_frf161_xe.htm
l
PfR Syslog and Trap enhancement

The PfR Syslog and Trap Enhancement feature introduces a new CLI command, trigger-log-percentage,
that specifies the percentage of out- of-policy (OOP) PfR traffic classes that trigger a syslog. Enhanced
error message descriptions are accessible from the Error Message Decoder tool.
http://www.cisco.com/en/US/docs/ios-xml/ios/pfr/command/pfr-cr-book.html
PPPoGEC: Per Session QoS

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_mqc/configuration/xe-3s/asr1000/qos-eth-int.html
PWLAN ISG: Walking-by Sessions Scale Support

OL-26698-16
Y.1731/CFM Test TLV support

BGP - Add Path

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-additionalpaths.html
BGP VPLS Auto Discovery Support on Route Reflector

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-int
-features.html
BGP - mVPN SAFI-129 IPv6

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-mvpn-safiipv6.html
BGP - mVPN BGP sAFI 129 IPv4

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-mvpn-safi.
html
BGP - multicast VPN auto-discovery and customer-multicast routing

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-mvpn-safiipv6.html
ISIS BFD TLV

The IS-IS Bidirectional Forwarding Detection (BFD) Tag Length Value (TLV) feature provides a faster
method to detect a loss of an IS-IS adjacency. Before, when an IS-IS adjacency reached the UP state (and
therefore could be used for forwarding), a BFD session needed to be established with that neighbor. Now,
a BFD session is maintained as long as the hello holddown timer for the neighbor does not expire, which
is new for BFD TLV. The BFD session is only deleted if the neighbor hello times out. If BFD signals to
IS-IS that a session has gone DOWN, the adjacency associated with that session will transition to DOWN
state. Once the BFD session goes back UP, the adjacency state can transition back to an UP state. For a
given IS-IS topology, IS-IS determines if BFD is usable for a given neighbor on that topology. BFD is
not usable when BFD is enabled on both sides and the BFD session is down. When there are multiple
BFD sessions enabled for different address families, such as IPv4 and IPv6, if BFD is not usable for any
OL-26698-16
Important Notes
address family, then BFD is consider not usable for the entire adjacency on that topology. For example,
if both IPv4 and IPv6 BFD are enabled for single topology, if either the IPv4 BFD session is down or
IPv6 BFD session is down, the neighbor state will be set to DOWN state. If BFD is not enabled for a
given address family, then BFD is considered usable for that address family. For single topology mode,
the neighbor state is down when either the IPv4 or IPv6 BFD session is not BFD usable, that is, if BFD
is enabled on both sides and the BFD session is DOWN. If BFD is not enabled on either side, BFD will
be set to TRUE. For multi-topology mode, IS-IS adjacency will be in UP state as long as any topology
is UP . However, the neighbor for the topology where BFD is consider not usable is considered down for
that specific topology. For example, if both IPv4 and IPv6 BFD are enabled, and the IPv4 session is
DOWN and IPv6 session is UP, then the IS-IS adjacency is still UP. In this case, the IPv4 neighbor is
considered DOWN and ipv6 neighbor is considered UP.
Important Notes
End of Sale and End of Life of Cisco Traditional NetFlow

Cisco announces the end-of-sale and end-of-life of the Cisco Traditional NetFlow (TNF) Feature on
ASR1000 platform. Cisco will not have any future development, CLI support, TAC support and
Documentation on the Traditional NetFlow (TNF) feature beyond the Cisco IOS Software release XE
3.10.
Customers with Cisco Traditional NetFlow (TNF) Feature on Cisco ASR1000 Platform are encouraged
to migrate to the Cisco Flexible NetFlow (FNF) Feature on Cisco ASR1000 Platform.
For details on transition to Flexible NetFlow, see the Migrating from Traditional to Flexible NetFlow
white paper:
-545581.html
Deferrals
following location:

10
OL-26698-16
Important Notes
Release 3.7.0S
3.7.0S.
OL-26698-16
11
Important Notes
12
OL-26698-16

included.
Note
For information about the features in and important notes about releases prior to Release 3.6.0, see Cisco
IOS XE 3S Release Notes.

New Hardware Features in Cisco ASR 1000 Series Aggregation Services Routers Release 3.6.2S,
page 2
page 2
page 2
page 2
page 2
Cisco Systems, Inc.

www.cisco.com
page 2

There are no new hardware features in Cisco ASR 1000 Series Aggregation Services Routers Release
3.6.2S.

There are no new software features in Cisco ASR 1000 Series Aggregation Services Routers Release
3.6.2S.

3.6.1S.

There are no new software features in Cisco ASR 1000 Series Aggregation Services Routers Release
3.6.1S.

3.6S.

Routers Release 3.6S:
OL-26698-16
ACL syslog Correlation

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-acl-syslog.html
Add Policy and Engineering Capabilities to PETR Usage

ALG: H.323 v6 Support

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/iadnat-applvlgw.html
Audio and Video SPA Supports High-Definition (HD) Video

Effective from Cisco IOS XE Release 3.6S, the WebEx Node SPA supports the WebEx WBS27SP32
version. This WebEx version supports both High Quality (HQ) and High-Definition (HD) Video on the
Audio and Video SPA.
ASRovwma.html#wpaudio_and_video_SPA
IPsec Feature License for Monitoring and Reporting

From Cisco IOS XE Release 3.6S onward, you can test IPsec features by activating the built-in
evaluation license and accepting the End User License Agreement (EULA). You must activate this
license and accept the EULA to ensure that the crypto commands associated with an interface are not
blocked. For more information about this feature, see the Software Activation Configuration Guide,
Cisco IOS XE Release 3S at the following location:
http://www.cisco.com/en/US/docs/ios-xml/ios/csa/configuration/xe-3s/csa-xe-3s-book.html
BFD - BFD Hardware Offload Support

http://www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html#w
pxref23529
BFD C Bit Support - RFC5882

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bfd/configuration/xe-3s/irb-xe-3s-book.html
OL-26698-16
BFD Support for EIGRP IPv6

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-bfd-ipv6.html
BFD: BGP Multihop Client Support and C Bit (IPv4/IPv6)

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-multihop-cbit.html
BGP - iBGP NSR

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-nsr-ibgp.html
BGP - mVPN BGP sAFI 129 - IPv4

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-mvpn-safi.html
BGP NSR - Autosense

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-nsr-autosense.html
BGP: Graceful Shutdown (GSHUT)

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-grace-shut.html
Carrier Grade Network Address Translation

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/iadnat-cgn.html
CEM Support for SPA-2CHT3-CE-ATM

ASRspasw.html
http://www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/install_upgrade/ASR1000
/asr_sip_spa_hw.html
OL-26698-16
Cisco Unified Border Element (SP Edition): Common IP Address Media Bypass
http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/sbcu/sbc_pol.html
Cisco Unified Border Element (SP Edition): Via Header Passthrough

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/sbcu/sbc_scf.html
Class Default Shaper on Physical Interface in Combination with Service Policy Applied to dMVPN
Tunnel
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_dmvpn/configuration/xe-3s/sec-conn-dmvpnxe-3s-book.html
CSL CallHome for the Cisco ASR 1001 Router

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/csa_callhome.html
EIGRP IPv6 NSF/GR

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/eigrp-ip6-nsf.html
EIGRP Route Tag Enhancements

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-en-rou-tag
s.html
Enhanced Route Tags

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-en-rou-tags.html
Ethernet Operations, Administration, and Maintenance (OAM)

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/ce-oam.html
OL-26698-16
GEC VPWS Support

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/mpls.html
Group Encrypted Transport VPN Key Server

IOS ACL Support for Filtering IP Options

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-create-ip-al-filter.
html
IP SLAs TWAMP Responder v1.0

http://www.cisco.com/en/US/docs/ios-xml/ios/ipsla/configuration/xe-3s/sla_twamp.html
IP Tunnel - SSO c7600

http://www.cisco.com/en/US/docs/ios-xml/ios/interface/configuration/xe-3s/ir-impl-tun-xe.html
IPv6 ACL Extensions for Hop by Hop Filtering

http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6/configuration/xe-3s/ip6-acl-ext-hbh-xe.html
IPv6 VRF-Aware PBR Next-Hop Enhancement

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-3s/mp-mltvrf-slct-pbr.htm
l
ISG Downstream EnhancementsPassthrough and Idle-Timer

http://www.cisco.com/en/US/docs/ios-xml/ios/isg/configuration/xe-3s/isg-acess-ip-sess.html
IS-IS IPv6 Administrative Tag

OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_isis/configuration/xe-3s/ip6-route-isis-adm-tag.
html
IS-IS IPv6 Advertise Passive Only

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_isis/configuration/xe-3s/ip6-route-isis-adv-pass
-onl.html
L2VPN Interworking: Frame Relay to ATM (Bridged Mode)

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/mpls.html
LISP Virtualization Support for Multiple Parallel RLOC Domains

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_lisp/configuration/xe-3s/irl-xe-3s-book.html
MediaTrace 2.0
http://www.cisco.com/en/US/docs/ios-xml/ios/media_monitoring/configuration/xe-3s/mm-mediatrace.
html
MPLS TE - TE Display Debug Info for PCALC Error Show Command

http://www.cisco.com/en/US/products/ps11174/prod_release_notes_list.html
MPLS Traffic Engineering - AutoTunnel Mesh Groups

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_te_path_setup/configuration/xe-3s/mp-te-autotun-m
esh.html
MPLS Traffic Engineering - FRR Scalability Enhancements

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_te_path_protect/configuration/xe-3s/mp-te-frr-node
-prot.html
MPLS Traffic Engineering (TE) - Class-Based Tunnel Selection

OL-26698-16
http://www.cisco.com/en/US/docs/ios-xml/ios/mp_te_path_setup/configuration/xe-3s/mp-te-tun-select
-xe.html
NBAR Classification Enhancements

http://www.cisco.com/en/US/docs/ios-xml/ios/qos_nbar/prot_lib/configuration/xe-3s/proto_lib1.html
OSPFv3 VRF-Lite/PE-CE
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/command/iro-cr-book.html
Per Tunnel QoS

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_dmvpn/configuration/xe-3s/sec-conn-dmvpnxe-3s-book.html
Perf-mon V3
ml
Performance Monitoring - IPv6 Support

ml
Proxy Mobile IPv6 Local Mobility Anchor

http://www.cisco.com/en/US/partner/docs/ios-xml/ios/mob_pmipv6/configuration/xe-3s/imo-pmipv6-l
ma-support.html
Route Server Based Provisioning for PITR

Routed Pseudowire and Routed VPLS

OL-26698-16
Important Notes
http://www.cisco.com/en/US/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/mp-rt-pw-rt-vpls.html
SSO Support for MPLS-TE Autotunnel-Automesh Feature

http://www.cisco.com/en/US/docs/ios-xml/ios/mp_ha/configuration/xe-3s/mp-sso-supp-mpls-te-autotu
n-automesh.html
Support Multiple xTRs with Dynamic RLOCs at a Site

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_lisp/configuration/xe-3s/irl-xe-3s-book.html
USB eToken 64 KB Smartcard Support

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_pki/configuration/xe-3s/sec-store-pki-cred.ht
ml
Zone-Based Policy Firewall IPv6 Support

The zone-based policy firewall provides advanced traffic filtering or inspection of IPv4 and IPv6
packets. In Cisco IOS XE Release 3.6S and later releases, both IPv4 and IPv6 packet inspection are
enabled by default. If you need to bypass the IPv6 packet inspection, you need to configure the pass
action. The pass action passes the traffic from one zone to another. When the pass action is configured,
the firewall does not inspect the traffic; it passes the traffic. In the IPv6 firewall, you must explicitly
configure the pass action for the return traffic by defining a zone pair and a policy map with pass action.
For detailed information about the Zone-Based Policy Firewall IPv6 Support feature, see the following
Cisco document:
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-zbf-ipv6.html
Important Notes
Deferrals
OL-26698-16
Important Notes
following location:

Release 3.6.0S
3.6.0S.
10
OL-26698-16
Caveats in Cisco ASR 1000 Series Aggregation

Services Routers Release 3.10S
This chapter provides information about the caveats in Cisco ASR 1000 Series Aggregation Services
Routers Release 3.10S. Caveats describe unexpected behavior. Severity 1 caveats are the most
serious caveats. Severity 2 caveats are less serious. Severity 3 caveats are moderate caveats. This
chapter includes severity 1, severity 2, and selected severity 3 caveats.
Note
For information about the caveats pertaining to releases earlier than Release 3.6S, see Cisco IOS XE 3S
Release Notes.
We recommend that you view the field notices for the current release to determine whether your
software or hardware platforms are affected. You can access the field notices from the following
location:
In each section, the following information is provided for each caveat:
Note
SymptomA description of what is observed when the caveat occurs.
ConditionsThe conditions under which the caveat has been known to occur.
WorkaroundSolutions, if available, to counteract the caveat.
If you have an account on cisco.com, you can also use the Bug Toolkit to find select caveats of any
severity. To reach the Bug Toolkit, log in to cisco.com and go to
http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. (If the defect that you have
requested is not displayed, it may be due to one or more of the following reasons: the defect number does
not exist, the defect does not have a customer-visible description yet, or the defect has been marked
Cisco Confidential.)
The Dictionary of Internetworking Terms and Acronyms contains definitions of acronyms that are
not defined in this document:
http://docwiki.cisco.com/wiki/Category:Internetworking_Terms_and_Acronyms_(ITA)
Cisco Systems, Inc.

www.cisco.com
Resolved CaveatsCisco ASR 1000 Series Aggregation Services Routers Release 3.10.0S, page 2
Open CaveatsCisco ASR 1000 Series Aggregation Services Routers Release 3.10.0S, page 36
Resolved CaveatsCisco ASR 1000 Series Aggregation Services Routers

Release 3.10.0S
This section documents the resolved issues in Cisco ASR 1000 Series Aggregation Services Routers
Release 3.10.0S.
CSCtc17240
Symptoms: Some third party SIP PBXs may have interoperability problems with the authentication
header of a Cisco SIP gateway.
Conditions: Per RFC 3261 section 25.1, the "nc" value, or nonce-count, should have lower case hex.
This is defined as follows:
nonce-count
= "nc" EQUAL nc-value nc-value
= 8LHEX LHEX
/ %x61-66 ;lowercase a-f A snippet of the offending messaging: ...
cnonce="305EE7FF",qop="auth",algorithm=MD5,nc=0000000A
DIGIT
Workaround: There is no workaround.
CSCti43486
Symptom: Summary option was not available in show crypto gdoi ks member
Conditions: New option added to this CLI.
CSCtj24692
Symptom: Nvram config file gets corrupted when a chassis is power cycled without a graceful
shutdown.
Conditions: Power cycle an ASR chassis without graceful shutdown.
Workaround: Shutdown chassis using reload command and make sure RP gets to rommon before
power cycling the chassis.
CSCtl55445
Symptom: CUBE logging the following message:
%SIP-3-INTERNAL: Cannot insert call history entry for callID
Conditions: Calling party cancels call before connection:

INVITE
--------------->--------------->
<--------------<---------------CANCEL
180 Ringing
---------------->--------------->
<----------------<-----------------
100 Trying
<--------------<---------------200 OK
487 Request Cancelled
<------------------<---------------
ACK
-------------------->--------------->
CSCto64199
Symptom: Queuing has not shifted to other interface
Conditions: There is no known condition.
Caveats in Cisco ASR 1000 Series Aggregation Services Routers Release 3.10S
OL-26698-14
CSCto81601
Symptom: If there is a problem with publishing the certificate revocation list ( CRL ), a major
problem must exist and so that further publishing is suspended until the issue is addressed and the
CA requires a shut/no shut. Currently there is no error message which suggests what happened with
CRL. Need to add proper error messaging to make it more interactive
Workaround: A "shut" / "no shut" on the CA server should result in the CRL being published again.
CSCtx99353
Symptom: Error message on router %SYS-3-INVMEMINT: Invalid memory action (malloc) at
interrupt level The error message can lead the device to crash
Conditions: The symptom is observed when music on hold (MOH) is enabled.
Workaround 1: Remove the route list from the multicast MOH CLI, so that you can still have music
on hold and can continue the feature.
Workaround 2: Disabling the MOH (but no music comes on hold).
CSCty59423
Symptoms: Memory leak seen with following messages:
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "VOIP_RTCP", ipl=
0, pid= 299 -Traceback= 0x25B1F0Cz 0x25AB6CBz 0x25B1029z 0x46C02Ez 0x46C89Bz
0x46BCC2z 0x471D12z 0x43EF59Ez 0x43DD559z 0x43DCF90z %SYS-2-MALLOCFAIL: Memory
allocation of 780 bytes failed from 0x46C02E, alignment 32
Conditions: The conditions are unknown.

CSCty91566
Symptoms: Potential memory leak is seen when handling DNS lookup response.
Conditions: This symptom is observed when handling DNS lookup response.
CSCtz13023
Symptoms: A SIP gateway may crash with a bus error.
Conditions: This symptom is observed when the SIP gateway is configured as a SIP registrar. The
configurations for this are as follows: voice service voip sip registrar server
Workaround: There is no workaround available at this time.
CSCua78771
Symptom: Error message display needs cosmetic changes to follow style.
Conditions: This symptom is observed in rare situations, when a error message is displayed. Need
to update the message format to follow style guidelines.
CSCua80616
Symptom: SPA handle invalid message seen after doing 'hw-module subslot x/y shut' on ethernet
line card (ELC).
Conditions: This symptom is observed when we have multiple ELC sources configured i.e. Primary
& secondary network clock sources from ELC & we execute ELC shut using 'hw-m sub x/y shut'
command, we see SPA invalid handle error message.
OL-26698-14
CSCua90097
Symptom: flexVPN client ikev2 sa stuck at IN-NEG with status description: Initiator waiting for
AUTH response
Conditions: This symptom is observed whenflexVPN server initial clear crypto session command
to clear 4K crypto sessions. After crypto session recovered, there is 1 ikev2 sa at flexVPN client
stuck at IN-NEG status. At flexVPN server, there is no ikev2 peer
Workaround: flexVPN client is able to use clear crypto ikev2 sa psh <index> command to delete
stuck ikev2 sa
CSCub05364
Symptom: Router acting as SRTP gateway crash
Conditions: This symptom is observed when a router printing the message
SYS-4-CHUNKSIBLINGSEXCEED for "Srtp stream chunk" process prior to the crash
CSCub06422
Symptom: Call flow: PSTN---pri---Voice Gateway---sip---SIP server After running fine for 6-7
days, calls through voice gateway fail (100% of the calls fail). On a call that comes in through the
PRI, INVITE is sent with "m=audio 0..". Then, on getting "200 OK" from the other end, gateway
disconnects the call.
Conditions: This symptom is observed when router up and running for 6-7 days
Workaround: Reload the router.
CSCub18622
Symptoms: Dynamic ACL does not get applied to the interface ACL, but the user shows up in the
show ip auth-proxy cache command output.
Conditions: This symptom is observed when auth proxy is configured on a tunnel interface.
Workaround: Move the auth-proxy rules onto a physical interface.
CSCub19185
Symptoms: Path confirmation fails for a SIP-SIP call with IPV6 enabled.
Conditions: This symptom is observed when UUTs are running Cisco IOS Release 15.2(2)T1.5.
CSCub50350
Symptom: Remote loopback messages under show interface and show controller output are not
set correctly.
Conditions: This symptom is observed when remote loopback configuration.
CSCub56842
Symptoms: The router stops passing IPsec traffic after some time.
Conditions: This symptom is observed when the show crypto eli command output shows that during
every IPsec P2 rekey, the active IPsec-Session count increases, which does not correlate to the max
IPsec counters displayed in SW.
OL-26698-14
Workaround: Reload the router before active sessions reach the max value. To verify, run the show
crypto eli command:
router#sh cry eli
CryptoEngine Onboard VPN details: state = Active
Capability
: IPPCP, DES, 3DES, AES, GCM, GMAC, IPv6, GDOI, FAILCLOSE, HA
IPSec-Session :
7855 active,
8000 max, 0 failed .
CSCub83722
Symptom: Tunnel output rate packets are not incrementing.
CSCub98177
PPPoE session terminated by LAC with SSM DISCONNECT
Symptom: ASR1k as LAC running IOS XE RLS3.5.2 may disconnect PPP session by TermReq
without visible reason, each time in show pppoe stat incrementing "SSM
Conditions: This symptom is observed in SSO mode during RP switchover
CSCuc09667
Symptom: Router experiences crashes due to SIP due to a freed pointer in memory.
CSCuc11170
Symptom: GM removal did not work post COOP merge after experiencing a 3-way or more split
Conditions: This symptom is observed when GETVPN COOP with 3-way (or more) Split and
Merge, followed by any rekey or "gm removal"
CSCuc25582
Symptom: SIP secure phones drop calls when they Hold and Resume a call to a non-secure phone.
Conditions: This symptom is observed under the following conditions:
CONDITION I (tested in lab): 8945 SIP Phone Reproduce steps: 3 phone A,B,C register to
secure-SRST sip phone A B , sccp phone C. A,B in encrypted mode, phone C in non-secure
mode. A call B, establish a secure call. B press transfer to C. After B and C establish a
non-secure call, B press transfer. then B toast display "call transfered successfully!", but A and
C do not establish a call. phone A and C should establish a non-secure call.
CONDITION II (Customer scenario): Secure SRST. SIP Phones registered to the router with
secure and non-secure profiles. Call Flow: SIP Phone A (secure) ---> SIP Phone B (non-secure).
A pressed Hold,Resume. SIP Phone A (secure) ---> SIP Phone C (secure) -----> Transfers call
to SIP Phone B (secure). Phone A is not asked by router to stop transmitting SRTP and switch
to RTP. Problem has been observed on 6941, 7962 and 8945 SIP phones.
CSCuc25995
Symptoms: A router unexpectedly reboots and a crashinfo file is generated. The crashinfo file
contains an error similar to the following:
OL-26698-14
%ALIGN-1-FATAL: Illegal access to a low address 04:52:23 UTC Wed Sep 19 2012 addr=0x4,
pc=0x26309630z , ra=0x26309614z , sp=0x3121BC58
Conditions: This symptom is observed when IPsec is used. More precise conditions are not known
at this time.
CSCuc29179
Symptom: ASR1k filters out the ARP requests with its own source address. This leads to ping failure
between two interfaces which belong to different vrf and own same IP subnet;vrf v1 1.0.0.1/24 and
vrf v2 1.0.0.2/24, for instance.
Conditions: - This symptom is observed when gig0/0/0 connected b2b to another interface on same
router (with VRF configured on atleast one of the interfaces)
Workaround: - Configure some mac on gig0/0/0 and then unconfigure the mac.
CSCuc31339
Symptom: Console error message similar to the following:
%ASR1000_INFRA-3-EOBC_SOCK: R0/0: linux_iosd-image: Socket event for
failed to send 1472 bytes; Resource temporarily unavailable
EO0, fd 16,
Conditions: This symptom is observed when large number of feature configurations exist.
CSCuc34574
Symptoms: A pending-issue-update is seen at SSL CPP CERT on the Cisco ASR 1002, ESP-1000
platform.
Conditions: This symptom is observed with the following configuration: show platform software
object-manager fp active pending-issue-update Update identifier: 128 Object identifier: 117
Description: SSL CPP CERT AOM show Number of retries: 0 Number of batch begin retries: 0
CSCuc44749
Symptom: Audio distortion for MMOH stream produced by GW, when live-feed from FXO port is
used
Conditions: This symptom is observed when live-feed is implemented to produce MMOH stream in
CME environment, where Live-Feed source is connected to an FXO port. File based MOH also to
be configured, and the file needs to be in Cached state.
Workaround: Remove the file based MOH or have a file based MOH which will not be cached.
CSCuc58220
Symptom: CME not pushing agent stats fields to tftp. (logged in and out times)
Conditions: This symptom is observed when Benelli specific fields not getting pushed.
CSCuc80859
Symptom: Display related issue and some incorrect debug categorization
Conditions: This symptom is observed when debug ccsip feature <feature> is configured.
CSCuc99329
OL-26698-14
Symptom: When we try to create or get a certificate with issuer-name same as that of any certificates
that already exists, no new certificate is created and the existing one is used.
Conditions: This symptom is observed in the following cases:
If the certificate server is created using an issuer or subject name when another trustpoint
already exists with that same issuer or subject name.

If you try to authenticate a CA certificate with issuer or subject name same as that of any
certificate that already exists.

Workaround: Use different issuer-name for different trustpoints.
CSCud01385
Symptom: Continuous tracebacks is seen at nhrp_ipv6_mark_route
Conditions: This symptom is observed when traceback is seen at nhrp_ipv6_mark_route when "no
ipv6 unicast-routing" command is issued on the hub while sending traffic from spoke to spoke.
Workaround: Do not issue no ipv6 unicast-routing command while sending traffic
CSCud29930
Symptom: An ASR1002-X Built-in SPA may record runts on its Gigabit Ethernet interfaces when
using a SFP-GE-T (copper). This is not seen with an SFP-GE-S (fiber).
Conditions: This symptom is observed when any frame that requires Ethernet padding to be added
to make it 64 bytes.
CSCud33882
Symptom: SIP phones not registering to SRST when number cli with wild card configured under
voice register pool.
Conditions: This symptom is observed when you configure number cli with wild card configuration
under voice register pool. number 1 900....
Workaround: Create separate pools for all the phones without wild cards.
CSCud36343
Symptom: SRTP packets sourced from gateway / conference bridge have SSRC=0. This may cause
audio / one-way audio issues.
Scenario 1 Signalization: E1 <> GW <> MGCP <> CUCM <> SIP / SCCP <> IP Phone Media:
E1 <> GW <> SRTP <> IP Phone SSRC=0 sent by GW SSRC !=0 sent by phone
Scenario 2 Signalization: IP Phone 1 <> CUCM <> SCCP <> GW (conf bridge)
|------<> IP Phone 2
|------<> IP Phone 3 Media: IP Phone 1 <>
SRTP <> GW (conf bridge) <> SRTP <> IP Phone 2
|------------<> SRTP <> IP Phone 3 SSRC =0 sent by GW (conf bridge) SSRC !=0 sent by phones
Conditions: This symptom is observed on IOS 15.2(4)M1 IOS 15.2(4)M2 SRTP enabled
Workaround: Disable SRTP or downgrade IOS to 15.2(1)T3
CSCud37099
Symptoms: When SIP KPML digits are being received by SIP-GW, they are not consumed even
though it is configured to consume those KPML digits. This is causing the remote end point to hear
unwanted DTMF tones.
Conditions: This symptom is observed when SIP-GW negotiates KPML and receives KPML digits
from SIP side.
OL-26698-14
CSCud41708
Symptoms: In a scaled GETVPN environment with a large number of GM's each in their own group,
executing show crypto gdoi gm or show crypto gdoi gm acl commands produce empty output or
cause CPU Hog backtraces.
Conditions: This symptom is observed when a large number of GM's each in their own group and
the show crypto gdoi gm or show crypto gdoi gm acl command is executed.
CSCud42938
Symptom: After a clear cry session, sometimes ident SM remains at responder side.
Conditions: This symptom is observed when a clear crypto session multiple times, crypto map
deletes but ident remains due to race condition between new connections also coming up. Since map
is removed and ident remains, the new connections now never comes up
Workaround: Router reboot
CSCud49843
Symptom: During call transfer, after entering the transfer number ,instead of "Ringout" it is
displayed as "Transfer" in SRST mode
Conditions: This symptom is observed during call transfer.
CSCud51791
Symptoms: Memory leak is seen on the router related to CCSIP_SPI_CONTRO.
Conditions: This symptom is observed in CME SIP phones with Presence in running-configuration.
CSCud52658
Symptom: IKEv1 CERTREQ payloads exchanged by initiator and responder both contain all
trustpoints and trustpools. This enhancement request is for limiting the size of the CERTREQ
payload by not sending trustpools.
CSCud58633
Symptoms: The "initial-contact" configuration option not needed, as the behavior is already
enabled.
Conditions: This symptom is observed when you use IKEv2, along with Cisco IOS Release
15.2(4)M.
CSCud59210
Symptom: Caller ID does not work for Inbound calls using FXO
Conditions: This symptom is observed in IOS version 15.x.
CSCud60826
OL-26698-14
Symptom: PSTN -- T1 PRI --- IOS Gateway -- SIP --- CUCM --- Agent IP Phones One-way audio
may be observed between a PSTN caller and an Agent IP phone connected via a SIP IOS Gateway
such as ISR-G2 routers. The "tx" counter in the IP leg of "show call active voice brief" command
will stop incrementing. Example : 11E4 : 446 583400ms.1 (22:38:27.944 UTC Sun Dec 9 2012)
510 pid:5555 Originate 2222 connected dur 00:00:33 tx:1295/207200 rx:0/0 dscp:0 media:0 audio
tos:0xB8 video tos:0x0 IP <ip-addr:port> SRTP: off rtt:0ms pl:0/0ms lost:0/0/0 delay:65/65/65ms
g711ulaw TextRelay: off Transcoded: No media inactive detected:n media contrl rcvd:n/a
timestamp:n/a long duration call detected:n long duration call duration:n/a timestamp:n/a
Conditions: This problem was observed when the gateway received "a=sendonly" in the SDP
answer during Re-invite based media re-negotiation to put the call on hold. The media direction was
updated to sendrecv mode in the subsequent call resume but the Gateway never transmits any RTP
audio packets.
Workaround: Set "Duplex Streaming Enabled" service parameter in CUCM to "True". This
mitigates the problem since the "a=sendonly" media direction attribute is not sent during call hold.
CSCud60977
Symptom: CRL file is not deleted when CS server is unconfigured manually by no crypto pki
server <name>
Conditions: CS server should be run before sever is unconfigured. crypto pki server <name> no shut
Workaround: Delete CRL file manually.
CSCud61517
Symptoms: CUBE crashes during a blind-transfer scenario and when "media preference IPv6" is
configured.
Conditions: This symptom is observed when "media preference IPv6" is configured but is not seen
when "media preference IPv4" is configured.
Workaround: Configure "media preference IPv4".
CSCud62138
Symptoms: DTMF path confirmation fails with "MidCall failure using invalid c=FQDN with
PRACK"
Conditions: This symptom is observed when a router loaded with
c2900-universalk9-mz.SSA.153-1.8.T
CSCud62864
Symptoms: When the Mid-call Re-INVITE consumption feature is active, CUBE consumes
Re-INVITE which should change the media state from "sendonly" to "sendrcv". This results in a one
way or no way audio on the call.
Conditions: This symptom is observed when the CUBE Mid-call Re-INVITE consumption feature
is enabled.
CSCud63146
Symptoms: In a GETVPN scenario, the GM fails to install policies on reload. A crypto map is
applied on ethernet 0/0 while the local address of the crypto map is configured with ethernet 0/1.1
Conditions: This symptom is observed after a reload. The GM fails to install policies from the key
server.
Workaround: Remove the crypto map configuration on the interface and reapply.
OL-26698-14
CSCud64870
Symptom: DMVPN hub ASR1004 may crash after the fetching CRL from MS CRL server.
Conditions: The crash occurs when there are 5 CDPs for the hub router to fetch the CRL. Since there
are multiple CDPs, the hub router fetches the CRL in a parallel way, which leads to a crash under
a timing issue.
Workaround: Setting up one CDP instead of multiple CDPs will greatly reduce the timing condition
that leads to the crash.
CSCud65119
Symptoms: A crash may occur while using GETVPN with fragmented IPv6 traffic.
Conditions: This symptom is observed when IPv6 IPsec is used. This issue is triggered by
fragmented IPv6 packets.
CSCud66955
Symptoms: SPA-2CHT3-CE-ATM is flapping with Nortel Passport due to the fast bouncing of up
or down 10s, after the interface is brought up.
Conditions: This symptom is observed in E3 and DS3 mode.
CSCud67105
Symptoms: Virtual-Access is not removed when "clear ip nhrp" or "clear crypto session" are issued
or when spoke-spoke FlexVPN session is gone. This is seen only in case of FlexVPN.
Conditions: This symptom is observed when CSCuc45115 is already in image.
CSCud67653
Symptom: ASR1001 (1RU) builtin 4x1GE spa MIB poll for entSensorStatus returns a value of 3
which is "nonoperational" when CLI sensor reports no reading.
Conditions: This bug is specific to 1RU (ASR1001) builtin spa 4X1GE. This symptom is observed
when no reading is seen from output of show hw-module subslot all sensors
Workaround: Possibly filter entSensorStatus value within customer NMS application.
CSCud67779
Symptoms: One-way audio is observed when a call goes through BACD and comes over SIP trunk.
Conditions: This symptom is observed when a call comes through SIP trunk and is connected to an
agent phone via BACD during the third call xfer, along with the "headset auto-answer" configuration
in the ephone.
Workaround: Remove the "headset auto-answer" configuration in the ephone configuration.
CSCud68178
Symptoms: The Cisco ASR 1000 series router and Cisco ISR 4400 series hubs crash.
Conditions: This symptom is observed when the physical and tunnel interface are flapping.
CSCud69592
Symptoms: The Call Progress Analysis (CPA) feature does not work. Though DSP is allocated and
programmed for the CPA functionality, no CPA events are detected and reported.
10
OL-26698-14
Conditions: The symptom is observed for those call flows, where media bridging occurs after 200
OK responses.
CSCud70629
Symptoms: Incremental memory leaks are seen at IPSec background proc.
Conditions: This symptom is observed with "clear nhrp cache".
CSCud75278
Symptom: ATM event trace is holding too many memory (about 16M Bytes) even if ATM feature is
not enabled.
Conditions: This symptom is observed when router is active
Workaround: Change the event trace size manually to a small value.
infra-asr1001-4(config)#monitor event-trace platform atm size ? <1-1000000> Number of entries
in trace
CSCud78362
Symptoms: GW starts to drop calls randomly if you increase simultaneous calls beyond 350.
Conditions: This symptom is observed if 350 calls are connected on GW, some doing digit
collection using Cisco ASR(MRCPv2) and some playing media. Increasing a few more calls triggers
the issue of call drops and total calls stay at only 350.
CSCud78578
Symptom: RP crashes after FP switchover
Conditions: This symptom is observed when FP(FP80) reload with qos configs and traffic flowing
in the background
CSCud78618
Symptoms: Router crashes.
Conditions: This symptom is observed when applying IVRF configuration on IKE profile.
CSCud78649
Symptoms: The following error message occurs when activating SBC: "SBC: SBC ^TÛ^\V not
configured"
Conditions: This symptom is observed when you run the activate command just after the
media-address ipv4 ... command, as shown below:
ASR-1001-CCN-7(config)#sbc test
ASR-1001-CCN-7(config-sbc)#sbe
ASR-1001-CCN-7(config-sbc-sbe)#media-address ipv4 1.20.0.2 vrf vrfa
ASR-1001-CCN-7(config-sbc-media-address)#activate SBC: SBC Â^T not configured
Workaround: Exit SBC first, then enter SBC again and then run the activate command.
CSCud79391
OL-26698-14
11
Symptom: AVC functionality (performance monitor and media-net) was missing from
advipservices image. It was only present in adventerprise
Conditions: When loading an advipservices image, AVC functionality could not be configured.
CSCud83835
Symptoms: An IPsec VPN tunnel fails to be established. The debug crypto ipsec command shows
no output when attempting to bring up the tunnel.
Conditions: This symptom is observed when all of the following conditions are met:
The crypto map is configured on a Virtual-Template interface.
This Virtual-Template interface is configured with "ip address negotiated".
The tunnel is initiated locally (in other words, if the tunnel is initiated by the peer, it comes up
correctly).
Workaround: Downgrade to Cisco IOS Release 15.2(2)T3 or earlier releases or always initiate the
VPN tunnel from the peer.
CSCud85342
Symptom: IKE responder fails to accept phase 1 proposal with rsa-sig authentication with public
RSA keys and no trustpoints configured
Conditions: An authentication mechanism of rsa-sig is configured and rsa-encr cannot be used due
to hardware/software limitations
Workaround: Use rsa-encr if supported, otherwise switch to using actual certificates with trustpoint
or pre-shared keys.
CSCud86240
Symptoms: The Cisco ASR 1000 ESP crashes (ucode core file created) when compressed packets
are sent on a Multilink PPP interface using the Cisco IOS XE 3.5 Release and earlier Cisco ASR
1000 software images. On Cisco IOS XE 3.6 Release and later on Cisco ASR 1000 software images
a crash does not occur, but routed traffic on configured interfaces are not forwarded. However,
local traffic between the peer routers may still be forwarded. In all releases, routed traffic will be
dropped on any other interfaces (for example, PPP, Multilink PPP, HDLC, and so on.) configured
for this mode of compression.
Conditions: This symptom is observed if the legacy IOS compression feature compress [mppc | stac
| predictor] is configured on any interface (for example, PPP, Multilink PPP, HDLC, and so on.).
If this feature is configured on a Multilink PPP interface then the ESP crash can be encountered if
using an Cisco IOS XE 3.5 Release and an earlier Cisco ASR 1000 software image.
Workaround: Remove the compress [mppc | stac | predictor] feature configuration from all
interfaces as this functionality is not supported on the Cisco ASR 1000 router. The software fix
associated with this bug report will be removing this configuration option from the Cisco ASR 1000
router.
CSCud87915
Symptom: EzVPN client cannot access the Internet over the VPN. Access to Hub internal resources
works fine. The ZBF firewall on the Hub drops the encryptred ESP(udp) traffic from self to out
containing reply from the host on the Internet.
Log on the hub:
12
OL-26698-14
*Dec 28 15:34:51.189: %FW-6-DROP_PKT: Dropping udp session 8.8.8.2:0 8.8.8.1:53000 on

zone-pair self-out class class-default due to
ip ident 0
DROP action found in policy-map with
source IP and port is incorrect.
Conditions: This symptom is observed when EzVPN client behind NAT and source port is PATed is not udp 4500. EzVPN client reaching the Internet with u-turn on the Hub. Hub has ZBF policy
from self to outside permitting VPN traffic. Hub has CEF enabled.
Workaround: Remove the ZBF policy from self to outside.
CSCud88483
Symptom: In a GETVPN and IPsec redundant configuration combination, if you reload a secondary
group member in the topology it will cause TEK registration of the group member to be lost once
the router comes back up and the HSRP does a state transition to standby.
Conditions: The symptom is observed with a GETVPN with IPsec redundancy configuration.
Workaround: Wait for the next rekey or issue clear crypto gdoi.
CSCud92596
Symptom: when send traffic with vlan2 tag between 2 ixia ports through ASR 1004 as below. After
show controller, could found "input vlan errors" counter increases without any packet drops. We also
found when show interface, the value of "input errors" counter under related interface is 0.
CSCud94313
Symptoms: PKI_INV_SPI messages are seen on the console.
Conditions: This symptom occurs in a FlexVPN setup where Virtual-template is configured and
IPsec drops are seen.
CSCud94623
Symptom: Spurious Memory Traceback related to VXML module seen
Conditions: This symptom is observed after IOS upgrade to pi21/15.3(2)T build 153-1.11.T
CSCud95387
Symptoms: Call transfer with Trombone and ANAT fails.
Conditions: This symptom is observed when CUBE is configured with ANAT and Antitrombone,
and during call transfer, the call fails due to wrong media negotiation.
Workaround: Disable ANAT.
CSCud96896
Symptom: "x Calls in queue" status is not displayed on all agents in the hunt group.
Conditions: This symptom is observed when a particular agent is logged out, then the subsequent
agents (i.e in the order in which they are configured a list member) do not get the status update.
Workaround: Have all the agents logged in.
CSCud97548
Symptom: ptime value not sent in INVITE when VCC has multiple codecs
OL-26698-14
13
Workaround: use sip profile to add ptime on outgoing SDP
CSCue00040
Symptom: term length command not obeyed by show voip rtp conn command
Conditions: show command
CSCue00726
Symptom: There is no functional impact to the system performance, warning messages will be seen
only during initialization of the router and there are no security concerns on these units:
*Dec 16 17:58:02.432: IOSXE_PLATFORM-3-WDC_INVALID_LENGTH WDC length can not be
determined: 65535 *Dec 16 17:58:10.703: PLATFORM_SCC-1-AUTHENTICATION_FAIL Chassis
authentication failed *Dec 16 17:58:10.703:
IOSXE_AUTHENTICATE-2-AUTHENTICATE_FAILED. The platform authentication failed
Conditions: Programming of Quack & WDC (Watch Dog Certificate) was accidentally disabled in
manufacturing during the regression testing. This caused units to ship without Quack & WDC
programming. These messages show up at boot up for these specific units that had the quack
disabled
CSCue03940
Symptom: When an invalid SPI packet is received, the receiving gateway is unable to identify
correctly that the packet is dropped due to the reason of invalid SPI. Instead, it gave a wrong reason
that it is a non-IPSEC packet.
Conditions: Problem happen when a router running IPSEC/VPN is receiving an invalid SPI packet.
CSCue05798
Symptom: Need to backout due to hardware limitation
Conditions: Fix not needed due to hardware limitation
CSCue14418
Symptom: Only single L2TP IPSEC vpn client can connect to vpn when they are behind PAT device
even though NAT DEMUX is configured.
Conditions: This symptom is observed when VPN clients behind PAT device
CSCue14586
Symptom: After reload system may not be able bring up all ipsec tunnels at high scale (1k) group
members.
Conditions: This symptom is observed when ASR1K with GETVPN, 1k group members.
Workaround: Issue a clear clear crypto gdoi to force re-registration and rebuild of tunnels.
CSCue17371
Symptom: NTE cannot passthrough
Conditions: This symptom is observed during call transcoding.
14
OL-26698-14
CSCue25575
Symptoms : The crash is observed for SDP pass through or call forward or antitrombone cases.
Conditions: This symptom is observed when a basic call involving SDP pass through or call forward
or antitrombone cases.
Workaround: There no workaround.
CSCue32707
Symptoms: "crypto pki export" in PKCS12 format may lead to router crash.
Conditions: This symptom is observed in Cisco IOS Release 15.2(4)M2.
CSCue33313
Symptom: A Cisco ASR repeatedly produces a "no-input" event despite inputs provided by caller.
Conditions: This symptom is observed when IOS VXML GW running Cisco IOS Release 15.x. Problem seems to be triggered by a "no-match' event prior to providing expected responses.
Debugs show the following order of events:
1. GW instructs TTS server to say "please say yes or no, or press digits 1 or two".
2. GW instructs ASR to recognize.
3. Customer says "one two three four" and the GW forwards this audio to the ASR.
4. ASR instructs GW "no-match".
5. GW instructs TTS server to say "no match event received please try again".
6. GW instructs ASR to recognize.
7. Customer says "yes", but the GW does not forward the RTP containing "yes" to the ASR server.
8. GW receives "no-input" event from ASR as a result of no RTP containing speech being sent to
ASR.
9. GW instructs TTS server to say "no input event received please try again".
Steps 6 through 9 repeat until the customer hangs up the call.
CSCue34828
Incorrect Incoming CLID through FXO port
Symptom: Incorrect Incoming CLID through FXO port
Conditions: Jan 29 09:25:57.311: [0/0/1] Caller ID String 04 12 B0 31 32 B9 31 B0 32
34 20 B9 32 B3 B5 B3 38 B6 32 B5 DC
Jan 29 09:25:57.311: [0/0/1] get_fxo_caller_id
calling num=282 calling name= calling time=01/157 138:24

fxols_callerid_done: call being answered
Jan 29 09:25:57.311:
Expected -923 53 86 25 Received ? 282
CSCue35533
Symptoms: Ping fails with security applied and IKE disabled.
Conditions: This symptom is observed when the Cisco IOS Release 15.3(1.15)T image is loaded.
CSCue36387
OL-26698-14
15
Symptom: When IPv6 crypto is applied, the inbound interface counters associated with the crypto
configuration are not updated correctly. There is no problem with the functionality but the counters
are wrong
Conditions: This symptom is observed when interface input counters using IPv6 crypto
CSCue37000
Symptom: GTP-U drops for communication that should not have been dropped. Swisscom agrees
that this might be related to some timers and pending PDP sessions that need to be terminated. Since
local tests with mobile devices were all successful, Swisscom wants and needs to go for 24 h test to
see if the GTP-U drops really lead to a service impact for mobile users. To document this issue, a
SR was opened: SR 624629207 ASR1K Release 3.7.2 -GTP U drops due to missing pinholes All
log files and a PCAP file are attached to that SR.
CSCue37523
Symptom: When IOS is a IPSEC QM (Quick Mode) responder for ipsec , and if it receives QM1
packet from Call Manager with missing ID payload, the packet is processed, but QM2 packet is not
sent out to the Call Manager. It works fine when IOS is a initiator of QM.
Conditions: This symptom is observed when IOS Responder to QM from call manager call manager
doesn't send ID payload in transport mode in QM1.
Workaround:
1. Initiate traffic from IOS router so that IOS is a QM initiator.
2. Change config of racoon client on call manager to send ID payload in QM1 as initiator.
(support_proxy on)
CSCue38057
Symptom: OSPFv3 neighbor and IPSEC SA was not UP
Conditions: This symptom is observed in 153-03S version OSPF neigbor and SA was down
Workaround: included the IPV6 family for proxy
CSCue39206
Symptoms: ES crashes after the second 401 challenge.
Conditions: This symptom is observed when the second 401 is received after SDP offer/answer with
183/PRACK is complete. This is a rare scenario.
CSCue41031
Symptoms: Exta IPsec flow is shown in the "show crypto session" output.
Conditions: This symptom is observed with the Cisco ASR 1000 RP1 FlexVPN Client.
CSCue43895
Symptom: "show crypto gdoi gm dataplane counters" or "show crypto gdoi gm replay" shows
negative and/or very large counters.
16
OL-26698-14
Conditions: This symptom is observed when "clear crypto sa counters" is issued after "clear crypto
gdoi dataplane counters" and/or "clear crypto gdoi replay counter" for a GETVPN / GDOI Group
Member (GM) running IOS version 15.3(2)S/T or later with the "show crypto gdoi feature
long-sa-lifetime" available.
Workaround: Do not issue both "clear crypto gdoi dataplane counters" / "clear crypto gdoi replay
counter" and "clear crypto sa counters" & if counters go negative or become very large, issue "clear
crypto gdoi" to reset the Group Member (GM) (NOTE: GM will remove IPsec SA's and re-register,
causing some traffic drop).
CSCue44587
Symptom: After the L2L tunnel has been up for some time, the route created by RRI will be removed
from the ASR routing table, even though there is still a valid IPSec SA built for the destination
subnet.
Conditions: This symptom is observed when ASR configured with L2L tunnel to ASA, and RRI is
enabled.
Workaround: Configure a static route for the destination subnet on the ASR.
CSCue46537
Symptom: Whenever we clear the counters using "clear counters" it just happened to clear ONLY
interface counters. Controllers counters NEVER GET CLEARED unless we do the reboot. In this
case controller is SPA-2XT3/E3
Conditions: This symptom is observed only on ASR1k
Workaround: Reboot the router.
CSCue48243
Symptom: Undefined event displayed instead of an event related to registration.
Conditions: This symptom is observed when show monitor event gdoi registration all CLI is
executed.
CSCue49575
Symptom: MOH stops working intermittently
Conditions: This symptom is observed when PARK softkey is pressed on phone and when a
subsequent call is received on this phone and this call is placed on hold.
Workaround: There are several workarounds like - placing a new call from this phone, Going off
hook, receiving a new call on this phone etc..
CSCue50484
Symptom: Crypto Tunnel Socket remains OPEN after shutting the tunnel interface
Conditions: This symptom is observed when Dual-DmVPN with ike-profile on the tunnel interface.
CSCue51375
Symptom: The dynamic monitor is populated with incorrect records and the performance monitor
cache incorrectly includes encapsulated traffic.
Conditions: This symptom is observed when GRE tunnel output interface is configured with a
performance monitor on an ASR1000 series router, and the output physical interface from which the
packets are transmitted is configured with a native FNF monitor.
OL-26698-14
17
CSCue51886
Symptoms: The SBC CUBE device rejects call connections.
Conditions: This symptom is observed when the Chunkmanager holds a lot of memory and calls do
not get processed.
Workaround: Reloading the box helps to make the box stable.
CSCue52845
Symptom: If the peer does not respond to the R-U-THERE, IOS routers should retransmit it 5 times.
However, DPD is retried 6 times.
CSCue52963
Symptom: Some of the SPA goes "inserted (physical)" state after an ISSU upgrade. This issue is
not specific to any particular SPA or SIP.
Conditions: This symptom is observed when an ISSU upgrade on a setup that has a high scale
configuration. Altleast 2000 subinterfaces are configured in the router.
Workaround: This issue is not seen in the following scenario:
1) Before doing a load version from RP0(initial active), enter the following command: asr1000#
show ipv6 route table | inc IPv6
2) Note down the number of IPv6 route tables in the system.
3) Do a load version.
4) Wait for standby to come up to Standby hot.
5) Enable the standby console from RP0 (active). asr1000#configure terminal Enter configuration
commands, one per line. End with CNTL/Z. asr1000(config)# asr1000(config)#redundancy
asr1000(config-red)#main-cpu asr1000(config-r-mc)#standby console enable
6) Log in to the standby console and enter the following command: asr1000-stby# show ipv6 route
table | inc IPv6 Then, note down the number of IPv6 route tables in standby. If the number is lesser
than the number noted in step 2, wait for some time and reverify till it reaches the number noted in
step 2.
7) Issue ISSU runversion from RP0(active).
CSCue53207
Symptom: A record that contains certain derived fields (listed below) may be punted incorrectly to
the route processor (RP) and lost.
Conditions: This symptom is observed when Records can collect ?derived? fields; calculating
derived fields is dependent on the values of other fields. The fields listed below are incorrectly
defined as derived and dependent on other fields. When a record contains one of these fields and
does not include its dependent fields, the record is punted to the route processor (RP) to complete
the record processing. Punting these records might lead to record loss.
Workaround: When configuring a monitor to collect one of the fields listed below, collect each of
the dependent fields also. The list indicates the dependencies:
1. 'connection delay application sum' is dependent on: connection delay response to-server sum
connection delay network to-server sum connection server response sum
2. 'connection delay application min' is dependent on: connection delay response to-server min
connection delay network to-server sum
18
OL-26698-14
3. 'connection delay application max' is dependent on: connection delay response to-server max
4. 'connection delay response client-to-server sum' is dependent on: connection delay response
to-server sum connection delay network to-server sum connection server response sum
5.'connection delay response client-to-server min' is dependent on: connection delay response
to-server min connection delay network to-server sum connection server response sum connection
delay response to-server sum connection delay network to-server min
6. 'connection delay response client-to-server max' is dependent on: connection delay response
to-server max connection delay network to-server sum connection server response sum connection
delay response to-server sum connection delay network to-server max
CSCue59967
Symptom: VPN led does not come up when an IKEv2 tunnel is active
Conditions: This symptom is observed when IKEv1 is not affected only IKEv2.
CSCue59994
Symptom: Enrollment fails for trustpoints configured to use elliptic curve keys and a hash of sha384
or sha512.
CSCue61481
Symptom: Show invntory doesnt show inventory info after hard online insertion and removal (OIR)
Conditions: This symptom is observed after a hard OIR is performed.
CSCue63742
Symptom: Tracebacks are seen in a basic call scenario
Conditions: This symptom is observed when CTI is enabled. CTI call flow.
Workaround: Do not configure CTI (allow watch) in ephone-dn
CSCue63807
Symptom: SIP call during "Call Forward No Answer" option leaks the Transcoder resource used on
CUBE Example call flow:
Telco -> SIP Trunk (G711alaw/G729) -> CME -> SIP phone (G711ulaw) ->NOAN ->
(G711ulaw)
CUE
Conditions: This symptom is observed when SIP Call Codec mis-match between two legs of the call
and invokes the local transcoder resource. Call forward No Answer (noan) feature
Workaround: Reset the sccp session. #no sccp #sccp
CSCue64455
Symptom: RP crashes when configure debug condition on atm interface .
Conditions: This symptom is observed when:
1. debug plat condition inter atm0/1/1 vcd 0 when ATM SPA type is SPA-2CHT3-CE-ATM
2.debug plat condition inte gi0/0/1 vcd 0 or debug plat condition inte gi0/0/1 vpi 1 or debug plat
condition inte gi0/0/1 portvc
OL-26698-14
19
Workaround:
1.when interface is not atm type, not allow user config vcd ,vpi and portvc parameters to avoid the
issue.
2.Modify the NULL pointer access code when ATM SPA type is SPA-2CHT3-CE-ATM
CSCue65405
Symptom: SAs do not get installed in GETVPN GM.
Conditions: The symptom is observed when the key server is configured with "receive-only" SAs.
Workaround: Remove receive-only configuration at the key server.
CSCue71410
Symptom: Console corruption is seen sometimes when punt keepalive packet drop happens during
bootup of router.
Conditions: This symptom is observed when first punt keepalive packet is dropped and other console
activity is going on at the same time.
Workaround: Punt keepalive messages can be disabled in the config, but it's not a recommended
setting as it can mask punt failures.
CSCue75022
Symptoms: IPsec SAs are not getting deleted even after removing the ACL.
Conditions: This symptom is observed with IPSec SAs.
CSCue75072
Symptom: Consult transfer with "remote optional-mandatory strength" fails as SDP precondition
doesn't match.
Conditions: This symptom is observed when consult transfer but not for blind transfer.
CSCue77265
Symptoms: Increment memory leaks are seen at IPSec background proc.
Conditions: This symptom is observed when "clear cry session" is issued multiple times when
bringing up the tunnel.
CSCue80506
Symptom: Traceback at DMVPN Spoke registration, DMVPN QoS policy not deployed to datapath
component.
Conditions: This symptom is observed when there is a routing issue such that the ASR1k acting as
the DMVPN hub can receive spoke registrations but does not have a valid route to the spoke (i.e. the
spoke's forwarding interface is Null0) and the spoke's QoS configuration include a queuing feature,
then the QoS policy will fail to get applied and the ESP will be in a state that requires it to be
reloaded to recover from this.
Workaround: There is no workaround, but the following actions can get the router operational again.
1. Correct routing issue and reload the ESP and/or
2. Remove the QoS queuing feature and reload the ESP
CSCue85737
20
OL-26698-14
Symptoms: ASR with PKI certificate may crash when issuing show crypto pki certificate command.
Conditions: This symptom is observed when the show crypto pki certificate command is issued on
ASR with PKI certificate.
CSCue87185
Symptoms: The DF flag message is not received with "crypto ipsec df-bit copy".
Conditions: This symptom is observed with the Cisco IOS Release 15.3(2.3)T image.
CSCue87438
Symptom: The Conference List button is not working with CME registered phones when using the
Spanish locale file. When the conference list soft key is pushed, nothing is seen. XML Parse Error
is shown
Conditions: This symptom is observed when Spanish locale is configured .
CSCue88077
Symptom: Router reloads with traceback pointing to voip_rtcp_session.
Conditions: This symptom is observed when SIP-H323 calls at 50 CPS in CUBE(Ent) configuration.
CSCue88591
Symptom: DSP error message printed on console, and crash takes place
Conditions: This symptom is observed when DSP firmware (version:33.1.00) sends corrupted DSP
error message to RP IOS which leads to crash: %SPA_DSPRM-3-DSPALARM: Received alarm
indication from dsp (1/0/9). %SPA_DSPRM-3-DSPALARMINFO: 0008 0000 0080 0000 0000
0001 7F3B FEDF %SPA_DSPRM-3-DSPALARMINFO: -;???? %DSP-3-DSP_ALARM: SIP1/0:
DSP device 2 is not responding. Trying to recover DSP device by reloading
Workaround: Downgrade to XE36 which firmware version is 31.1.0
CSCue89491
Symptom: GM tries to Re register after the rekey mechanism change
Conditions: This symptom is observed when the user change rekey transport type and wait for the
schedule to take place. GM will fail to process the rekey and re-register.
Workaround: After change rekey transport type, issue "crypto gdoi ks rekey" to send the rekey
instead of wait for schedule rekey
CSCue92951
Symptom: Sh mem debug leak chunk shows memory leak for voiprtp-GCFM-CONTEXT.
Conditions: This symptom is observed when call filter debug is enabled
Workaround: Do not enable call filter debug
CSCue93140
Symptom: Session not coming up
Conditions: This symptom is observed when invalid ke payload or cookie is received
OL-26698-14
21
CSCue93355
Symptom: GM fails to register with keyserver.
Conditions: The symptom is observed when SGT tagging is enabled.
CSCue94610
Symptoms: DSP crash with the following console error:
%SPA_DSPRM-3-DSPALARMINFO: Checksum Failure:80000000,0000000e,d0156a80,d0156000 *Mar
14 17:56:05.851: %SPA_DSPRM-3-DSPALARM: Received alarm indication from dsp (1/3/6).
%SPA_DSPRM-3-DSPALARMINFO: 0042 0000 0080 0000 0000 0000 4368 6563 6B73 756D 2046 6169
6C75 7265 3A38 3030 3030 3030 302C 3030 3030 3030 3065 2C64 3031 3536 6138 302C 6430
3135 3630 3030 0000 0000 0000 0000 0000
Conditions: This symptom is observed when an RP switchover process. The standby RP presents
DSPs failing to come up.
Workaround: This command may clear up the DSPs:
Router# hw-module subslot x/y reload... Symptom: DSP crash with the following console
error
*Mar 14 17:56:05.851: %SPA_DSPRM-3-DSPALARMINFO: Checksum
Failure:80000000,0000000e,d0156a80,d0156000
*Mar 14 17:56:05.851: %SPA_DSPRM-3-DSPALARM: Received alarm indication from dsp
(1/3/6).
*Mar 14 17:56:05.851: %SPA_DSPRM-3-DSPALARMINFO: 0042 0000 0080 0000 0000 0000 4368
6563 6B73 756D 2046 6169 6C75 7265 3A38 3030 3030 3030 302C 3030 3030 3030 3065 2C64
3031 3536 6138 302C 6430 3135 3630 3030 0000 0000 0000 0000 0000
CSCue95176
Symptom: SIP KPML DTMF not recognized after call transfer from Unity to UCCX. CUBE rejects
the subscription with a "SIP/2.0 500 Internal Server Error"
Conditions: This symptom is observed when SIP-SIP CUBE running IOS 15.2.4M2. Call is sent to
Unity, caller presses a digit and gets transfer to UCCX, while caller is in queue, they press digit '1'
and it should be transferred back to Unity but digit is not recognized and caller remains in queue.
Issue was also observed with IOS 15.1(4)M4.
Workaround: Change DTMF relay method to rtp-nte in the dial-peers and set the RFC2833 DTMF
Method in CUCM SIP Trunk Configuration page.
CSCue95276
Symptom: Customer reports unstable behavior observed from "show ephone-hunt 1 statistics"
command output.
There are following behaviors:
Some CME routers used to collect statistics and display them in the show command, but suddenly
stops displaying even if router is rebooted
Some CME routers never were able to display statistics but suddenly start working
One CME router wasn't able to display statistics but a few days after a reboot, starts working
CSCue97986
Symptom: Calls hang at SIP, CCAPI and VOIP RTP components (but are cleared in the dataplane
of the Cisco ASR 1000 series platform).
22
OL-26698-14
Conditions: This symptom occurs when a video call is setup as an audio call. The call then gets
transferred with REFER but the caller hangs up the call before the call gets transferred. This is an
intermittent problem.
Workaround: If there is an SIP call dangling (sh sip call sum), then use the clear cal voice cause code
16 command to clear the dangling call.
CSCuf01088
Symptoms: Memory leaks are observed with a Cisco ASR router with CVP call flows.
Conditions: The symptom is observed under load conditions. Memory leaks are seen in Cisco IOS
XE 3.8.
CSCuf04726
Symptom: IPsec(crypto-map mode) configured, manually disable VFR, after reload, the "no ip
virtual-reassembly-out" CLI is lost, VFR is re-enabled.
Conditions: The symptom is observed under the following conditions:
1)apply crypto map on the interface
2)manually disable vfr "no ip virual-reassembly-out"
3)save config
4)reload after reload The "no ip virual-reassembly-out" is lost, VFR is re-enabled
Workaround: After reload, manually disable vfr "no ip virual-reassembly-out"
CSCuf09938
Symptom: LSC installation fails if the RSA Key pair size associated with CAPF server is larger than
512 Bytes.
Conditions: The symptom is observed in secure CME implementation. Sample config:
! crypto pki trustpoint capf
serial-number
enrollment url http://<ip-addr>:<port-num>
revocation-check none
auth-mode null-string
rsakeypair capf 1024 1024
cert-enroll-trustpoint <trust-point>
! capf-server
trustpoint-label capf
source-addr <ip-addr> !
Workaround: Use 512 Bytes RSA key size crypto pki trustpoint capf enrollment url
http://<ip-addr>:<port-num> serial-number revocation-check none rsakeypair capf 512 512
CSCuf15260
Symptoms: A Cisco ASR router crashes while sending notify with KPML digit.
Conditions: The symptom is observed on a Cisco ASR router. It is seen when the DTMF type is
changing to SIP-KPML midcall.
Workaround: Do not change DTMF type mid-call.
CSCuf20108
Symptom: Using MRCPv2 on VXML GW for CVP calls to 3rd party ASR, we have found the
MRCP Client process is disappearing after a few hundred calls. This causes all future calls to fail
until the VXML GW is rebooted. A traceback is thrown in the logs at this time, indicating a memory
problem.
Feb 28 00:23:23.949 JST: %SYS-2-FREEBAD: Attempted to free memory at B0D0B0D, not part
of buffer pool -Traceback= 18B57F4z 2C60B0Cz 5B120B3z 4BCA9F6z 2BCCA09z 4C7692Ez
4BCAA8Bz 4C8D03Fz 4C8EE4Bz 4C85EF2z 4C85D2Fz 4C75A21z
Running 'show process' after this traceback shows the MRCP Client process is no longer running.
OL-26698-14
23
Conditions: The symptom is observed when a Nuance server abnormally tears down MRCPv2
session in the middle of the call. MRCPv2 is needed to trigger the crash. MRCPv1 does not cause a
crash.
Workaround:
1) Set all sessionTimeout configurations to -1 on the Nuance server (In the NSSserver.cfg file).
2) Use MRCPv1 instead of MRCPv2
CSCuf20409
Symptom: Netsync:Customer seeing clock in ql-failed state on one ASR-2ru
Conditions: The symptom is observed when distributing stratum 1 clock source through its network.
CSCuf21465
Symptom: GETVPN Group Members (GM) registration window starts at 3%-5% of the remaining
TEK lifetime, rather than at 5%-7%, as documented. This can lead to TEK expiry on some GMs in
situations when the registration process is slow.
Conditions: The symptom is observed on Cisco ASR running IOS XE 3.7, IOS 15.2S
Workaround: Extend TEK lifetime (and accordingly the corresponding registration window) to
avoid traffic drops due to TEK expiration.
CSCuf21611
Symptom: TDM voice call gets terminated due to voice-port shutdown when T1/E1 module on other
NIM slot is reloaded (OIR).
Conditions: The symptom is observed when an OIR of T1/E1 module in any NIM slot shuts down
the voice-ports (if any) on all other T1/E1 NIM slots.
CSCuf35314
Symptom: Operation relying on PKI may start failing when enrolling a new trustpoint to same CA
as already existing trustpoint.
Conditions: The symptom is observed with Cisco IOS 15.2(4)M1.
Workaround: Run the crypto key zeroize pubkey-chain command.
CSCuf39344
Symptom: In SBC-B2B, after "no attach/attach" an adjacency, calls rejected with 503 Service
Unavailable.
Conditions: The symptom is observed when:
1. config vrf001 on BOX1(ACTIVE) then on BOX2(STANDBY)
2. config adjacency's vrf&signaling-address and "media-address ... vrf ..." both refer to vrf001
3. switch-over
4. no attach/attach adjacency on BOX2(ACTIVE)
5. later calls rejected with 503 Service Unavailable
Workaround: Always add or change vrf related SBC config on the same box.
CSCuf43548
24
OL-26698-14
Symptoms: When the POS Rx fiber at the tail end of the MPLS TE FRR is pulled, the FRR takes
longer than 200ms to cut over to the other tunnel.
Conditions: This symptom occurs with POS MPLS TE FRR when the head end receives a remote
defect due to the Rx fiber pull at the tail end. Remote defects do not trigger FRR quickly.
CSCuf45420
Symptom: CPA not detected for outbound call flow
Conditions: The symptom is observed with Pi22 image
CSCuf49959
Symptom: A router may crash when the tunnel interface is flapped or while booting the router with
VPN configs
Conditions: The crash occurs in a VPN enabled scenario with either sessions being active and a
shut/no shut is issued on the interface or the sessions coming up on the box after a reload.
CSCuf51515
Symptom: Memory leaks are seen in ASR1k 1RU Platforms after booting up with the test image
with default configurations on the router. Refer steps to reproduce
Conditions: Config and swversion are attached.
Workaround: No functionality is affected.
CSCuf51539
Symptom: In some rare situations, EzVPN client routers are seen to have an IKEv1 SA lifetime
beyond 24 hours - up to "3 weeks, 3 days". This can lead to unpredictable behavior during IKEv1
phase1 renegotiation, notably this can cause the server to initiate a negotiation which would result
in errors and interruptions of service over the VPN.
CSCuf51801
Symptom: show crypto session xxx command results in memory leaks.
Conditions: This symptom is observed when the show crypto command is run that causes168-byte
memory leak for the following commands:
show crypto session brief - show crypto session local <IP> brief
show crypto session local <Mac> brief
show crypto session remote <Mac> brief
show crypto session remote <Mac> brief
show crypto session username <any> brief
show crypto tech-support peer <IP>
show crypto tech-support
CSCuf61640
OL-26698-14
25
Symptom: Tracebacks as follows seen during router bootup:

%SYS-2-INTSCHED: 'suspend' at level 2 -Process= "Init",
ipl= 2, pid= 3
4F6966C 6A708EC 890127C 6B4F924 6B4F7F8 6B4EAAC 6B4F43C 6B4F514

6A23E50 6A23F18 6A24100 57D3F94 57D42D8 4F701E4
process_ok_to_reschedule 288 0x6A708EC
random_fill 248 0x6B4F924
0x4F6966C
--->
---> process_suspend 4C 0x890127C
---> default_entropy_routine 9C 0x6B4F7F8
hardware_entropy_source CC 0x6B4EAAC
-Traceback=
6DD6D4C 6DDB3A8
--->
--->
---> nist_instantiate 78 0x6B4F43C
--->
try_create_rng 1B4 0x6B4F514 ---> nist_rng 34 0x6DD6D4C ---> cts_sap_get_key_counter

54 0x6DDB3A8
---> cts_sap_init C4 0x6A23E50
---> subsys_init_class_internal A8 0x6A24100

---> system_init 250 0x57D42D8
---> subsys_init_routine 60 0x6A23F18

---> subsys_init_class 8C 0x57D3F94
---> init_process 94 0x4F701E4
--->
ppc_process_dispatch
Conditions: The symptom is observed during router bootup.

CSCuf65404
Symptom: Call is failing if transcoder is needed for DTMF interworking and offer-all is configured.
Conditions: The symptom is observed when CUBE reserves transcoder for codec mismatch and
release the transcoder since codec are same, but DTMF still requires transcoder for interworking.
CSCuf65502
Symptom: Sessions are not cleared.
Conditions: When there is no media, and a media inactivity timeout is received, sessions are not
cleared.
CSCuf65843
Symptom: On code analysis it was found that the code in
crypto_cef.c:crypto_tun_post_decrypt_switch() calls oce_les_inline() in an unsafe manner.
Conditions: On code analysis it was found that the code in
crypto_cef.c:crypto_tun_post_decrypt_switch() calls oce_les_inline() in an unsafe manner which
could lead to potential issues
CSCuf82550
Symptom: Router displays malloc failure error message.
Conditions: The symptom is observed when the router is running IPsec.
CSCuf85449
Symptom: Crash @ be_ewag_gtp_path_pdp_remove_one during session churns.
Conditions: 48K EoGRE sessions of mix GTP (18K) PMIP (18K) and SIP (12K). During session
churning, GTP crash is observed.
CSCuf89642
Symptom: Crash is seen for H.323-SIP transcoding calls.
26
OL-26698-14
Conditions: This symptom is observed when transcoder is invoked.

CSCuf93376
Symptom: CUBE reloads while testing SDP passthrough with v6.
Conditions: The symptom is observed while testing SDP passthrough with v6.
CSCuf93395
Symptom: Traceback observed in HUB on fp reload
Conditions: QoS does not get applied in hardware when traceback occurs. This occurs when QoS
is applied to a spoke's tunnel on the DMVPN hub following the flapping of a spoke's tunnel.
Workaround: Reload the ESP.
CSCuf93460
Symptom: Certain PKI CLIs may show wrong values.
Conditions: First found on IOS 15.1(4)M6 but not exclusive to it.
CSCuf96673
Symptom: Memory leaks seen with Smap-Dmap scale scenario. 4K sessions
Conditions: Leaks seen after stress testing : rekey , dpd, clear commands.
Workaround: There is no workaround to prevent memory leaks.
CSCug09761
Symptom: Handshake fails when we select Diffie Hellman cipher suite from sslvpn configuration.
Workaround: Select other than Diffie Hellman cipher suite at sslvpn.
CSCug11220
Symptom: GETVPN IPv6 packets get dropped.
Conditions: The symptom is observed whenever an IPv6 GETVPN group is configured.
CSCug11577
Symptom: Traceback is found during HW crypto engine using Dummy packet.
Conditions: The symptom is observed when Hardware crypto is used.
Workaround: Use software crypto.
CSCug12136
Symptom: On an ASR1K the "clock timezone" command is meant to be used as follows: clock
timezone zone hours-offset [minutes-offset] where "zone" is a text field e.g. "EDT", "PST", and
hours-offset and minutes-offset are integers. If the hours-offset field is set to 0 (which can occur
either intentionally or in some cases due to a typo) some of the ASR1K internal timers may be
misconfigured which could lead to incorrect operations related to system time.
Conditions: One way to cause this to happen (essentially a typo) is to configure clock timezone
EST-5 0 0 where one really meant to type clock timezone EST -5 0
OL-26698-14
27
Workaround: If 0 is the intended offset it's probably best to simply remove the config line entirely.
If 0 is not intended then correcting the typo will correct the issue.
CSCug14423
Symptom: A packet gets dropped when a spoke-spoke session is triggered in Dynamic Multipoint
VPN (DMVPN).
Conditions: This symptom occurs when a ping is sent using a tunnel interface as the source or the
destination.
Workaround: Send traffic from host-host.
CSCug17289
Symptom: DMVPN hub crashed.
Conditions: The symptom is observed when reset to the crypto session.
CSCug18233
Symptom: Using local ikev2 authorisation policy, it is not possible to push prefix along with the ip
address to the client. the prefix always gets pushed as 128
Conditions: The symptom is observed when ikev2 local authorisation is used.
Workaround: Use radius server to push the prefix to the client
CSCug18326
Symptom: A router reload is observed .
Conditions: This symptom is observed when acknowledge for initial invite is not seen .
CSCug18685
Symptom: An NHRP resolution request is forwarded to the first NHS on the tunnel interface instead
of being forwarded along the routed path
Conditions: The symptom is observed during DMVPN phase 3 implementation
CSCug22238
Symptom: Fields from a refer are not sent out on the corresponding INVITE when this is a SIP GW
Conditions: The symptom is observed on 15.1.4M6
CSCug28904
Symptoms: Router drops ESP packets with CRYPTO-4-RECVD_PKT_MAC_ERR.
Conditions: The symptom is observed when the peer router sends nonce with length 256 bytes.
CSCug30286
Symptom Memory leak may occur when "Hold" is pressed on a registered SCCP phone in a call
with a PSTN/TDM peer.
Condition A registered SCCP phone puts a PSTN/TDM leg on hold.
Workaround There is no known workaround.
28
OL-26698-14
CSCug34404
Symptom: RP_Crash seen @ __be_interface_action_remove_old_sadb
Conditions: While unconfiguring the 4K svti sessions after the HA-test
CSCug34677
Symptom: Upon failing link asr1k-D1 (laser shut on Agilent, equivalent to pulling fiber), FRR is not
triggered and traffic flow is restored when ISIS reconverges.
Conditions: The symptom is observed in IP network and when FRR is enabled and when ethernet
interface is one of the primary path and protected path and when plugging out ethernet wire or
remote shutdown.
CSCug37242
Symptoms: Router crash due to memory leak.
Conditions: The symptom is observed with a CME shared line feature configuration.
Workaround: Disabling shared line feature will avoid memory leak.
CSCug38641
Symptom: Ingress IPSec data packets are process switched on an EzVPN server
Conditions: cTCP encapsulation is configured
Workaround: Use UDP encapsulation
CSCug44197
Symptom: Only a subset of voice-port commands are supported for bulk config. Command help '?'
incorrectly shows "vmwi" as a supported argument: Voice-port configuration commands:
vg350#conf t
Enter configuration commands, one per line.
End with CNTL/Z.
vg350(config)#voice-port 2/0/0-71
vg350(config-voiceport)#?
battery-reversal
Enable FXS battery-reversal generation
busyout
Configure busyout trigger event & procedure
cable-detect
enable cable detection
caller-id
Configure port caller id parameters
default
Set a command to its defaults
description
Description of what this port is connected to
disconnect-ack
FXS sending disconnect acknowledge
exit
Exit from voice-port configuration mode
loop-length
Configure loop length on this FXS port
mwi
Enable MWI on this port
no
Negate a command or set its defaults
ren
Ringer Equivalence Number
ring
Ring frequency Parameters
shutdown
Take voice-port offline
signal
The signaling type for the interface FXS or FXO
snmp
Modify SNMP voice port parameters
OL-26698-14
29
station-id
Configure station ID
vmwi
Enable VMWI on this FXS port
Conditions: Configuring voice-port in bulk mode

Workaround: none
CSCug44667
Symptom: SG3 fax call failures observed for STCAPP audio calls.
Conditions: Fax CM tone detection is turned ON even when all fax and modem related
configurations have been disabled on the STCAPP gateway.
Workaround: STCAPP modem pass-through feature can be enabled, but you may run into issues
with some answering SG3 fax machines which have stringent requirements for fax CM signal.
CSCug44692
Symptom: Audio is skipped when short timeout is configured in Form Element in CVP Studio
application
Conditions: This symptom is observed during short timeout
Workaround: Inserting short silence at the first audio
CSCug48145
Symptom: ASR DTMF interworking failed after reinvite with block configured.
Conditions: Dtmf with different preference configured will result in issue.
CSCug53415
Symptom: %SMC-2-BAD_ID_HW: is output, and SPA is not disabled. SPA should be disabled if
authentication fail.
Conditions: This symptom is observed on ASR1001 Built-in SPA
CSCug56942
Symptom: CUOM could not process MOSCQEReachedMajorThreshold clear trap from CUBE SP.
For MOSCqe alert clear trap, CUBE should not sent CurrentLevel Varbind but should send
csbQOSAlertCurrentValue Varbind.
Conditions: When CUBE SP generates clear trap for voice quality alerts.
Workaround: Manually clean the alarm at CUOM after root cause is rectified if earlier CUBE
version is used.
CSCug58617
Symptom: Usernames do not show up in CCP Express. Username shows up on a router with default
configuration.
Conditions: The symptom is observed on routers with configurations that break show runn | format.
Workaround: Use default configuration.
CSCug60584
Symptom: No audio coming from DSP during transcoding mode and then DSP is unresponsive
Conditions: When doing transcoding and there is a simultaneous jump in both the sequence number
and timestamp.
30
OL-26698-14
CSCug63013
Symptom: A DMVPN spoke router running 15.2(4)M3 and configured for Dual Hub - Dual DMVPN
failover will fail to forward multicast traffic for EIGRP neighbor forming after failing from primary
to backup and back to the primary. EIGRP neighbrship will fail to complete and flap on the spoke.
The hub will never show any EIGRP neighborship.
Conditions: DMVPN spoke router running 15.2(4)M3 in Dual Hub - Dual DMVPN scenario and
running dynamic routing protocol must failover and failback to the primary tunnel for this to occur.
Workaround: Removing "ip nhrp map multicast x.x.x.x y.y.y.y" and readding it resolves the
problem. The issue is not observed in 15.2(4)M1.
CSCug65706
Symptom: Attaching performance monitor to OTV interface should be blocked. <conf t> interface
Overlay1
otv control-group 239.1.1.1
service-policy type performance-monitor output
new-policy ==> this configuration line should be blocked.
Conditions: FAll tools avc config
CSCug66784
Symptom: DSP fails to recover using "Test DSP Device 0 All Reset".
Conditions: This symptom is observed when a crashed DSP (LSI PVDM3) fails to recover via the
CLI command test voice dsp device 0 all reset.
Workaround: A complete reload of the router is required to recover the DSP.
CSCug68282
Symptom: ASR1000 RP crash after software upgrade
Apr 20 09:53:01.396: %SYS-3-BADBLOCK: Bad block pointer 3AFDF4B0 -Traceback=
1#b3d7956825375323829953c9aa18e3e0 :10000000 6FCCF4 :10000000 6FD0A0 :10000000
1F2279C :10000000 1F1C1B0 :10000000 1F3F750 Apr 20 09:53:01.399: %SYS-6-MTRACE:
mallocfree: addr, pc 33A1E15C,1011798C 33A1E15C,101178CC 33A1E15C,30000060
4C3A105C,600003E4 4C3A0834,1049C71C 4C3A0834,1049C5FC 4C3A0834,400003FC
412703FC,125DFF80 Apr 20 09:53:01.399: %SYS-6-MTRACE: mallocfree: addr, pc
412703FC,300000F6 4C29B4E0,125DFF80 4C29B47C,20005F00 33A1E15C,1011798C
33A1E15C,101178CC 33A1E15C,30000060 3AAFFF14,154DA6C4 4C1403F4,60000012 Apr 20
09:53:01.399: %SYS-6-BLKINFO: Corrupted magic value in in-use block blk 3AFDF4B0,
words 60, alloc 8, InUse, dealloc 0, rfcnt 1 -Traceback=
1#b3d7956825375323829953c9aa18e3e0 :10000000 6FCCF4 :10000000 6FD0A0 :10000000
1F1D9C4 :10000000 1F227B4 :10000000 1F1C1B0 :10000000 1F3F750 Apr 20 09:53:01.402:
%SYS-6-MEMDUMP: 0x3AFDF4B0: 0xF8 0x24 0x3C 0x1653EC7C Apr 20 09:53:01.402:
%SYS-6-MEMDUMP: 0x3AFDF4C0: 0x8 0x8 0x3AFDF38C 0x8000003C Apr 20 09:53:01.402:
%SYS-6-MEMDUMP: 0x3AFDF4D0: 0x1 0x0 0x1000001 0x3058827C %Software-forced reload
Exception to IOS Thread: Frame pointer 0x30742CC8, PC = 0x87308B4 UNIX-EXT-SIGNAL:
Aborted(6), Process = Check heaps -Traceback= 1#b3d7956825375323829953c9aa18e3e0
c:86FA000 368B4 c:86FA000 368B4 c:86FA000 384C8 :10000000 32FD91C :10000000 1F227BC
:10000000 1F1C1B0 :10000000 1F3F750
Fastpath Thread backtrace: -Traceback=
1#b3d7956825375323829953c9aa18e3e0 c:86FA000 D9F08 c:86FA000 D9EE8 iosd_unix:887E000
1580C pthread:7DB2000 5A4C
Auxiliary Thread backtrace: -Traceback=
1#b3d7956825375323829953c9aa18e3e0 pthread:7DB2000 B598 pthread:7DB2000 B578
c:86FA000 EF9C4 iosd_unix:887E000 212F4 pthread:7DB2000 5A4C
PC = 0x087308B4 LR
= 0x08732384 MSR = 0x0002D000 CTR = 0x07DC0D60 XER = 0x20000000 R0 = 0x000000FA
R1 = 0x30742CC8 R2 = 0x30085C70 R3 = 0x00000000 R4 = 0x00006908 R5 = 0x00000006
R6 = 0x00000000 R7 = 0x08730B5C R8 = 0x0002D000 R9 = 0x3007E7F0 R10 = 0x3007E7F0
R11 = 0x30742CA0 R12 = 0x08732384 R13 = 0x18456078 R14 = 0x11F3F604 R15 = 0x00000000
R16 = 0x00000000 R17 = 0x00000000 R18 = 0x00000000 R19 = 0x00000000 R20 = 0x00000000
R21 = 0x1630C7D8 R22 = 0x18BDAA28 R23 = 0x18BDAC70 R24 = 0x18BDB3B8 R25 = 0xAB1234AB
R26 = 0xAB1234CD R27 = 0x30742E58 R28 = 0x3AFDF4E0 R29 = 0x30742CE0 R30 = 0x0886A7AC
OL-26698-14
31
R31 = 0x00000006
========= Start of Crashinfo Collection (09:53:01 UTC Sat Apr 20
2013) ========= For image: Cisco IOS Software, IOS-XE Software
(PPC_LINUX_IOSD-ADVIPSERVICESK9-M), Version 15.2(4)S1, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2012 by Cisco
Systems, Inc. Compiled Sat 06-Oct-12 11:55 by mcpre
Uptime = 00:02:51
Conditions: Device configured with SBC with interchassis redundancy mode none application
redundancy group 1 name ECS preempt priority 150 failover threshold 100 timers delay
100 control Port-channel30.8 protocol 1 data Port-channel30.9 track 1 decrement 200 track
2 decrement 200 protocol 1 name BFD timers hellotime msec 250 holdtime msec 1000
Workaround: do not setup B2B redundancy between XE36(or older) and XE37(or later)
CSCug72547
Symptom: Static DMVPN spoke-spoke tunnel initially comes up when tunnel comes up, but if IPsec
SAs go down (cleared or are not rekeyed) then the IPsec SAs will not come backup. Data traffic that
is supposed to got directly over the spoke-spoke tunnel is forwarded over the spoke-hub-spoke path.
Conditions: Running DMVPN Phase 3 on an ASR1k as spoke routers, on both ends of the
spoke-spoke tunnel. If the IPsec SAs for the spoke-spoke tunnel are cleared either because there
was no spoke-spoke traffic for long enough for the IPsec SAs to not be rekeyed or or the idle-timer
to expire or the IPsec SAs are cleared manually.
Workaround: Have a process (like IP SLA) ping the remote spokes tunnel IP address to keep the
IPsec SAs up or to bring them back up if they happen to go down. Probably ping about every 60-120
seconds.
CSCug77212
Symptom: ASR1K CUBE RP may crash with Segmentation fault(11), Process =
CCSIP_SPI_CONTROL when sip headers are manipulated using a sip profile for 200 response
messages for KPML notify.
Conditions: Crash seems to be happening due to SIP profiles configs being wrongly applied to
Notify response (this profile was meant for 200 OK Invite response).
Workaround: Do not configure sip profiles to manipulate the headers for 200 responses.
CSCug83538
Symptoms: Static routes injected through RRI (reverse-route static) are not getting removed.
Conditions: This symptom is observed when a static crypto map that has "reverse-route static"
enabled is applied on two different interfaces with a local-address.
Workaround: Reload the Router.
CSCug84396
Symptom: May 3 12:46:21.835: %SYS-2-FREEFREE: Attempted to free unassigned memory at
3EC4FF9C, alloc 350B5A70, dealloc 350B5608 -Traceback= 35D9BEC4z 350C158Cz
350AEED8z 350B081Cz 32C23084z 32C23068z May 3 12:46:21.839: %SYS-6-MEMDUMP:
0x3EC4FF7C: 0x350B5A70 0x3EC50C58 0x3EC4FDF0 0x65E May 3 12:46:21.839:
%SYS-6-MEMDUMP: 0x3EC4FF8C: 0x0 0x350B5608 0x1000133 0x3CDD2E48
%Software-forced reload -Traceback= 0x30DF22BCz 0x30DF05F0z 0x32C3278Cz
0x35D9BEC4z 0x350C158Cz 0x350AEED8z 0x350B081Cz 0x32C23084z 0x32C23068z
Conditions: May be with Presence or Shared line feature.
CSCug86432
Symptom: Incorrect statistic from SNMP OID "1.3.6.1.4.1.9.9.171.1.3.1.1", related to a number of
IPSec tunnels after running "clear crypto sa / session" command
32
OL-26698-14
Conditions: Configured DMVPN, running "clear crypto sa / session" command

Workaround: reloading of router helps to solve the issue
CSCug88270
Symptom: E1 R2 channels randomly get stuck in S_WAIT_RELEASE
Conditions: Outgoing calls that get RNA might get stuck when the SP clears the channel
Workaround: shut, no shut the controller
CSCug93301
Symptom:NGVM will fail to boot, causing DSP to be in downloading state
Conditions:This condition may occur on the first attempt to boot a new NGVM module
Workaround:Use the NGVM boot loader to set the PID environment variable to match the PID as
shown in the "show diag subslot x/x eeprom" command.
CSCug98723
Symptom: The TCP RST packets generated by ZBFW are dropped by ZBFW on ASR box
Conditions: TCP flow specific TCP RST packets generated by ASR to rset the connection to the
client and server when "TCP packet inspection" is on.
CSCug98820
Symptom: multicast RP-Announcement/RP-Advertisement packet is replicated more than one copy
per incoming packet. The number of copies is equal to the number of interfaces/ioitems with IC flag
enabled (show ip mfib to get the number of IC interfaces)
Conditions: AUTO-RP filter is configured on PIM interfaces
CSCuh01007
Symptom: After ESP 100 reload, "show policy-map interface" counters does not populate results
Conditions: With an egress service policy on SPA gige interface and sending high/low priority
traffic.
Workaround: Reload the SPA after FP reload.
CSCuh03859
Symptom: If customer configured "snmp server enable traps sbc sla-violation-rev1",
csbSLAViolationRev1 trap is not sent.
Conditions: Normal operation.
CSCuh09403
Symptom: ESP may reload in B2B NAT ZBFW setup
Conditions: B2B NAT ZBFW setup with stateful traffic
CSCuh09451
Symptom: Exception to IOS Thread:UNIX-EXT-SIGNAL: Segmentation fault(11), Process = SBC
main process
OL-26698-14
33
CSCuh12779
Symptom: IPv6 ping packets fail
Conditions: only with ICMPv6 echo reply RP generated packets.
CSCuh13527
Symptom: Create 2000 GRE IPSEC tunnels (sample config shown below, repeated 2000 times)
causes RP crash interface tunnel10001 bandwidth 1000 ipv6 address 1003:0:0:1::1/64 ipv6
enable tunnel source Loopback10001 tunnel dest 1004:0:1:1::1 tunnel mode gre ipv6 tunnel
protection ipsec profile hub10001
Conditions: On ASR1K: We have tested it to work fine when scaled up to 2500 sessions. At 4K, we
have observed the crash. The in between numbers are not available.
Workaround: Do not configure beyond the scale of 2500 on ASR1K.
CSCuh14012
Symptom: The crypto session remains UP-ACTIVE after tunnels are brought down administratively.
Conditions: This symptom occurs in tunnels with the same IPsec profile with a shared keyword.
CSCuh27137
Symptom: phone-proxy failed to attach to the second dial-peer
Conditions: configure two phone proxy
Workaround: Using one phone proxy Symptom: 2 phone-proxy added, one attach to dial-peer, the
other phone-proxy failed to attach to the other dial-peer.
CSCuh36750
Symptom: ESP crashes
Conditions: Subscriber session w/QoS over tunnel or shaped vlan.
CSCuh38488
Symptom: An ASR with zone-based firewall enabled may drop SIP INVITE packets with the
following drop reason:
Router#show plat hardware qfp active feature firewall drop
------------------------------------------------------------------------------Drop Reason
Packets
------------------------------------------------------------------------------- L7
inspection returns drop
1
Router#
Conditions: Application (L7) inspection for SIP must be enabled for the flow.
Workaround: Any of the following workarounds are applicable:
1) Disable the port-to-application mapping for SIP with the 'no ip port-map sip port udp 5060'
command. This prevents ZBF from treating UDP/5060 as SIP. Instead, it is treated as simple UDP.
2) Use the 'pass' action in both directions instead of 'inspect'. This disables all inspection (even L4)
for the traffic.
CSCuh42885
34
OL-26698-14
Symptom: changing modes in cgn and sending traffic results in ucode crash
Conditions: unconfiguring one mode and switching to another mode and sending traffic
CSCuh48747
Symptom: Multiple NAT entries are created
Conditions: UUT Configured with PAT with route-map
CSCuh50125
Symptom: ESP crashes
Conditions: On ASR1002-X, ESP100 or ESP200 based platforms, ESP can crash when you have
interfaces where the bandwidth can change dynamically and you have a hierarchical QoS
policy-map applied.
Workaround: When applying a hierarchical QoS policy-map to ain interface that supports dynamic
bandwidth changes, be sure to apply the QoS policy while there are no bandwidth changes to the
interface as the same time.
CSCuh62307
Symptom: ASR1000 router may crash when users run the call-policy-set copy source XXX
destination YYY command to create a new call-policy-set.
Conditions: This symptom is observed when you enter the na-src-address-table that is configured
within the call-policy-set with na-src-address-table XXX after it the table is created by the
call-policy-set copy command.
Workaround: Instead of using call-policy-set copy source XXX destination YYY command, copy
and paste the text into config terminal to create a new call-policy-set.
CSCuh63682
Symptom: Router crash in automatic test. The trigger to the crash is the following show command:
show flow monitor <name> cache format csv
Conditions: no delay between "configuration" phase and "show" command execution.
Workaround: Maintain a delay of 10 seconds between "configuration" phase and "show" command
execution.
CSCuh66763
Symptom: Following phrases are dispalyed in English irrespective of locale configured on CME.
"Next" "Previous" "Please modify number" ""Invalid speed dial number" "Invalid personal speed
dial number" "Invalid blf speed dial number" "Personal speed dial number can not exceed 32 digits"
"Personal speed dial label can not exceed 30 characters" Speed dial number can not exceed 24
digits" "The record is full" "Please delete unuse entry" "Logging Out" "CME hardware
conference" "CME software conference" "add party allowed" "add party not allowed" "Whisper"
"CME group pickup" "CME pickup" "Access Mailbox (trnsfVM)" "Failed to send call to Mobile
Phone" "Live Record is not enable" "Live Record already in progress" "Not conference creator."
"Live Record has stopped", "Live Record timeout" ]
Conditions: This symptom is observed when non-English user-locale is configured.
CSCuh74069
Symptom: Super-package MDR ISSU fails with the following message:
OL-26698-14
35
MDR:FAILED: Insufficient memory available on harddisk: to support MDR
Conditions: Super-package MDR ISSU operation is issued.

Workaround: Issue sub-package MDR ISSU.
CSCuh75480
Symptom: QFP reload may occur
Conditions: When running NAT in CGN mode and doing a removal of a mapping
Workaround: Switch to classic mode, to mapping removal, switch back to CGN mode.
Open CaveatsCisco ASR 1000 Series Aggregation Services Routers Release

3.10.0S
This section documents the open issues in Cisco ASR 1000 Series Aggregation Services Routers
Release 3.10.0S.
CSCuc33131
Symptom: In some scenarios, retransmitted packets are not accounted against the retransmitted
packet count metric.
Conditions: If retransmitted packets have the same sequence numbers and same IP IDs, they are
NOT treated as retransmitted packets. This can sometimes cause the retransmission packet count to
be zero (0), incorrectly, even when there are retransmitted packets.
CSCue39501
Symptom: Rise in number of flows and memory utilization was observed when protocol pack 4.1
was integrated into XE3.10.
Conditions: This may occur when using XE3.10
CSCue60469
Symptom: ASR1001 Series router throws error messages when a RP (IOS) switch over is done
Conditions: ASR1001 Series router throws error messages when a RP (IOS) switch over is done
along with traffic
CSCue78691
Symptom: The ESP may crash during ISSU (in-service software upgrade) downgrade from IOS XE
3.10 to IOS XE 3.8 or IOS XE 3.9, at the stage of route processor (RP) switchover.
Conditions: The problem may occur when using one of the incorrectly defined "derived" records
described for the CSCue53207 caveat. (Calculating derived fields is dependent on the values of other
fields. CSCue53207 describes several fields incorrectly defined as derived.)
Workaround: Configure the incorrectly defined records explicitly.
CSCue86166
Symptom: The interrupt infrastructure is in place; the userspace handling of interrupt delivery to
HKP userspace driver code is not being done correctly.
Conditions: This fixes the userspace handling of interrupt delivery to HKP userspace driver code
36
OL-26698-14
CSCue86848
Symptom: The output for the policy detailed view may not include information for some classes.
Functionality is not affected. The following command provides the policy detailed view:
show platform hardware qfp active feature mma client <policy-map_name> <policy_name> detail
CSCue89240
Symptom: In presence of http subclassification, traffic goes to http tunneled protocol (behavior is
broken, previously if http subclassification configured ,traffic never classifiy as http tunneled
protocol, instead if subclassification does not match , it classify as "http")
Conditions: This symptom is observed when http subclassification is present.
Workaround: Remove http subclassification.
CSCue91053
Symptom:Full line rate HP traffic will have jitter between Max and Avg latency is 50 - 60 usec in
Ethernet linecard for traffic lessthan 128byte frame size
Conditions:When Full line rate HP traffic over ethernet linecard with frame size less than 128byte
will experience Max Latency of 200 - 250 usec and with Avg Latency of 64-80 usec. And Jitter
Between Max Latency is 50-60 usec
CSCue94537
Symptom: Tail drops are seen on FP 160 with HP traffic on ASR1000-2T 20X1GE Ethernet Line
card.
Conditions: When ASR1000-2T 20X1GE Ethernet Line card interfaces are configured with
Service-policy to classify the egress Traffic and sending 40gbps of bi-directional traffic causes Tail
drop on the QFP
Workaround: Configure the Service-policy with larger q-limits. Policy-map test class prec1 priority
level 1 q-limit 5000 packet More Info:
CSCuf24865
Symptom: sui_mtp_dp_dump_external_flags function is not registered.
Conditions: when using show tech support CLI, a message appear that this function is not registered.
Workaround: ignore the error message, a new function sui_dump_external_flags is replaced with
this
CSCuf30150
Symptom: CUBE crashed in media flow-around call on overlord platform
Conditions: This symptom is observed when media flow-around is configured on both inbound and
outbound dial-peers
CSCuf52756
Symptom: %IOSXE_RP_SPA-4-IFCFG_CMD_TIMEOUT: Interface configuration commad
Conditions: Observed tracebacks and traffic drop during MDR upgrade.
OL-26698-14
37
CSCuf57507
Symptom: EVENTLIB-3-RUNHOG: SIP2: cmcc: undefined: 7179ms
Conditions: While performing an active RP failure during ASR1006 subpackage MDR upgrade
CSCuf78556
Symptom: UPDATE is not being forwarded to UAC and it is being responded with 200OK to UAS.
This issue is seen when UPDATE is received from UAS, when 18X transaction is still pending on
UAC side
Conditions: This symptom is observed when 18x response is transmitted reliably on both call-legs.
Workaround: When UPDATE is received from UAS after some delay (i.e after completion of 18X
?PRACK transaction on UAC side), then CUBE is sending the early dialog UPDATE to the UAC
side correctly.
CSCuf80594
Symptom: ESP Crash is observed after router is booted
Conditions: This symptom is observed when reature is configured OTV with scale level of 250
CSCuf84655
Symptom: One-way video is seen while CUBE is trying to negotiate packetization mode=1 for H264
video codec in both the legs and one video endpoint doesn't support packetization mode=1 for H264
video codec.
Conditions: When there is DO-DO video call from a video endpoint which supports only
Packetization Mode=0 for H264 video codec to a video endpoint which supports both packetization
modes like 0 & 1.
Workaround: Make an EO-EO video call from the endpoint which only support packetization
mode=0,so that CUBE will negotiate packetization mode=0 for both the legs and two-way video will
be seen. More Info:
CSCug01428
Symptom: Router is hanged
Conditions: After coping config with CLI "show platform hardware qfp active tcam
resource-manager usage"
CSCug23145
Symptom: Interface where HSRP is configured , crypto ikev2 clustering feature does not work.
Conditions: This symptom is observed when master or slave do not sync with each other and the
socket error is seen.
Workaround: Feature works without vrf.
CSCug38621
Symptom: Router crashed at ccsip_spi_incoming_reg_contact_change
Conditions: This symptom is observed when configuring "registrar ipv4:9.60.51.254" under
"sip-ua"
38
OL-26698-14
CSCug40942
Symptom: CUBE is modifying the refresher role in mid-dialog after 491 transaction.
Conditions: This symptom is observed when session refresh is enabled for only one call-leg and not
for other.
CSCug47360
Symptom: The order of packets in the packet trace is not stable
Conditions: This symptom is observed when checking the output of packet trace, the order of
packets with same flow change every time.
Workaround: check the output of the specific packet before and after the expected with ~2 packets
deviation
CSCug48525
Symptom: On performing SPA OIR with configuration of Unicast/Multicast/Broadcast storm
control on 32k EFPs,fman_fp core was observed
Conditions: This issue is seen on FP100 card.
Workaround: Workaround can be stop traffic before doing SPA OIR.
CSCug50150
Symptom: During MDR in a APS Setup, under certain conditions,
IOSXE_APS-3-CCCONFIGFAILED, mesage is seen.
Conditions: If the MDR of Protect interface is Started first followed by a MDR of the Working, then
the above TB will occur.
Workaround: Ensure that the working Interface is the first which goes through the MDR. IF the
interfaces are on the SAME SIP, the traffic must be flowing through the Working interface, to e
CSCug55787
Symptoms: Serial interface protocol status shows down
Condition: Perform OIR and configure few channel-groups. Then swap original board abck
Workaround: Reload the router
CSCug58033
Symptom: For DNS ALG vtcp resemble size 16k , the default behavior is drop it due to limitation
and send tcp reset to both outside and inside . But there was no rst is sent to inside at this moment.
Conditions: This symptom is observed when dns alg response 16k from outside
CSCug61559
Symptom: Matching dameware-mrc protocol under it's attributes will not work.
Conditions: Using the default protocol-pack.
CSCug63839
Symptom: 7301 router running c7301-advipservicesk9-mz.152-4.M3 is experiencing memory leak
in Crypto IKMP process particularly on crypto_ikmp_config_send_ack_addr function
OL-26698-14
39
Conditions: When running 7301 router and connecting EasyVPN through it, causes leak in Crypto
IKMP process over time.
Workaround: Reload the router over a period of time.
CSCug73829
Symptom: Data Conversion Errors seen while configuration changes at Remote end device.
Conditions: Data Conversion Error and traceback can be seen while doing configuration changes on
remote end device.
CSCug74947
Symptom: When down physical interfaces on remote site routers, local router physical interface go
down down and tunnel interfaces become up down. The ISAKMP for the tunnel that is connected
with serial T3 goes down but for Gig link, ISAKMP remain QM_LDLE.
Conditions: Irrespective of the Serial and Ethernet links, sometimes, multiple IKE SAs (duplicate
SAs) get created with the same peer. When the dpd is configured and the interface of the peer is
shutdown, the duplicate SA continues to exist
CSCug78025
Symptom:Multicast packets are dropped when DMVPN HUB is scaled.
Conditions:This happens to bigger packet size. The problem is seen on ASR1001 and Overlord
ISR4451.
Workaround:There is no known workaround.
CSCug99389
Symptom: tracebacks when moving from the getvpn multicast rekey configs to getvpn unicast
configurations with config-replace command
Conditions: moving from getvpn mcast keyring to getvpn unicast keyring
Workaround: without using config-replace command, completely erase the getvpn configuration
from GM router and then try to configure the getvpn unicast rekey. On-fly don;t change
configuration from getvpn mcast to unicast with help of config-replace command.
CSCuh09872
Symptom: Issue seems to happen when we check the bridge-domain related platform command, first
on the RP, then on the FP repeatedly.
Conditions: Usage of the 'show platform software bridge-domain rp active 11 mac-table' followed
by 'show platform software bridge-domain fp standby 11 mac-table <>' multiple times results in this
RP crash
CSCuh11104
Symptom: Memory leak is seen for SDP Passthrough scenario.
Conditions: This memory leak occurs when the wsapp is not registered .
CSCuh14758
Symptom: Basic SIP calls fail with Redundancy Group enabled for Box to Box HA case
40
OL-26698-14
Conditions: Redundancy Group enabled with dual attach for SP & ENT networks
Workaround: Yes, remove and add the sip bindings (control/media) at the outgoing voip dial-peer
after Redundancy Group is added in 'voice service voip'
CSCuh23859
Symptom: With Suite-B configured (i.e. esp-gcm / esp-gmac transform) on a GETVPN Key Server
(KS), Group Members (GM) will see the following un-gated error message on the console when the
KS policy ACL is changed or edited and a rekey is sent from the KS using "crypto gdoi ks rekey"...
May 31 09:56:49.906 IST: *** SERIOUS ERROR: OVERLAPPING IV RANGES DETECTED ***
When the GM receives the rekey, the policy is installed successfully. However, after this the GM
re-registers twice and then these errors are displayed.
Conditions: Suite-B is configured (i.e. esp-gcm / esp-gmac transform) on a GETVPN Key Server
(KS), the KS policy ACL is changed or edited and a rekey is sent from the KS using "crypto gdoi ks
rekey" This issue was seen with at least 50 Group Member (GM) instances using VRF-Lite on a
ASR1K GM box and no more than 30 ACE's in the KS policy ACL, however this issue should also
be seen on a ISRG2 GM box with less GM instances and less ACE's as well.
Workaround: If a Key Server (KS) policy ACL must be changed or edited while Group Members
(GM) have already registered and downloaded GETVPN Suite-B policy (i.e. esp-gcm / esp-gmac
transform), issue "crypto gdoi ks rekey replace-now" instead of "crypto gdoi ks rekey" after
changing the KS policy ACL. (NOTE: a very small amount of traffic loss may be expected) If
possible, do not change the KS policy ACL after a GETVPN network using Suite-B is up and
running.
CSCuh27266
Symptom: CPP core not generated when FP crash happen
Conditions: Perform SPA OIR with Unicast/Multicast/Broadcast storm control on 32k EFPs
CSCuh29125
Symptom: in meetme confernece calls, the call-id/tag modification for NOTIFY work for
pre-INVITE NOTIFY, but it seems does not work pre-BYE NOTIFY
CSCuh42953
Symptom: 10G ports on the [ASR1000-2T 20X1GE] Ethernet Line card is not able to handle traffic
with IFG<=8
Conditions: Traffic with IFG<=8
CSCuh43137
Symptom: With Suite-B configured (i.e. esp-gcm / esp-gmac transform), GETVPN Key Sever (KS)
shows TEK SPI's for deny ACE's when "show crypto gdoi ks policy" is issued while a Group
Member (GM) does not show TEK SPI's for deny ACE's when "show crypto gdoi" is issued.
Conditions: The command "show crypto gdoi ks policy" is issued with Suite-B configured (i.e.
esp-gcm / esp-gmac transform) deny ACE's in the policy ACL for GETVPN / GDOI.
CSCuh53255
OL-26698-14
41
Symptom: no media issue is encountered.

Conditions: By default, without "asymmetric payload full" configured, there will be no end-to-end
PT negotiated. CUBE should do payload type interworking at RTP level. But right now, CUBE does
not behave correctly, no media issue is encountered.
Workaround: configure "asymmetric payload full" under voice service voip -> sip
CSCuh54693
Symptom: Crypto Socket remains CLOSED on DmVPN setup
Conditions: DmVPN with extended CLI to mention IKE profile as the ISAKMP profile
Workaround: Remove the ikev2 profile configuration from the ipsec profile
CSCuh55668
Symptom: DSP Alarms observed & Call gets disconnected with VCC configuration on INBOX HA.
Conditions: Steps to reproduce:
1. Make call from A to B
2. Once is call is successful, do HOLD (MOH)
3. check "show log | inc DSP" to check the dsp alarms. 4. Do SSO, you will see DSP alarms on new
active & call gets disconnected.
Jun 18 00:02:10.914 IST: %SPA_DSPRM-3-DSPALARM: Received alarm indication from dsp
(1/1/19). Jun 18 00:02:10.914 IST: %SPA_DSPRM-3-DSPALARMINFO: 0042 0000 0080 0000
0000 0000 4368 6563 6B73 756D 2046 6169 6C75 7265 3A63 3030 3030 3030 302C 3030 3030
3030 3030 2C64 3031 3534 3834 342C 6430 3030 3030 3030 0000 0000 0000 0000 0000 Jun
18 00:02:10.914 IST: %SPA_DSPRM-3-DSPALARMINFO: Checksum
Failure:c0000000,00000000,d0154844,d0000000 Jun 18 00:02:10.914 IST: spa dsp alarm
: dsp 1/1/18) Jun 18 00:02:10.915 IST: %SPA_DSPRM-3-DSPALARM: Received alarm
indication from dsp (1/1/20). Jun 18 00:02:10.915 IST: %SPA_DSPRM-3-DSPALARMINFO:
0042 0000 0080 0000 0000 0000 4368 6563 6B73 756D 2046 6169 6C75 7265 3A63 3030 3030
3030 302C 3030 3030 3030 3030 2C64 3031 3534 3834 342C 6430 3030 3030 3030 0000 0000
0038 0000 0000 Jun 18 00:02:10.915 IST: %SPA_DSPRM-3-DSPALARMINFO: Checksum
: dsp 1/1/19) Jun 18 00:02:10.917 IST: %SPA_DSPRM-3-DSPALARM: Received alarm
indication from dsp (1/1/21). Jun 18 00:02:10.917 IST: %SPA_DSPRM-3-DSPALARMINFO:
0042 0000 0080 0000 0000 0000 4368 6563 6B73 756D 2046 6169 6C75 7265 3A63 3030 3030
3030 302C 3030 3030 3030 3030 2C64 3031 3534 3834 342C 6430 3030 3030 3030 000A 7789
0300 0000 0000 Jun 18 00:02:10.917 IST: %SPA_DSPRM-3-DSPALARMINFO: Checksum
: dsp 1/1/20)
CSCuh62529
Symptom: ASR router crashes for media forking HA feature
Conditions: media forking feature crashed in B2BHA standby router
CSCuh62579
Symptom: CUBE send 403 response for untrusted Requests by default. This request to make the
TDOS feature enabled by default came from marketing for Ease-of-use to the customer.
Conditions: Request should come from untrusted host.
Workaround: enable silent-discard explicitly.
CSCuh62628
42
OL-26698-14
Symptom: ASR Router crashed for hydrogen serviceability feature

Conditions: This symptom was observed under the following scenarios:
1. enabled following event trace commands at common_setup section,
monitor event-trace voip ccsip fsm
monitor event-trace voip ccsip msg
monitor event-trace voip ccsip misc
monitor event-trace voip ccsip api
monitor event-trace voip ccsip global
monitor event-trace voip ccsip limit connections 1000
monitor event-trace voip ccsip stacktrace 8
monitor event-trace voip ccsip history enable"
monitor event-trace voip ccsip history clear"
monitor event-trace voip ccsip all enable"
2. By default all feature codes and log level are enabled at particular TC setup section
3. Single audio call is established, after 4 to 5 sec. crash occurred.
CSCuh63727
Symptom: Router may crash when unconfiguring large (8k) redirect ACL list in MASK config
CSCuh66373
Symptom: KS not sending rekey to the registered GM
Conditions: KS not sending rekey to the registered GM
Workaround: If we enable retransmission on KS , rekey are received by the GMs
CSCuh66745
Symptom: Error Message seen on ASR1K while reloading router
Conditions: While reloading the asr1k box error message is coming
CSCuh70934
Symptom: Condition debug messages are showing for portchannel EVC even when the debug is not
turned on
Conditions: This symptom is observed when unconfig/config portchannel EVC, shut/not shut
portchannel interface
CSCuh70997
Symptom: Memory leak observed in l2fib_nhop, l2fib_nhop_key,l2fib_nhop_update
Conditions: This symptom is observed when clear xconnect all - during longevity
CSCuh72004
OL-26698-14
43
Symptom: FPD upgrade causes line protocol to stay down on ASR1000 Fixed Ethernet Line Card
Interfaces, RP goes out of sync.
Conditions: FPD upgrade on Ethernet Line Card causes this issue.
Workaround: Reload of Line Card slot resolves the issue.
CSCuh72756
Symptom: When loading protocol-pack 6.0 or 6.1 a traceback might occur. There is no functionality
impact.
Conditions: When loading protocol-pack 6.0 or 6.1 on top of version 15.3(3)S with RP1 platform.
Workaround: Currently there is no workaround.
CSCuh74635
Symptom:Syslog not seen for ICMP connection denied
Conditions:Have a deny any any policy and send icmp traffic
CSCuh75393
Symptom: When subject name is used as secondary under truspoint for authorization without
primary configured, it doesnt pick the correct value.
Conditions: only subject name is configured as secondary without primary.
Workaround: configure subject name as primary
CSCuh77629
Symptom: Alert-Info header is not passed through when given in any SIP message except initial
INVITE.
Conditions: Alert-Info header is not passed through when given in any SIP message except initial
INVITE.
Tested with 180,200 OK, re-invite and BYE messages.
Alert-Info header is not passed through in any of the above messages.
CSCuh81638
Symptom: RP crashes at boot and continuously reloads.
Conditions: %SCOOBY-3-SERIAL_BRIDGE_CRITICAL_ERROR_RATE: R1/0: cmand:
Reloading R1:0 due to critically high serial bridge error rate. *Jun 28 19:26:55.074:
%PMAN-3-PROCHOLDDOWN: R1/0: pman.sh: The process cmand has been helddown (rc 69)Jun
28 19:27:01.578 R1/0: %PMAN-5-EXITACTION: Process manager is exiting: process exit with
reload fru code
CSCuh81850
Symptom: Aux output on management interface.
rtp-xdm-100:131> telnet hat-q 31401 Trying 172.18.133.41... Connected to hat-q.
Escape character is '^]'. Linux 2.6.32.39 (ASR1013-Q1401_RP_1) (0) 2013/06/28
17:08:37 : <anon> [ASR1013-Q1401_RP_1:~]$ [ASR1013-Q1401_RP_1:~]$
[ASR1013-Q1401_RP_1:~]$ [ASR1013-Q1401_RP_1:~]$ [ASR1013-Q1401_RP_1:~]$
[ASR1013-Q1401_RP_1:~]$ [ASR1013-Q1401_RP_1:~]$ [ASR1013-Q1401_RP_1:~]$
Conditions: Loaded latest image.
44
OL-26698-14
CSCuh87618
Symptom: Configured two APS groups ( one for OC3/hdlc and other with OC12/PPP) between
ASR1013 and ASR1006 using back to back connections. APS group 1 interfaces Inactive after
RP-switchover
Conditions: During ASR1013 Subpackage MDR
CSCuh87919
Symptom: Seeing PuntPerCausePolicerDrops on sending traffic through LISP router.
Conditions: No traffic drops associated
CSCuh91225
Symptom: Router crashes @ pki_import_trustpool_bundle
Conditions: While doing "default profile CiscoTAC-1" with call-home v2 feature
CSCuh91563
Symptom: ucode crash seen on unconifugring nat with nbar
Conditions: This symptom is observed during a script run
CSCuh95747
Symptom: Hash table updated incorrectly when more than one interface assigned with ip address
on wae
Conditions: This symptom is observed when you apply ip and configs with uut and wae.
Workaround: Issue not seen when there is only one interface assigned with ip address on wae.
CSCuh97072
Symptom: Under certain rare circumstance, ZBFW will not properly build the connection for the
first packet of the flow. This causes subsequent packets to be dropped due to TCP state checking.
Conditions: This was first observed when NAT, ZBFW and HA were all enabled on the ASR
platform. This only affects ASR platforms.
Workaround: Removing and re-adding the NAT configuration resolves the issue. Sometimes it
requires readding the NAT configuration without any redundancy keywords before readding it with
the redundancy keywords.
CSCui00427
Symptom: With Popinac line card, 40Gbps performance with 68byte frame sized data results in huge
packet drops. The drops are reported as ESP tail drops.
Conditions: Stress the Popinac line card with bi-directional 40Gbps traffic of frames size 68 bytes.
Use ESP160 for test.
CSCui01732
Symptom: UUT is Crashing
OL-26698-14
45
Conditions: UUT is configured in CGN mode

CSCui02617
Symptom: Hi scale resync on ANCP session can cause a crash on ESP100.
Conditions: ANCP Resync at scales beyond 200 AN-Subscribers
CSCui05310
Symptom: CPP crashes when arp packets are received on an interface which has platform
conditional debugging with access-list as filter is enabled.
Conditions:
1. platform conditional debugging with access-list as filter is enabled
2. About 50 ARP packets are received on interface what has platform conditional debugging is
enabled
Workaround: Do not use access-list as filter for platform conditional debugging
CSCui05893
Symptom: UUT is crashing
Conditions: Sending Traffic from 50 K addresses
CSCui08714
Symptom: Show vlan counters refreshed after RP switchover on dual RP system
Conditions: Send traffic through a VLAN on Popinac---SPA back to back connectivity. Check the
vlan coutners using "show vlan dot1q <vlanid>" show command. Switchover to redundant RP.
Now check the "show vlan dot1q <vlanid> " cmd to see if the counters are incremental or starting
from 0 after standby RP becomes Active .
CSCui10537
Symptom: When E1 interface have both channel-group and ds0-group, OIR will have some issues
Conditions: Some framer bits are not completely cleaned up, causing interface failed to come up.
Workaround: Sometimes shut/no shut will fix this issue.
CSCui29433
Symptom: An ISSU breakage will occur when upgrading from IOS XE 3.9.2 to IOS XE 3.10 if the
router configuration includes a flow record with the following fields:
collect connection client counter bytes network long
collect connection server counter bytes network long
Conditions: The router configuration includes a flow record with the following CLI:
flow record type performance-monitor rec
collect connection client counter bytes network long
collect connection server counter bytes network long...
46
OL-26698-14
Workaround: Remove the field configuration described above before upgrading to IOS XE 3.10, or
upgrade directly to 3.10.1 when it becomes available. The following describes how to remove the
problematic field configuration:
flow record type performance-monitor rec
no collect connection client counter bytes network long
no collect connection server counter bytes network long
CSCui40686
Symptom: show policy-map target service-context <service-context name> passthru-reason
command does not show the correct PT stats indicated by SN on AppNav-XE.
All the below mentioned statistics will have incorrect values.
Indicated by SN:
Passthrough Reasons
------------------PT Internal Error
PT App Override
PT Server Black List
PT AD Version Mismatch
PT AD AO Incompatible
PT AD AOIM Progress
PT DM Version Mismatch
PT Peer Override
PT Bad AD Options
PT Non-optimizing Peer
PT SN Interception ACL
PT IP Fragment Unsupport
Packets
------0
0
0
0
0
0
0
0
0
0
0
0
Bytes
-------0
0
0
0
0
0
0
0
0
0
0
0
Conditions: When the AppNav-XE is acting as the controller with 3.9/3.10/3.11 image and Service
nodes having WAAS 5.3.1 image (intruder), the PT reasons indicated by the SN is not interpreted
correctly on AppNav-XE since the PT reasons are offset by 1. This messes up with the PT reason
stats on AppNav-XE.
OL-26698-14
47
48
OL-26698-14

Routers Release 3.9S. Caveats describe unexpected behavior. Severity 1 caveats are the most serious
caveats. Severity 2 caveats are less serious. Severity 3 caveats are moderate caveats. This chapter
includes severity 1, severity 2, and selected severity 3 caveats.
Note
Release Notes.
We recommend that you view the field notices for the current release to determine whether your software
or hardware platforms are affected. You can access the field notices from the following location:
Note
The Dictionary of Internetworking Terms and Acronyms contains definitions of acronyms that are not
defined in this document:
Caveats in Cisco ASR 1000 Series Aggregation Services Routers Release 3.9.2S, page 2
Cisco Systems, Inc.

www.cisco.com
Caveats in Cisco ASR 1000 Series Aggregation Services Routers Release 3.9.2S
Caveats in Cisco ASR 1000 Series Aggregation Services Routers

Release 3.9.2S
This section describes the caveats in Cisco ASR 1000 Series Aggregation Services Routers Release
3.9.2S. It contains the following topics:

3.9.2S
This section documents the unexpected behavior that may be seen in Cisco ASR 1000 Series
Aggregation Services Routers Release 3.9.2S.
CSCue34749
Symptom: SIP crashes on RP switchover.
Conditions: Issue is seen in scale setup.
Workaround: SIP has to be reloaded.
CSCue91054
Symptom: ESP crashed when sending IPv6-fragmented traffic through DMVPN hub (MGRE
tunnel).
Conditions: This condition occurs when sending big IPv6 packets (need to do IPv6 fragmenation
after adding tunnel header) traffic through DMVPN hub. Large amout of IPv6 fragment traffic, for
example, 5G on ESP20, which exceeds re-assembly performance number that is less than 2G.
Workaround: Change MTU to avoid IPv6 fragmentation.
CSCuh18797
Symptom: ESP crashed while removing policy-map from configuration. This issue is seen while
removing the QoS configuration from standalone chassis and all the ports are down.
Conditions: ESP crashed because of object-pending issue. This issue can only be reproduced when
the QoS configuration is from NVRAM, and not when it is added on a live box. This may be related
to ordering issue.
On my 1RU router, just booted the QoS config , and remove the QoS policy will crash FP.
QoS-1RU#conf t
Enter configuration commands, one per line. End with CNTL/Z.
QoS-1RU(config)#no policy-map
PM-QOS-LAN-1 QoS-1RU(config)# *May 29 06:31:35 UTC: IOSXE_OIR-6-OFFLINECARD Card
(fp) offline in slot F0do *May 29 06:31:46 UTC: CPPHA-3-FAULT SIP0: cpp_ha: CPP:0.0
desc:CPP Client process fail det:HA class:CLIENT_SW sev:FATAL id:1 cppstate:RUNNING
res:UNKNOWN flags:0x0 cdmflags:0x0 *May 29 06:31:46 UTC: IOSXE-6-PLATFORM SIP0:
cpp_ha: Shutting down CPP MDM while client(s) still connected *May 29 06:31:46 UTC:
PMAN-3-PROCHOLDDOWN SIP0: pman.sh: The process fman_fp_image has been helddown (rc
134) *May 29 06:31:46 UTC: PMAN-0-PROCFAILCRIT SIP0: pvp.sh: A critical process
OL-26698-16
fman_fp_image has failed (rc 134) *May 29 06:31:46 UTC: PMAN-3-PROCHOLDDOWN SIP0:
pman.sh: The process cpp_ha_top_level_server has been helddown (rc 69) *May 29
06:31:48 UTC: CPPDRV-3-LOCKDOWN SIP0: cpp_cp: CPP10(0) CPP Driver LOCKDOWN due to
fatal error. *May 29 06:31:50 UTC: IOSXE-6-PLATFORM SIP0: cpp_cdm: Shutting down CPP
MDM while client(s) still connected *May 29 06:31:52 UTC: PMAN-5-EXITACTION SIP0:
pvp.sh: Process manager is exiting: critical process fault, fman_fp_image, fp_0_0,
rc=134May 29 06:33:03.763 R0/0: PMAN-5-EXITACTION Process manager is exiting: reload
fru action requested
CSCui38300
Symptom: High latency is observed in customer network.
Conditions: Under conditions such as forced test, it is possible to create scenarios where flow-lock
contention is very high because of NAT gatekeeper failures.
CSCuf74266
Symptom: ASR-CUBE: Crash observed with DSMP.
Conditions: Load scenario issue is observed.
CSCug48145
Symptom: ASR DTMF interworking failed after reinvite with the block configured.
Conditions: DTMF configured with different preference results in issue.
CSCug77212
CCSIP_SPI_CONTROL when SIP headers are manipulated using a SIP profile for 200 response
Conditions: Crash could be due to SIP profile configurations being wrongly applied to Notify
response (this profile was meant for 200 OK Invite response).
Workaround: Do not configure SIP profiles to manipulate the headers for 200 responses.
CSCui00417
Symptom: Linear increase of CPU for CCSIP_SPI_CONTROL and AFW_application processes,
and CPU does not stabilize.
Conditions: Basic SIP calls (INVITE to BYE) run for 2 hours or more.
CSCug19588
Symptom: IKEv2 TPS performance degradation over time.
Conditions: This occurs in the lab under extreme test conditions with traffic running during session
bring-up.
Workaround: Reduce traffic and session bring-up rate.
CSCud78578
Symptom: RP crashes after FP switchover.
Conditions: FP(FP80) reload with QoS configurations and traffic flowing in the background.
OL-26698-16
CSCuh20209
Symptom: ucode crashes when running the clear ip nat translations command.
Conditions: This condition occurs very rarely with stateful traffic.
Workaround: Use clear ip nat translations vrf vrf_name command to clear VRF aware translations.
CSCuh73422
Symptom: ASR1k With MAP-T Configuration crashes.
Conditions: When a Ping is initiated to public IPv4 address, the Cisco ASR 1000 Series Aggregation
Services Routers crash with Core dump, and the packet is translated but the packet causes an ICMP
error message to be generated. In case of ICMP error generation, the box could crash.
CSCue14586
Symptom: After reload, system may not be able to bring up all IPsec tunnels at high scale (1k) group
members.
Conditions: This condition occurs on the Cisco ASR 1000 Series Aggregation Services Routers with
GETVPN, 1k group members.
Workaround: Issue the clear crypto gdoi command to force re-registration and rebuild of tunnels.
CSCue50484
Symptom: Crypto Tunnel Socket remains OPEN after shutting down the tunnel interface.
Conditions: This condition occurs on the Dual-DmVPN with ike-profile on the tunnel interface.
CSCuf96673
Symptom: Memory leaks are seen with Smap-Dmap scale scenario for 4000 sessions.
Conditions: Leaks are seen after stress testing in rekey, dpd, and clear commands.
Workaround: There is no workaround to prevent memory leaks.
CSCui21309
Symptom: ASR RP Crash is observed.
Conditions: This condition occurs on the Cisco ASR 1002-x Routers running on 3.8.2S. This ASR
is configured as dVTI IPSec Server.
CSCui26458
Symptom: Call flow: Verizon -- CUBE -- CUSP -- Genesys/IVR, transfered with SIP Refer back
to PSTN hair-pining the call on CUBE. When the call is put on hold to be transferred from IVR to
PSTN, the CODEC negotiation fails, dropping the call with reason code 47 and hanging the UDP
port used. All the subsequent calls that try to reuse the same UDP port for RTP stream are dropped
with reason code 47 and provison RSP failure is logged on show voip fpi stats command.
Conditions: Hair-pinned calls that receive multiple M-Lines on the SDP received from Verizon on
the original SIP Invite.
Workaround: There is no workaround. Reload of router is required to clear hung UDP ports.
CSCue89779
OL-26698-16
Symptom: A FlexVPN spoke configured with an inside VRF and front-door VRF may have
problems with spoke-to-spoke tunnels if they are not the same. During tunnel negotiation, two
virtual-access interfaces are created (while only one is needed), the one in excess may fail to cleanup
correctly. As a result, the routes created by NHRP process may lead to loss of traffic, or traffic may
continue to flow through the Hub.
Conditions: This symptom occurs when the VRF used on the overlay (IVRF) and the VRF used on
the transport (FVRF) are not the same.
CSCuh56482
Symptom: A client connects to the IOS headend when launched from the browser, but if the
connection attempt is made directly from the client it fails.
Conditions: This symptom occurs under the following conditions:
Cert-only client authentication is configured on the IOS headend.
Standalone client is used to connect.
There is more than one client certificate on the host machine.
Workaround: Launch the connection from the browser instead.
CSCui07002
Symptom: When two routers attempt to build an IKE session and use PKI for authentication, if the
CRL has expired, the responding router crashes and reloads.
Conditions: PKI chain-validation, CRL check, expired CRL
Workaround: Disable CRL check.
CSCui12338
Symptom: PPPoX sessions are not coming up with scaled configurations above 24,000.
Conditions: The Service Provider network should be NAT enabled to 200 VRF with MPLS running
in the core.
CSCuh92188
Symptom: Active IOSD crashed because of BGP task, which eventually cause the entire RP to
reboot. This issue is not related to BGP task.
Conditions: This symptom is seen when active IOSD process crashes. The reason of IOSD crash
could be anything.
CSCuh46031
Symptom: The Cisco ASR 1000 Series Aggregation Services Router sends a different
Acct-Session-Id in the Access-Request and Accounting-Request for the same user.
Conditions: Flex VPN IPSEC remote access is configured.
CSCue48456
Symptom: Call is disconnected through CUBE.
Conditions: This symptom occurs on a video call where a mid-call re-INVITE occurs to modify the
media stream.
OL-26698-16
CSCuh90658
Symptom: QFP crash.
Create normal GTPv1 session and primary PDP.
Delete request with teardown false.
Update QoS with different data TEID at both SGSN and GGSN when crash occurred.
CSCuh95336
Symptom: Second udpated PDP failed.
Conditions: Update the second PDP normally with different data TEID.
CSCui22356
Symptom: The Subpackage ISSU Upgrade is performed on ASR1002-X router after upgrading the
standby RP (R0/1) with new RP subpackages. Then, Switchover is forced from the active IOS
process to the standby IOS process. During the switchover, new active RP performs configuration
Bulk-Sync with the standby RP. During this Bulk Sync operation, the configuration related to the
interfaces is not synchronized with the standby RP due to Bulk Sync MCL failures. The following
error message will be displayed when this error is present.
Sample Error Message:
<.............>
Config Sync: Bulk-sync failure due to Servicing Incompatibility. Please check full
list of mismatched commands via:
show redundancy config-sync failures mcl
Config Sync: Starting lines from MCL file:
interface Tunnel150
! <submode> "interface"
- tunnel source GigabitEthernet0/0/0.34
<..............>
Standby takes more time(~744 seconds) for reaching terminal State.
Conditions: The symptom is observed after redundancy force-switchover step in ISSU upgrade
procedure.
Workaround: Peform a standby IOS reload using the following command:
hw-module subslot R0/0 reload

Release 3.9.2S
CSCtj24692
Symptom: NVRAM configuration file gets corrupted when a chassis is power cycled without a
graceful shutdown.
Workaround: Shutdown chassis using the reload command and make sure RP gets to ROMMON
before power cycling the chassis.
OL-26698-16
CSCud35416
Symptom: The Jabber application for iPad failed to register with Cisco Unified Border Element
(CUBE). This symptom is also seen when CUBE does not respond to the out-of-dialog option pings
(TCP), which are sent by the Microsoft Lync server.
Conditions: This symptom occurs in the following scenarios:
Default registration with a TCP length longer than 536 bytes, which causes TCP fragment in the
Jabber application for iPad.
When the call flow is as follows: Microsoft Lync Server >> SIP >> Cube.
The following TCP flow is seen from the packet capture:
LYNC
Cube Syn>>>>>> <<<<<<Syn, Ack Ack>>>>>> OPTIONS>> <<<<<<Ack : No SIP 200 OK
was sent by the CUBE.
Workaround: Use the following workaround options:

Configure the ip tcp adjust 1400 command.
Downgrade to Cisco IOS Release 15.2(3)T2.
CSCud50029
Symptom: TX drops seen on LSMPI driver show platform software infrastructure lsmpi driver
command:
Reason for TX drops (sticky):
Bad packet len
: 0
Bad buf len
Bad ifindex
: 0
No device
: 0
No skbuff
: 0
fail : 663 <<<<< ......
: 0
Device xmit
Conditions: Counter increase due to large or bursty control packets.

CSCue14143
CSCue45934
Symptoms: This problem is specific to the Catalyst 6000 platform. With IPv4 crypto map, ICMP
echo reply is not triggered from the remote end.
Conditions: This symptom is observed in IPv4 crypto map configuration and Catalyst 6000
platform.
CSCue50255
Symptom: ucode crashes @ ucode
crash@REM_REM_MISC_ERR_LEAF_INT_INT_REM_POP_REQ_TO_EMPTY_SCHE
Conditions: This condition occurs on flapping multilink interfaces.
CSCue52963
Symptom: Some of the SPA goes to inserted (physical) state after an ISSU upgrade. This issue is
Conditions: This issue is seen while doing an ISSU upgrade on a setup that has a high scale
Workaround: This issue is not seen in the following scenarios:
1.
Before doing a load version from RP0 (initial active), enter the show ipv6 route [table | inc
IPv6] command:
2.
Note down the number of IPv6 route tables in the system.
OL-26698-16
3.
Do a load version.
4.
Wait for standby to come up to Standby hot.
5.
Enable the standby console from RP0 (active).

asr1000#configure terminal
asr1000(config)#redundancy
asr1000(config-red)#main-cpu
asr1000(config-r-mc)#standby console enable
6.
Log in to the standby console and enter the how ipv6 route [table | inc IPv6] command. Then,
note down the number of IPv6 route tables in standby. If the number is lesser than the number
noted in Step 2. wait for some time and re-verify till it reaches the number noted in Step 2.
7.
Issue ISSU run version from RP0 (active).
CSCue63742
Symptom: Tracebacks are seen in a basic call scenario.
Conditions: CTI call flow is enabled.
Workaround: Do not configure CTI (allow watch) in ephone-dn.
CSCue69527
Symptoms: More than 95 SCCP controlled FXS ports cannot be configured on the Cisco VG350.
The debug output for the debug ccm-manager config-download errors command is as follows:
cmapp_sccp_gw_start_element_handler: warning - max number of interfaces reached.
Conditions: This symptom occurs when configuring more than 95 SCCP FXS ports on the Cisco
VG350 using CUCM.
CSCue80506
component.
Conditions: When there is a routing issue such that the Cisco ASR 1000 Series Aggregation Services
Router acting as the DMVPN hub can receive spoke registrations but does not have a valid route to
the spoke (i.e. the spoke's forwarding interface is Null 0) and the spoke's QoS configuration include
a queuing feature, then the QoS policy is not applied and the ESP has to be reloaded to recover from
this problem.
Workaround: There is no workaround, but the following actions can get the router operational again:
Correct the routing issue and reload the ESP.
Remove the QoS queuing feature and reload the ESP.
CSCue88077
Conditions: This issue is seen for SIP-H323 calls at 50 CPS in CUBE (Ent) configuration.
CSCue94694
Symptom: cpp_cp_svr crash @ cpp_ifm_if_delete_cntx is seen.
Conditions: This condition occurs while removing PVCs and invalid interfaces.
OL-26698-16
CSCuf93395
Symptom: Traceback is observed in HUB on FP reload.
Conditions: QoS is not applied in hardware when traceback occurs. This occurs when QoS is applied
to a spoke's tunnel on the DMVPN hub following the flapping of a spoke's tunnel.
Workaround: Reload the ESP.
CSCug34404
Symptom: RP crash is seen at be_interface_action_remove_old_sadb.
Conditions: The symptom is observed while unconfiguring the 4K SVTI sessions after an HA test.
CSCug52953
Symptom: Reload of QFP occurs with one of the following backtraces:
Driver Interrupt: DPE5_CPE_CPE_DPE_INT_SET_0_LEAF_INT_INT_S4_WPT_ERROR
BackTrace # 0 hal_abort () at
/scratch/mcpre/BLD-BLD_V153_3_S_XE310_THROTTLE_LATEST_20130428_224613/cpp/dp/hardware/
cpp/hal/hal_logger.c:81 #1 0x8032998a in tw_fire_timer_events () at
/scratch/mcpre/BLD-BLD_V153_3_S_XE310_THROTTLE_LATEST_20130428_224613/cpp/dp/infra/log
ger.h:207 #2 0x8032a4bc in time_process_timer_hb () at
/scratch/mcpre/BLD-BLD_V153_3_S_XE310_THROTTLE_LATEST_20130428_224613/cpp/dp/infra/tim
e.c:837 ...
Conditions: These type of cores can appear for various conditions. The particular CDETs only
addresses when this condition occurs after unconfiguring NAT PAP mode. This includes changing
PAP or BPA configuration.
Workaround: After unconfiguring PAP, it is recommended to reload the box that is more desirable
than an uncontrolled reset.
CSCug54468
Symptom: ASR 1002-X acting as LNS, RP crashes after shutting down the interface that is
connecting LAC.
Conditions: 5000 sessions with per-session QoS. All these sessions are setup on single L2TP tunnel.
CSCug56942
For MOSCqe alert clear trap, CUBE should not send CurrentLevel Varbind but should send
Conditions: This condition occurs when CUBE SP generates clear trap for voice quality alerts.
Workaround: The code fix is included in CUBE 15.2(4)S4. If earlier CUBE version is used,
manually clean the alarm at CUOM after root cause is rectified.
CSCug58617
configuration.
Conditions: The symptom is observed on routers with configurations that break show run format.
CSCug66565
OL-26698-16
Symptom: A previous code commit to address the same issue caused a catastrophic issue wherein
SPA is going out of service, during the SPA reload and chasiss reload after the RP switchover on 1
RU. This bug improves the fix so that this catastrophe is not seen again. The original issue was
exposed during regression testing while doing an ISSU upgrade.
Conditions: Aforementioned commit should be present in the image and chassis should be ASR
1001. The issue is seen when SPA is reloaded after RP switchover.
Workaround: The issue is not seen if :
Chassis is not ASR1001.
Aforementioned fix is not present in the image.
CSCug69107
Symptom: Crypto session does not comes up in EZVPN.
Conditions: This symptom is observed when a Crypto session is being established.
CSCug73700
Symptom: Failed to do ISSU in CC/SPA upgrade.
Conditions: This condition is seen when the user does a subpackage ISSU in a system for only "sip*"
packages.
CSCug78153
Symptom: Traffic drops are seen with FTP NAT PAP mode.
Conditions: This condition occurs with FTP NAT PAP configured on BOX.
CSCug84557
Symptom: CUBE SBC does not forward mid-call Re-INVITE in a glare condition.
Conditions: This condition occurs in a glare condition, where both legs of a SIP call through the SBC
sends in re-INVITE within 100 ms of each call. The SBC is expected to forward the first arriving
Re-INVITE to the other leg and then reject the second call with a 491 Request Pending response.
Instead, the SBC does not forward either of the Re-INVITE, and gets into a deadlock condition
leading to no audio and eventual call tear down.
CSCug91165
Symptom: ESP may reload when switching classic to CGN mode.
Conditions: ESP may reload when switching classic to CGN mode with traffic.
CSCug91447
Symptom: Packets are lost on transmission to an MLP bundle. Lost packets show up in drop
statistics as tail drops.
Conditions: This condition occurs after removal and re-insertion of SPA module, which contains one
or more links in the MLP bundle.
Workaround: After the SPA re-insertion, remove the serial link from the bundle and add it back.
CSCug95485
10
OL-26698-16
Symptom: UUT is crashing.

Conditions: This condition occurs after switching from default mode to CGN mode, sending
multiple sessions of PPTP.
CSCug97823
Symptom: On the latest Cisco IOS XE 3.10 throttle build, when the VRF-Lite GM starts registering
to the KS, many of these error messages flood the console continuously.
%IMGR-6-FIPS_FMFP_N2_ERR_FAIL: SIP0: fman_fp_image: Cryptographic coprocessor
non-critical failure: stats multi context read error.
Conditions: This condition occurs on ASR 1002-X (KingPin) Chassis acting as VRF-Lite GM with
as less as 400 GMs registering to the KS.
Workaround: There is no workaround. Turning off Crypto feature will stop these messages, which
is not an preferred option at this time.
CSCuh01007
Symptom: After ESP 100 reload, show policy-map interface command counters does not populate
results.
Conditions: This condition occurs with an egress service policy on SPA Gigabit Ethernet interface
and sending high or low priority traffic.
CSCuh03859
Sympt om: If a customer configured snmp server enable traps sbc sla-violation-rev1
Conditions: This is a normal operation.
CSCuh06678
Symptom: One local address can be mapped to multiple global addresses.
Conditions: This condition occurs with PAP configured.
CSCuh09403
Symptom: ESP may reload in B2B NAT ZBFW setup.
Conditions: B2B NAT ZBFW setup with stateful traffic.
CSCuh11994
Symptom: pp_svr crash is noticed executing the show platform hardware cpp active
infrastructure punt policer handle 1000 cpp command.
Conditions: This condition is noticed without any feature configurations.
CSCuh12245
Symptom: cpp_cp process crashes.
OL-26698-16
11
Conditions: Change to the parent class of a session, which causes a rate update event to be performed
in the QFP hardware. At the same time, ANCP causes rate change on a VLAN shapper using mode-F
QoS. The shaper rate change causes the shaper on the VLAN to be removed and then re-applied.
Depending upon RP and FP CPU utilization, these events can be processed on the ESP as one QoS
transaction. where the sessions parent class has a rate change event and the session is also being
moved to an aggregation schedule node on the GE from the VLAN shaper schedule node. And then
the shaper is re-applied to the VLAN and the session is moved back to the VLAN shaper. This all
occurs in the same QoS transaction/commit on the ESP, causing the ESP to crash.
CSCuh14012
Symptom: The crypto session remains UP-ACTIVE after tunnels are brought down administratively.
Conditions: This symptom occurs in tunnels with the same IPsec profile with a shared keyword.
CSCuh23109
Symptom: ISR4400: as a cube crash at PC = 0x7f2edf875555 Conditions: ISR-4451 Configured as
CUBE (SIP-SIP) crashed under traffic.
Image:
v153_2_s_xe39_throttle-BLD-BLD_V153_2_S_XE39_THROTTLE_LATEST_20130407_111216-ios 169
Type of traffic Call Flow:
Phone-A--------CUCM--------CUSP-----(CUBE-ISR4451)------CUSP-------CUBE-ISR3900-----CU
CM----PhoneB The Traffic was running at the a rate of 200 concurrent calls.
========= Exception Tracebacks =================================================
Exception to IOS: Frame pointer 0x7F2E9EEF5B38, PC = 0x7F2EDF875555 IOS Thread
backtrace: UNIX-EXT-SIGNAL: Aborted(6), Process = VoIP FPI Process -Traceback=
1#afd249001e68409960c31d5c87971049 c:7F2EDF844000 31555 Fastpath Thread backtrace:
-Traceback= 1#afd249001e68409960c31d5c87971049 c:7F2EDF844000 BE002 Auxiliary Thread
backtrace:
-Traceback= 1#afd249001e68409960c31d5c87971049
pthread:7F2ED6E5F000 A7C9
Workaround: Disable detailed stats:

ASR#conf t
ASR(config)#voice service voip
ASR(conf-voi-serv)#media disable-detailed-stats
CSCuh27146
Symptom: qfp crash
Conditions: Topology: Landslide A -- > TC -- > ASR1000 -- > asr5000
Workaround: No More Info:
CSCuh33069
Symptom: qfp crash
Conditions: handoff from gtpv0 to gtpv1
Workaround: no More Info:
CSCuh38488
Router#show platform hardware qfp active feature firewall drop
------------------------------------------------------------------------------Drop Reason
Packets
------------------------------------------------------------------------------L7 inspection returns drop
1
Router#
12
OL-26698-16
Disable the port-to-application mapping for SIP with the no ip port-map sip port udp 5060
command. This prevents ZBF from treating UDP/5060 as SIP. Instead, it is treated as simple
UDP.
Use the pass action in both directions instead of inspect. This disables all inspection (even L4)
for the traffic.
CSCuh42885
Symptom: Changing modes in CGN and sending traffic results in ucode crash.
Conditions: Unconfiguring one mode and switching to another mode and sending traffic.
CSCuh43018
Symptom: QFP reloads.
Conditions: Rarely occurs when issuing show platform hard qfp active feature nat da stats
command. Most likely to occur in CGN mode specifically after switching from classic to CGN
mode.
CSCuh50125
Symptom: ESP crashes.
policy-map applied.
interface at the same time.
CSCuh57618
Symptom: The gateway sends the Subscription-State Terminated NOTIFY message before
receiving an unsubscribe request.
Conditions: This symptom occurs when the router is loaded with the
c2900-universalk9-mz.SPA.153-2.25.M0.1 image.
CSCuh58209
Symptoms: ESP crashes in response to a show command.
Conditions: This only causes an ESP crash when the qid specified is an internal queue. It is safe for
interface or QoS-created queue. When issuing the show platform hardware qfp [active | standby]
infrastructure bqs [schedule | queue] qid command on a ASR1K 1002X, ESP100/FP100, and
ESP200/FP200 system.
Workaround: Avoid use of the show command to display internal queues.
PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The
Base and Temporal CVSS scores as of the time of evaluation are 3.8/3.1:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&ve
OL-26698-16
13
ctor=AV:L/AC:H/Au:S/C:N/I:N/A:C/E:F/RL:OF/RC:C No CVE ID has been assigned to this issue.

Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
CSCuh63682
Symptom: Router crash in autoamtic test. The trigger to the crash is the following show command:
show flow monitor name cache format csv.
Conditions: No delay between configuration phase and show command execution.
Workaround: Delay of 10 seconds between configuration phase and show command execution. The
crash is not seen in manual testing.
CSCuh74069
Symptom: Super-package MDR ISSU fails with the following message: MDR:FAILED:
Insufficient memory available on harddisk: to support MDR.
Conditions: Super-package MDR ISSU operation is issued.
Workaround: Issue sub-package MDR ISSU.
CSCuh75480
Symptom: QFP reload may occur.
Conditions: When running NAT in CGN mode and doing a removal of a mapping.
CSCuh76529
Symptom: Unknown.
Conditions: Astro can require a core voltage of up to 1.00V. However, the voltage was defaulted to
0.9V for all Astro chips. If an Astro requires 1.0V is on a board, it is only operating at 0.9V and
could fail to operate properly at speed.
CSCuh85883
Symptom: mplssetvrf bgp routes are not coming up along with multi-vrf PBR.
Conditions: The destination address of the packet is ASR local address. Say, the packet is for us
packet.
CSCuh87017
Symptom: Hw-Sw: ASR1004 ASR1000-RP2 ASR1000-ESP20
asr1000rp2-adventerprisek9.03.09.01.S.153-2.S1. The ESP goes down logging messages as shown
below:
Jun 27 19:59:12.308: %CPPHA-3-FAULT: F0: cpp_ha: CPP:0.0 desc:CPP Client process
failed: cpp_cp det:HA class:CLIENT_SW sev:FATAL id:1 cppstate:RUNNING res:UNKNOWN
flags:0x0 cdmflags:0x0 Jun 27 19:59:12.393: %CPPOSLIB-3-ERROR_NOTIFY: F0: cpp_ha:
cpp_ha encountered an error
-Traceback= 1#e1875e79d5b29fc4e498ecbc61cdf452
errmsg:F6DB000 2230 cpp_common_os:FF5A000 C330 cpp_common_os:FF5A000 C130 :10000000
6FA4 :10000000 12718 evlib:F435000 E3B8 evlib:F435000 10564 cpp_common_os:FF5A000
12FF8 :10000000 F108 c:E51F000 1E938 c:E51F000 1EAE0 Jun 27 19:59:13.054:
%PMAN-3-PROCHOLDDOWN: F0: pman.sh: The process cpp_cp_svr has been helddown (rc 134)
Jun 27 19:59:14.289: %PMAN-0-PROCFAILCRIT: F0: pvp.sh: A critical process cpp_cp_svr
has failed (rc 134) Jun 27 19:59:18.422: %CPPOSLIB-3-ERROR_NOTIFY: F0: cpp_ha:
cpp_ha encountered an error -Traceback= 1#e1875e79d5b29fc4e498ecbc61cdf452
14
OL-26698-16

12FF8 :10000000 F108 c:E51F000 1E938 c:E51F000 1EAE0
Conditions: On issuing show ip nat trans command when there are a large number of static
networks translations the ESP may reset with the above messages. The issue is caused by a
calculation dealing with the number of static network translations that are configured. It is possible
to avoid this issue by moving out of the impacted range of static network translations.
Workaround: Determine the number of static network translations:
Router# show platform hardware qfp active feature nat datapath stats | include static
net
non_extended XXXX entry_timeouts XXXX statics XXXX static net 126 hits
XXXX misses XXXX
Take the number of static network translations ("static net") and
divide it by 32, and then look at the remainder:
126/32 = 3 remainder 30
If the
remainder is 30 or 31 this issue could be encountered when the 'show ip nat
translation' is executed. To avoid this situation add or remove one or two static
network translations, for example:
ip nat inside source static network X.X.X.X
Y.Y.Y.Y /ZZ ip nat inside source static network A.A.A.A B.B.B.B /CC
The addresses
used in these two static network translations do not need to be hit by any traffic,
and do not need to be subnets that are regularly used within the network. Next verify
that the remainder is no longer 30 or 31:
Router#$show platform hardware qfp active
feature nat datapath stats | include static net
non_extended XXXX
entry_timeouts XXXX statics XXXX static net 128 hits XXXX misses XXXX
128/32 = 4
remainder 0
This can also be accomplished by removing one or two static network
translations to lower the remainder. More Info: Symptom: Hw-Sw:
ASR1004
ASR1000-RP2 ASR1000-ESP20
asr1000rp2-adventerprisek9.03.09.01.S.153-2.S1 The ESP
goes down logging messages similar to what is shown below: Jun 27 19:59:12.308:
%CPPHA-3-FAULT: F0: cpp_ha: CPP:0.0 desc:CPP Client process failed: cpp_cp det:HA
class:CLIENT_SW sev:FATAL id:1 cppstate:RUNNING res:UNKNOWN flags:0x0 cdmflags:0x0 Jun
27 19:59:12.393: %CPPOSLIB-3-ERROR_NOTIFY: F0: cpp_ha: cpp_ha encountered an error
errmsg:F6DB000 2230
cpp_common_os:FF5A000 C330 cpp_common_os:FF5A000 C130 :10000000 6FA4 :10000000 12718
evlib:F435000 E3B8 evlib:F435000 10564 cpp_common_os:FF5A000 12FF8 :10000000 F108
c:E51F000 1E938 c:E51F000 1EAE0 Jun 27 19:59:13.054: %PMAN-3-PROCHOLDDOWN: F0:
pman.sh: The process cpp_cp_svr has been helddown (rc 134) Jun 27 19:59:14.289:
%PMAN-0-PROCFAILCRIT: F0: pvp.sh: A critical process cpp_cp_svr has failed (rc 134)
Jun 27 19:59:18.422: %CPPOSLIB-3-ERROR_NOTIFY: F0: cpp_ha: cpp_ha encountered an
error -Traceback= 1#e1875e79d5b29fc4e498ecbc61cdf452
errmsg:F6DB000 2230
c:E51F000 1E938 c:E51F000 1EAE0
CSCuh95125
Symptom: ESP-100 may crash continuously on an ASR1K box with cpp_svr crashes causing the FP
to go down.
Conditions: Numerous QoS sessions with a single queue being created on an interface in a
per-session basis on a Yoda platform (ASR1002-X/ESP100/ESP200).
Workaround: None at the moment More Info: This bug only affects Yoda platforms with large
number of singe queued QoS policies being applied on a per session basis on an interface.
CSCui06014
Symptom: Create 2000 GRE IPSEC tunnels (sample config shown below, repeated 2000 times)
causes RP crash.
interface tunnel10001
bandwidth 1000
ipv6 address 1003:0:0:1::1/64
ipv6
enable
tunnel source Loopback10001
tunnel dest 1004:0:1:1::1
tunnel mode
gre ipv6
tunnel protection ipsec profile hub10001
OL-26698-16
15
Conditions: On ISR4400, it is tested to work fine when scaled up to 1000 sessions. At 1500, we have
observed the crash. The in between numbers are not available. On ASR 1K, it is tested to work fine
when scaled up to 2500 sessions. At 4000, the crash is observed. The in between numbers are not
available.
Workaround: Bring up the tunnels in staggered manner (booting with the configs can also cause the
issue) by shutdown the interface and unshut in batches.
CSCui09501
Symptom: RP_Crash seen @__be_crypto_ipsec_key_engine_sa_req.
Conditions: While unconfiguring the vrfs on spoke-side.
CSCui14994
Symptom: A router may exhibit GPM errors similar to the following:
%INFRA-3-INVALID_GPM_ACCESS_DATA: 67605cec63f8a9dc
f3431ea743899b9a
50a4d7fe457c725a
d4fb26d18422c310
1d6f875f5802d283
43238:
F0: cpp_cp: QFP:0.0
Thread:009 TS:00007383841341196593 %INFRA-3-INVALID_GPM_ACCESS_INFO: 820064c0
0002fd70 00022290 00000011 0002fdb0 00000000 00000011 00000000 805610ea
000340be 00000000 00000016 00000020 000340aa 00000067 00000032
43237:
F0:
cpp_cp: QFP:0.0 Thread:009 TS:00007383841340894106 %INFRA-3-INVALID_GPM_ACCESS:
Invalid GPM Load at 805610ef HAL start 3fc0 HAL end 40bf INFRA start 409c INFRA 40c0
NET 340aa
Conditions: These are the result of incorrect fragmented packet processing internally, specifically
as it relates to UDP traffic.
CSCub56842
Conditions: This symptom is observed when the <CmdBold>show crypto eli<noCmdBold>
command output shows that during every IPsec P2 rekey, the active IPsec-Session count increases,
which does not correlate to the max IPsec counters displayed in SW.
Workaround: Reload the router before active sessions reach the max value. To verify, do as follows:
router# show cry eli
CryptoEngine Onboard VPN details: state = Active Capability
: IPPCP, DES, 3DES,
AES, GCM, GMAC, IPv6, GDOI, FAILCLOSE, HA
IPSec-Session : 7855 active, 8000 max, 0
failed <<<
CSCug98820
Symptom: Multicast RP-Announcement or RP-Advertisement packet is replicated more than one
copy per incoming packet. The number of copies is equal to the number of interfaces or io items
with IC flag enabled (use the show ip mfib command to get the number of IC interfaces).
Conditions: AUTO-RP filter is configured on PIM interfaces.
CSCuh36750
Conditions: Subscriber session with QoS over tunnel or shaped VLAN.
CSCuh62307
16
OL-26698-16
Symptom: Cisco ASR 1000 Series Aggregation Services Router may crash when customer uses
call-policy-set copy source source-address destination destination-address command to create a
new call-policy-set.
Conditions: The na-src-address-table is configured within the call-policy-set. Enter this table with
na-src-address-table XXX after it was created by call-policy-set copy command.
Workaround: instead of using call-policy-set copy source source-address destination
destination-address command, copy and paste the text into config terminal to create a new
call-policy-set.
CSCua78771
Symptom: Error message display needs cosmetic changes to follow style guide.
Conditions: In rare situation, we hit error message regarding an error situation. The message format
needs to be updated to follow style guidelines.
CSCua80616
Symptom: SPA handle invalid message is seen after running the hw-module subslot x/y shut
command on ELC.
Conditions: When multiple ELC sources are configured, such as primary and secondary network
clock sources from ELC, and execute ELC shut using hw-module subslot x/y shut command, the
SPA invalid handle error message is displayed.
CSCuc29179
Symptom: The Cisco ASR 1000 Series Aggregation Services Router filters out the ARP requests
with its own source address. This leads to ping failure between two interfaces, which belong to
different vrf and own same IP subnet; for example, vrf v1 1.0.0.1/24 and vrf v2 1.0.0.2/24.
Conditions: The gigabit ethernet interface (gig0/0/0) connected b2b to another interface on same
router with VRF configured on atleast one of the interfaces.
Workaround: Configure some MAC address on the gigabit ethernet interface (gig0/0/0) and then
unconfigure the MAC address.
CSCue18003
Symptom: Packets drop occur when performing a ping from an ASR 1001 console with packets of
large size (i.e. several kilobytes).
Conditions: This issue is specific to the ASR 1001 and requires a burst of data from the Control
Plane to the Forwarding Plane such that internal hardware buffers are saturated. Normal processing
continues, however, there are drops when the hardware buffer is full.
CSCue29351
Symptom: Caller continuously hears ringback tone while callee is able to hear the caller. Only when
the callee presses the Hold and Resume button, two-way audio is established.
Conditions: Call Flow
PSTN----(VIC2-4FXO)GWY(29XX)----H323--CM(8.6.2.23047-2)--HTTP-ECC---Phone
Issue impact cu has workaround, that is, call works when MTP is invoked; but when MTP is invoked,
the multicast MOH fails to work. Troubleshooting is performed. This issue is not seen when the call
is made directly to the phone without being routed through ECC. Using H323 Slow start or Fast start
does not make a difference.
OL-26698-16
17
Workaround: When MTP is enabled on H323 GWY, there is no issue.
CSCue37000
Symptom: GTP-U drops are noticed for communication that should not have been dropped.
Swisscom agrees that this might be related to some timers and pending PDP sessions that need to be
terminated. Since local tests with mobile devices are all successful, Swisscom wants and needs to
go for 24 hour test to see if the GTP-U drops really lead to a service impact for mobile users.
Conditions:
CSCue40120
Symptom: Small packet performance for multicast traffic has unexpected dip with 03.07.01S on
ESP40
Conditions: A change made while optimizing performance for ESP100/FP100 and ESP200/FP200
was to use the internal recycle queue for the root of the replication tree instead of the leaves recycle
queue used for all other nodes. Unknowingly, this resulted in a big performance impact on the
ESP40.
Workaround: Small packet performance can be returned to acceptable levels by disabling MLRE
with the platform multicast lre off configuration command. The downside of disabling MLRE is
that large packet performance are reduced by almost half for large packets.
CSCue43895
Symptom: The show crypto gdoi gm dataplane counters and show crypto gdoi gm replay
commands show negative or very large counters.
Conditions: The clear crypto sa counters command is issued after the clear crypto gdoi dataplane
counters command and clear crypto gdoi replay counter command for a GETVPN or GDOI
Group Member (GM) running IOS version 15.3(2)S/T or later with the show crypto gdoi feature
long-sa-lifetime command being available.
Workaround: Do not issue the clear crypto gdoi dataplane counters, clear crypto gdoi replay
counter, and clear crypto sa counters commands simultaneously, and if counters go negative or
become very large, execute the clear crypto gdoi command to reset the Group Member (GM).
Note
GM will remove IPsec SAs and re-register, causing some traffic drop.
CSCue45131
Symptom: sVTI tunnel interface does not come up after router reboot.
Conditions: This issue happens when you reboot the router.
Workaround: Reload ESP.
CSCue57374
Symptom: QFP load spike occurs when dropping traffic via IPv6 ACL.
Conditions: IPv6 traffic is dropped with ACL.
Workaround: Configure the no ipv6 icmp unreachable command under the receiving interface.
CSCue57582
Symptom: The following error message may appear:
%STILE_CLIENT-4-MAX_LINK_TOUCH_WARN: F0: cpp_cp: NBAR number of flow-slinks threshold
is reached, cannot allocate more memory for flow-slinks.
18
OL-26698-16
This may cause some degradation in SSL based traffic.

Conditions: This message may appear under heavy SSL traffic.
Workaround: Currently there is no workaround. The classification of the SSL-based traffic should
be based on the other classification mechanisms.
CSCue62227
Symptom: SIP PSTN gateway may delay response to BYE message at the end of a T.38 call.
Conditions: Incoming call to SIP gateway goes out a PRI Call successfully switches no T.38 BYE
is received by SIP gateway. 200 OK response is delayed by a few seconds.
CSCue69906
Symptom: Video calls are failing with improper call legs.
Conditions: After doing testcase-specific configurations, the basic call is done. while checking the
call legs after the call is connected, improper call-legs are seen on CUBE3.
CSCue77317
Symptom: Incorrect SGT tag for IPSec packets.
Conditions: Enable CTS for IPSEC.
CSCuf35359
Symptom: Traceback appears.
Conditions: Both PBR and WCCP are configured.
Workaround: Reload.
CSCuf39344
Symptom: In SBC-B2B, after no attach/attach an adjacency, calls are rejected with 503 Service
Unavailable.
Conditions: This condition occurs under the following:
Config vrf001 on BOX1(ACTIVE) then on BOX2(STANDBY).
Config adjacency's vrf and signaling-address, and media-address and vrf, both refer to vrf001.
Switch-over.
no attach/attach adjacency on BOX2(ACTIVE).
Later calls are rejected with 503 Service Unavailable.
Workaround: Always add or change vrf related SBC config on the same box. More Info:
CSCug32688
Symptom: DNS query failure occurs occasionally with MPLS deployed.
DNS server response 5k
Inside MPLS interface, default MTU
Repeat dns query for serveral times
OL-26698-16
19
Workaround: Set MPLS MTU to 9216 or change TCP MSS on both client-server side.
CSCug34677
Symptom: Topology: S---asr1k---D1--\
|
x.x.x.x/32
------D2--/ * ISIS, fast-reroute
per-prefix configured * LDP on all interfaces * x.x.x.x/32 is reachable via D1 (primary) and D2
(backup) * Sending traffic from S to x.x.x.x * S, D1, and D2 are simulated (Agilent) * Version
15.3(1)S Problem: Upon failing link asr1k-D1 (laser shut on Agilent, equivalent to pulling fiber),
FRR is not triggered and traffic flow is restored when ISIS reconverges.
remote shutdown.
Workaround: There is no workaround except changing interface type to POS/ATM.
CSCug34758
Symptom: Topology: S---asr1k---D1--\ | x.x.x.x/32 ------D2--/ * ISIS, fast-reroute per-prefix
configured * LDP on all interfaces * x.x.x.x/32 is reachable via D1 (primary) and D2 (backup) *
Sending traffic from S to x.x.x.x * S, D1, and D2 are simulated (Agilent) * Version 15.3(1)S
Conditions: Upon failing link asr1k-D1 (laser shut on Agilent, equivalent to pulling fiber), asr1k
quickly (<50msec) starts forwarding packets (dest x.x.x.x) to D2 (backup), but with D1's advertised
label! Only after ISIS converges the packets are forwarded with the correct label (from D2).
CSCug45517
Symptom: Topology: ========= < -----(SIP Trunk A)-----CUBE-----(SIP Trunk B)-----> CUBE
is not forwarding the REINVITE message received from Trunk A to the SIP Trunk B when 491
Request Pending is received from SIP Trunk B for the previous SIP transaction.
Conditions: When 491 Request Pending is received.
CSCug53415
Conditions: ASR1001 Built-in SPA.
CSCug53833
Symptom: When attaching or detaching performence monitor to or from interface, memory is
leaking.
<conf t> perf mon context perf-mon prof appl
<conf t> interface GigabitEthernet0/0/3
performance monitor context perf-mon
no performance monitor context perf-mon
traffic-monitor all
Conditions: FAll tools avc config.

CSCug59729
Symptom: An ASR1001 may reload when used as a hub in a scaled DMVPN environment.
Conditions: This is seen when the traffic rates approaches the limit of the encryption capabilities of
the router.
20
OL-26698-16
CSCug65706
Symptom: Attaching performence monitor to OTV interface should be blocked.
<conf t>
interface Overlay1
otv control-group 239.1.1.1
service-policy type performance-monitor output new-policy ==> this configuration line
should be blocked.
Conditions: FAll tools avc config.

CSCug68282
Symptom: ASR1000 RP crash after software upgrade.
1#b3d7956825375323829953c9aa18e3e0 :10000000 6FCCF4 :10000000 6FD0A0 :10000000
1#b3d7956825375323829953c9aa18e3e0 :10000000 6FCCF4 :10000000 6FD0A0 :10000000
1F1D9C4 :10000000 1F227B4 :10000000 1F1C1B0 :10000000 1F3F750 Apr 20 09:53:01.402:
:10000000 1F1C1B0 :10000000 1F3F750
PC = 0x087308B4 LR =
0x08732384 MSR = 0x0002D000 CTR = 0x07DC0D60 XER = 0x20000000 R0 = 0x000000FA R1
= 0x30742CC8 R2 = 0x30085C70 R3 = 0x00000000 R4 = 0x00006908 R5 = 0x00000006
R6 = 0x00000000 R7 = 0x08730B5C R8 = 0x0002D000 R9 = 0x3007E7F0 R10 =
0x3007E7F0 R11 = 0x30742CA0 R12 = 0x08732384 R13 = 0x18456078 R14 = 0x11F3F604 R15
= 0x00000000 R16 = 0x00000000 R17 = 0x00000000 R18 = 0x00000000 R19 = 0x00000000
R20 = 0x00000000 R21 = 0x1630C7D8 R22 = 0x18BDAA28 R23 = 0x18BDAC70 R24 =
0x18BDB3B8 R25 = 0xAB1234AB R26 = 0xAB1234CD R27 = 0x30742E58 R28 = 0x3AFDF4E0 R29
= 0x30742CE0 R30 = 0x0886A7AC R31 = 0x00000006
========= Start of Crashinfo
Collection (09:53:01 UTC Sat Apr 20 2013) ========= For image: Cisco IOS Software,
IOS-XE Software (PPC_LINUX_IOSD-ADVIPSERVICESK9-M), Version 15.2(4)S1, RELEASE
SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c)
1986-2012 by Cisco Systems, Inc. Compiled Sat 06-Oct-12 11:55 by mcpre
Uptime =
00:02:51
Conditions: Device configured with SBC with interchassis redundancy.

redundancy mode none application redundancy
group 1
name ECS
preempt
priority 150 failover threshold 100
timers delay 100
control Port-channel30.8
protocol 1
data Port-channel30.9
track 1 decrement 200
protocol 1
name BFD
timers hellotime msec 250 holdtime msec 1000.
Workaround: Do not setup B2B redundancy between XE36(or older) and XE37(or later).
CSCug73374
OL-26698-16
21
Symptom: ASR 1001 prints following error messages and crashes: % Internal error: Connection to
peer process lost %MCP_SYS-0-ASSERTION_FAILED: SIP0: cmcc: Assertion failed: Assertion
failed: cman/cc/./src/cmcc_util.c:322: "bay < cmcc_max_spas_per_cc()".
Conditions: Issue show platform hardware subslot 0/3 plim statistics command in CLI.
Workaround: Not issuing show platform hardware subslot 0/3 plim command will avoid this
problem.
CSCug73476
Symptom: Customer is running a CME environment with Cisco 2901 Series Router. Once or twice
every week during high call volume, the soft key such as Transfer and End Call stops responding.
Conditions: Once phone sends EndCall soft key (0x26) to CUCME, the CUCME does not send
CallState (0x111), CloseReceiveChannel (0x106), and StopMediaTransmission (0x8B) to phone.
Therefore, the call is not terminated.
Workaround: After pressing TRANSFER soft key, do not abort the transfer by pressing the Abort
soft key.
CSCug81259
Symptom: During configuring performance monitor, and when the registration to CFT fails, the
router crashes.
Conditions: FAll tools AVC configuration.
CSCug82610
Symptom: NAT translations could be stranded on the standby with NAT B2B and AR configuration.
Conditions: NAT translations could be stranded on the standby with timeout of zero.
Workaround: During a MW or downtime, execute the clear ip nat trans command on the active box.
CSCug86082
Symptom: No media forwarded or media dropped for Reprocess limit exceeded.
Conditions: When all the following conditions meet, this bug will show up:
The call is setup as NAT call.
Media is received before offer or answer is completed.
The call is modified to hairpin with other calls both on two sides.
Workaround: The following workarounds are possible:

Disable NAT.
Do not send media untill offer or asnwer is completed.
CSCug86085
Symptom: SBC SRTP ucode crash when doing srtp-rtp interworking.
Conditions: It seems this can happen in hairpined SRTP calls, though not able to reproduce in the
lab. The test scenario is: rtp----SBC-----SRTP--------SBC-------rtp
CSCug92464
Symptom: NAT timeout when used with port command does not work as expected.
22
OL-26698-16
Conditions: IP NAT translation port-timeout tcp <port #> <timeout value> Above CLI with ip nat
translation tcp-timeout timeout value is used.
Workaround: Make use of just ip nat translation tcp-timeout timeout value command.
CSCug97705
Symptom: Configured PPTP Timeout is not taking effect on Translations for PPTP ALG.
Conditions: Sending Traffic for PPTP-ALG.
CSCuh06849
Symptom: Fragmented PPTP ALG traffic may not be processed as expected.
Conditions: Fragmented PPTP ALG traffic may be dropped, with NAT PAT configuration.
Workaround: Turn off PPTP ALG if not required.
CSCuh09451
Symptom: Exception to IOS Thread: UNIX-EXT-SIGNAL: Segmentation fault(11), Process = SBC
main process.
Conditions: There is no workaround.
CSCuh11874
Symptom: The ASR1002-X Router reloads with core file reporting
CGI_CSR32_CGI_OTHER_LEAF_INT__INT_ECSR_PROTOCOL_ERR interrupt.
Conditions: Only applies to the ASR1002-X Router. This software error is fixed in the IOS XE3.7.4,
XE3.9.2, XE3.10.0 and later releases.
CSCuh12779
Symptom: The ASR1k does not reply to IPv6 ping packets sent to its LISP IPv6 EID address, when
these are received over a LISP IPv4 RLOC space.
Conditions: This condition only applies to ICMPv6 echo reply packets, that are generated on the RP,
and received over an IPv4 RLOC core. Pinging other IPv6 hosts in the LISP site works fine. The
reply is generated on the RP, but dropped before it leaves the box.
CSCuh17401
Symptom: NAT pool exhaustion with addresses with 0 refcount.
Conditions: This condition occurs while running NAT ALG and when port allocation failure occurs.
Workaround: To recover, execute clear ip nat trans command in off hours (as this is disruptive
operation).
CSCuh18253
Symptom: GTPv2 message with invalid IMSI is not dropped.
Conditions: Invalid IMSI is used.
CSCuh32165
Symptom: CVLA memory is not released. Check FNF_AOR CVLA for memory usage. show
platform hardware qfp active infrastructure cvla client handles <snip>
OL-26698-16
23
Entity name: FNF_AOR Handle: 2344906752 Number of allocations: 176 Memory allocated:
14144 <snip> show platform hardware qfp active feature fnf datapath aor <snip>
Extracted Field objects
Alloc
1200
0
Free
100 <snip>
Conditions: AVC with IPv6 protocol.

CSCuh48261
Symptom: Tunnel entry are deleted together.
Conditions: Primary PDP context and secondary PDP context. tear down ind is 0 in delete PDP
context request.
CSCuh48747
Symptom: Multiple NAT entries are created.
Conditions: UUT is configured with PAT with route-map.
CSCuh59216
Symptom: Dedicated bearer is failed to be setup.
Conditions: Dedicated bearer.
CSCuh71310
Symptom: Modify bearer response is dropped.
Conditions: Control plane teid in modify bearer request is changed from teid in create session
request.
CSCuh73986
Symptom: DNS response get dropped with no-payload being configured and NAT FW.
Conditions: Configure NAT FW (DNS inspect), send DNS query from inside, server then reply to
the response.
CSCuh91266
Symptom: VTCP is not robust enough when it receives TCP segments with abnormal sequence ID.
This may result in FP crash. We observed a TCP packet much older than the current window on
customer network.
Conditions: Abnormal sequenced TCP segments are received when VTCP buffering current flows.
CSCuh98929
Symptom: IFNF supports a single L3 byte counter for a connection. There are no separate counters
for connection between the client and server. This fix adds client and server counters.
Conditions: The following commands are supported: flow record test and collect counter bytes
long end
24
OL-26698-16
With this fix, two additional counters can be collected: flow record test and collect counter bytes
long collect connection client counter bytes network long collect connection client counter bytes
server long end

Release 3.9.1S

3.9.1S
This section documents the unexpected behavior that may be seen in Cisco ASR 1000 Series
CSCtl55445
Symptom: CUBE logs the following message: %SIP-3-INTERNAL: Cannot insert call history
entry for callID.
Conditions: Calling party cancels call before connection. The following is an example:
INVITE
--------------->--------------->
<--------------<---------------CANCEL
180 Ringing
---------------->--------------->
<----------------<-----------------
100 Trying
<--------------<---------------200 OK
<------------------<---------------
ACK
CSCts95896
Symptom: The router does not pass traffic on EVC interfaces.
Conditions: Occurs when you issue the default interface command to remove a configuration
containing approximately 400 EVC interfaces and immediately enter a new EVC configuration.
Workaround: Wait for the router to clear pending objects before adding a new configuration.
CSCtx72973
Symptom: Config-sync failiure is seen when unconfiguring the crypto gdoi group.
Conditions: Seen on HA setup.
CSCtx99353
Symptom: The following error message appears: %SYS-3-INVMEMINT: Invalid memory action
(malloc) at interrupt level.
This error message can lead the device to crash.
OL-26698-16
25

Workaround: Remove the route list from Multicast MOH CLI so that Cu can still have music on hold
and can continue the feature. Alternatively, disable MOH (no Music comes on hold).
CSCty24937
Symptom: TCAM exhaustion and FP crash with IDFW scale > 300 class-maps on 2ru or rp1/rp10
box.
Conditions: None.
CSCua28807
Symptom: NHRP redirect message is getting dropped at FlexServer's Tunnel Interface which results
in direct spoke-spoke tunnel failure.
Conditions: Whenever there is a data traffic initiated from spoke1's host network to remote spoke's
host network.
Workaround: There is no workaround. However the data traffic will be successful through hub, even
though the direct spoke-spoke channel is not ps.
CSCua90097
Symptom: flexVPN client ikev2 sa stuck at IN-NEG with status description: Initiator waiting
for AUTH response.
Conditions: flexVPN server initial clear crypto session command to clear 4K crypto
sessions. After crypto session recovered, there is 1 ikev2 sa at flexVPN client
stuck at IN-NEG status. At flexVPN server, there is no ikev2 peer, 172.4.234.1.
Client: 2ru-2#sh crypto ikev2 sa local 172.4.234.1 det
Load for five secs: 12%/1%; one minute: 9%; five minutes: 9%
Time source is NTP, 11:49:38.299 PDT Thu Jul 5 2012
Tunnel-id Local
Remote
172.4.234.1/500
172.255.255.252/500
fvrf/ivrf
Status
none/none
IN-NEG
Encr: AES-CBC,
keysize: 256,
Hash: SHA512, DH Grp:5,
Auth sign: PSK, Auth
verify: Unknown - 0
Life/Active Time: 86400/0 sec
CE id: 50798, Session-id: 0
Status Description: Initiator waiting for AUTH response
Local spi: 7E92CB576E3BC65B
Remote spi: 01B87002CE230A4A
Local id: 2ru-2-1000.cisco.com

Remote req msg id: 0
Remote id:
Local req msg id:
Local next msg id: 2
Remote next msg id: 0

Remote req queued:
Remote window:
NAT-T is not detected

of SA : Yes
Local req queued:
Local window:
DPD configured for 0 seconds, retry 0

Cisco Trust Security SGT is disabled
Initiator
2ru-2#
Workaround: flexVPN client is able to use the clear crypto ikev2 sa psh <index> command to
delete stuck ikev2 sa.
CSCub29339
Symptom: FP10 crashes with v6GRE configured and IPv4 multicast traffic.
Conditions: FP10 crashes with v6GRE configured and when IPv4 multicast traffic is passed.
CSCuc84675
26
OL-26698-16
Symptom: ASR1k crash.

Conditions: Billing enabled.
CSCuc97950
Symptom: Performance drop with MPLSoGRE.
Conditions: Performance drop with MPLSoGRE.
CSCud24378
Symptom: Traffic rate verification fails.
Conditions: After QoS configuration changes.
CSCud50029
Symptom: TX drops seen on LSMPI driver show platform software infrastructure lsmpi driver. The
reason for the TX drops (sticky) is: Bad packet len: 0 Bad buf len: 0 Bad ifindex: 0 No device: 0 No
skbuff: 0 Device xmit fail : 663 <<<<< ......
CSCud71871
Symptom: High CPU on ASR hub on scale setup.
Conditions: Scale set up with 4 K DMVPN session.
CSCud75278
Symptom: ATM event trace is holding too many memory (about 16 MB) even if ATM feature is not
enabled.
Conditions: Router is active.
Workaround: Change the event trace size manually to a small value:
infra-asr1001-4(config)#monitor event-trace platform atm size ?
<1-1000000> Number
of entries in trace.
CSCud78578
Symptom: RP crashes after FP switchover.
Conditions: FP(FP80) reload with qos configs and traffic flowing in the background.
CSCud88483
Symptom: In GETVPN and IPSEC redundant configuration combination, if secondary group
member is reloaded in the topology, it causes TEK registration of the group member is lost once the
router comes back up and HSRP does state transition to standby.
Conditions: GETVPN with IPSec Redundancy configuration.
Workaround: Wait for next rekey or issue clear crypto gdoi.
CSCue12146
OL-26698-16
27
Symptom: APN active PDP counter may show incorrect values in cases where PDP(s) fails to be
properly activated. If APN default gateway is configured with an address outside the GGSN session
IP Address pool subnet, a GTP session cannot be initiated. APN active PDP counter will be
incremented even though no sessions are established as seen in the following:
Router#sh gtp apn 1
: 89.0.0.1
apn_index
Lease: 1800 Tunnel MTU

APN : 10
MAC Address
: 1
apn_name = 3gp.cisco.com GGSN Addr
Primary DNS : 0.0.0.0
DHCP Addr
: 1460 IPv6 prefix len
<<<<<<<<<<<<< INVALID COUNTER Default GW

PDP Count 12.0.0.1
: 12.0.0.1
DHCP
: 64 Number of active PDPs in this

Prefix Length Name
16
aaaa.bbbb.cccc
0 Router#sh gtp pdp all Router#sh sss session %No active Subscriber Sessions Router#
Conditions: There are no known conditions.

CSCue14586
Symptom: After reload, system may not be able to bring up all ipsec tunnels at high scale (1k) group
members.
Conditions: ASR1K with GETVPN, 1k group members.
Workaround: Issue clear crypto gdoi to force re-registration and rebuild of tunnels.
CSCue34749
Symptom: SIP Crashes on RP switchover.
Conditions: Issue is seen in scale setup.
Workaround: Reload SIP.
CSCue35100
Symptom: Performance drop is seen in IPv6 multicast related feature.
Conditions: In RP2/ESP40.
CSCue48456
Symptom: Call is disconnected through CUBE.
Conditions: Occurs on a video call where a mid-call re-INVITE occurs to modify the media stream.
CSCue50255
Symptom: ucode crashes at REM_REM_MISC_ERR_LEAF_INT_INT_REM_POP_REQ_TO_EMPTY_SCHE
Conditions: On flapping multilink interfaces
CSCue50484
Symptom: Crypto Tunnel Socket remains open after shutting the tunnel interface.
Conditions: Dual-DmVPN with ike-profile on the tunnel interface.
CSCue53562
Symptom: Crypto Tunnel Socket remains open after shutting the tunnel interface.
Conditions: Dual-DmVPN with ike-profile on the tunnel interface.
28
OL-26698-16
CSCue65190
Symptom: FP crash.
Conditions: Sending traffic at high rate and performing bpa configuration change.
Workaround: Send traffic at low rate.
CSCue69527
Symptom: More than 95 SCCP controlled FXS ports cannot be configured on Cisco VG350. The
debug output for debug ccm-manager config-download errors is as follows:
VG350 using CUCM.
CSCue80506
component.
Conditions: DMVPN, NHRP, QOS.
CSCue88077
Conditions: This issue is seen for SIP-H323 calls at 50 CPS in CUBE(Ent) configuration.
CSCue91054
Symptom: ESP Crashes when sending IPv6 fragmented traffic through dmvpn hub(mgre tunnel).
Conditions: This happens when sending big IPv6 packets (need to do IPv6 fragmenation after
adding tunnel header) traffic through dmvpn hub(mgre tunnel). Large amout of IPv6 fragment traffic
(example: 5G on ESP20) which exceeds reassembly performance number (less than 2G).
Workaround: Change mtu to avoid IPv6 fragmentation.
CSCuf65537
Symptom: Crash with CAC with Contact center call flow.
Conditions: Crash is observed with CAC configurations and 40 cps call rate:
UNIX-EXT-SIGNAL: Segmentation fault(11), Process = RSCCAC CALL DENIAL SCAN
-Traceback= 1#0ac7b601f45270393178c559213c70ba
:400000 344C0D0 :400000 699DCD1
:400000 344C43B :400000 344C386 :400000 344C6B0 :400000 699D248.
CSCuf66382
Symptom: 90% CPU utilization by crypto IKMP process on primary KS server with scale setup.
Conditions: The topology is 2KS ( primary is Overlord and secondary is ASR 1004) with 10 groups
and 100 GMs register per group for a total of 1000 GMs.
CSCuf74266
OL-26698-16
29

CSCuf82128
CSCuf85233
Symptom: ESP core was found after sh debug execution was done immediately after reload.
Conditions: ESP process is down.
Workaround: Delay of approximately 60 seconds is required without any interruption.
CSCuf96663
Symptom: Memory leaks seen with Smap-Dmap scale scenario, 4K sessions.
CSCuf96673
Symptom: Memory leaks seen with Smap-Dmap scale scenario, 4K sessions.
CSCug04450
Symptom: PfR fails to control traffic classes with subnet mask greater than the length of the prefix.
Conditions: The issue is seen with default prefix length or when the prefix length is configured.
Workaround: Configure aggregation type as BGP instead of prefix length.
CSCug19588
Symptom: IKEv2 TPS performance degradation over time.
Conditions: This occurs in the lab under extreme test conditions with traffic running during session
bring-up.
Workaround: Reduce traffic and or reduce session bring-up rate.
CSCug21859
Symptom: ASR1k crashes on receiving broken packet with NBAR configured on the NAT interface.
Conditions: ASR1k DNS packet coming (broken at L4 header), NBAR configured (match protocol
dns), NAT with vasi interfaces.
CSCug27362
Symptom: Packet drop occurs.
Conditions: Packet drop occurs when IPSEC VTI IPv6 tunnels are configured on an ESP100/FP100 .
The following message appears: %IOSXE-3-PLATFORM: F1: cpp_cp: QFP:0.1 Thread:207
TS:00000001059562400712 %ATTN-3-SYNC_TIMEOUT: msecs since last timeout 1035639,
missing packets 6040
30
OL-26698-16
Workaround: Remove the IPSec configuration between the tunnels.
CSCug28249
Symptom: On enabling NAT inside on a ASR router with 10 Gigiabit Ethernet interfaces, the ESP
crashes. The packet in question is a DNS packet. The time between enabling NAT inside and from
when the ESP crashes may vary depending on traffic conditions.
Conditions: NAT must be enabled inside.
CSCug34404
Symptom: RP_Crash seen at be_interface_action_remove_old_sadb
Conditions: While unconfiguring the 4K svti sessions after the HA test.
CSCug39612
Symptom: BDI interface stops forwarding traffic as seen in the output of show interface bdi
<number>
Conditions: After creating 20 to 50 BDIs (approximately), BDI interface stops forwarding traffic.
Workaround: Reload the router. However, the issue will be seen once in every 24 to 48 hours.
CSCug42528
Symptom: ESP stops forwarding traffic with following error messages:
Mar 26 17:11:38.504 UTC: %IOSXE-2-PLATFORM: F0: cpp_cp: QFP:0.0 Thread:089
TS:00006032009661609351 %HAL_PKTMEM-2-OUT_OF_RESOURCES:
Mar 26 17:12:38.536 UTC:
%IOSXE-2-PLATFORM: F0: cpp_cp: QFP:0.0 Thread:019 TS:00006032069706815681

%HAL_PKTMEM-2-OUT_OF_RESOURCES:
Mar 26 17:13:38.907 UTC: %IOSXE-2-PLATFORM: F0:
cpp_cp: QFP:0.0 Thread:107 TS:00006032130075669937 %HAL_PKTMEM-2-OUT_OF_RESOURCES:

Mar 26 17:14:38.987 UTC: %IOSXE-2-PLATFORM: F0: cpp_cp: QFP:0.0 Thread:103
TS:00006032190158892360 %HAL_PKTMEM-2-OUT_OF_RESOURCES:
Mar 26 17:15:43.939 UTC:

%HAL_PKTMEM-2-OUT_OF_RESOURCES:
Service was recovered after the router reload,
however monitoring shows a stable trend in PKTMEM utilization:
stj-core-r01#sh
platform hardware qfp active bqs 0 packet-buffer utilization Packet buffer memory
utilization details:
KB
Utilization:
Out of Memory (OOM)
Total:
128.00 MB
68 %
:
125.44 MB, Status: False
Used :
87.65 MB
<--------- rising constantly

Out of Resource (OOR)
Free :
Vital (> 98%)

:
41322.50
Threshold Values:
:

CSCug45740
Symptom: Latency on high priority flows coming on onboard Gigabit Ethernet interfaces when the
system is oversubscribed.
Conditions: ISR4400 platform.
CSCug45840
Symptom: Cisco ASR1000 routers do not detect spurious memory accesses.
OL-26698-16
31
Conditions: This symptom occurs when a bug is present that causes a read from the lowest 16 KB
of memory.
CSCug48145
Symptom: ASR DTMF interworking failed after re-invite with block configured.
Conditions: DTMF with different preferences configured results in this issue.
CSCug50397
Symptom: PLATFORM_INFRA-5-IOS_INTR_OVER_LIMIT IOS thread disabled interrupt for 33
msec -Traceback= 1#37814e8bffa827ad4b7cd9006e6e91fa :400000 89DB43 :400000 3EFB074
:400000 3EFB84A :400000 27D65B3 :400000 27B9697 :400000 731F4F9 :400000 4E17047
:400000 2579B62 :400000 256B14B :400000 2568FDE
Workaround: Reload the router to accept any CLI command.
CSCug52953
Symptom: Reload of QFP occurs with 1 of the following backtraces.
Driver Interrupt: DPE5_CPE_CPE_DPE_INT_SET_0_LEAF_INT_INT_S4_WPT_ERROR
BackTrace #0 hal_abort () at
/scratch/mcpre/BLD-BLD_V153_3_S_XE310_THROTTLE_LATEST_20130428_224613/cpp/dp/ha
rdware/cpp/hal/hal_logger.c:81 #1
0x8032998a in tw_fire_timer_events () at
/scratch/mcpre/BLD-BLD_V153_3_S_XE310_THROTTLE_LATEST_20130428_224613/cpp/dp/in
fra/logger.h:207 #2
0x8032a4bc in time_process_timer_hb () at
/scratch/mcpre/BLD-BLD_V153_3_S_XE310_THROTTLE_LATEST_20130428_224613/cpp/dp/in
fra/time.c:837 ...
Conditions: These type of cores can appear under various conditions. The particular CDETs only
address when this condition occurs after unconfiguring NAT PAP mode. This includes changing PAP
or BPA configuration.
Workaround: After unconfiguring PAP, it is recommended to reload the box which is more desirable
than an uncontrolled reset.
CSCug53833
Symptom: Minor memory leakage at QuantumFlow Processor (QFP), caused by MMA.
Conditions: When configuring and un-configuring performance monitor (MMA).
CSCug56212
Symptom: GTPv1 traffic CPP crashed caused by writing protected memory
Conditions: Landslide LinuxTC ASR5K GGSN LinuxTC introduced packet delay, drop,
reproduced, corrupt, reorder between GTP AIC and GGSN. During the GTPv1 traffic, CPP crash is
expected, which is caused by protect memory writing.
CSCug56942
For MOSCqe alert clear trap, CUBE should not sent CurrentLevel Varbind, but should send
32
OL-26698-16
Conditions: When CUBE SP generates voice quality alerts.

Workaround: The code fix is included in 15.2(4)S4. Manually clean the alarm at CUOM after root
cause is rectified, if earlier CUBE version is used.
CSCug65706
Symptom: Configuring MMA on an Overlay Transport Virtualization (OTV) interface may cause a
CPP Ucode crash.
Workaround: Do not configure MMA on an OTV interface.
CSCug70875
Symptom: Active FP/ESP crashes causing switchover to standby.
Conditions: AVC/CFT configurations being tested on the box.
CSCug73700
Symptom: Failed to do ISSU in CC/SPA upgrade. MDR compatibility verification fails stating target
version is the same as the running version, as shown below:
Starting mdr compatibility verification Non-upgrade MDR ISSU operation from [X] to
[X] is not supported for CC in slot [n] As SIPn does not support MDR none of the SPA's
within in may be upgraded using MDR FAILED: MDR compatibility failed
Conditions: ISSU with Subpackage MDR only. Not applicable to superpackage MDR.
Workaround: Specify elc images at the same time as sipbase and sipspa packages.
CSCug76838
Symptom: RP crashed multiple times due to SBC main process.
Conditions: UNIX-EXT-SIGNAL: Segmentation fault(11), Process = SBC main process.
Observed in 15.2(1)S version.
CSCug77212
CCSIP_SPI_CONTROL when sip headers are manipulated using a sip profile for 200 response
Conditions: Crash seems to be happening due to SIP profiles configs being wrongly applied to
Notify response (this profile was meant for 200 OK Invite response).
Workaround: Do not configure sip profiles to manipulate the headers for 200 responses.
CSCug78153
Symptom: Traffic drops seen with FTP NAT PAP mode.
Conditions: with FTP NAT PAP configured on BOX.
CSCug79517
Symptom: Router crashed due to software exception.
CSCug82494
OL-26698-16
33
Symptom: BGP session with neighbor flaps.

Conditions: Occurs when BGP and WCCP configured at the same time.
Workaround: Configure deny tcp any any at the end of redirect ACL list.
CSCug84557
Symptom: CUBE SBC does not forward mid-call Re-INVITE in a glare condition.
Conditions: In a glare condition where both legs of a SIP call through the SBC and sends in
Re-INVITE within 100ms of each other. Instead of forwarding the first arriving Re-INVITE to the
other leg and then rejecting the other with a 491 Request Pending response, SBC does not forward
either of the Re-INVITE and gets into a deadlock condition leading to no audio and eventually call
tear down.
CSCug88265
Symptom: Memory leak in [pfr_config].
Conditions: Performance Routing (PFR) is configured on the router.
CSCug91165
Symptom: ESP may reload when switching classic to cgn mode.
Conditions: ESP may reload when switching classic to cgn mode with traffic.
CSCug91447
Symptom: Taildrop in UUT.
Conditions: Perform SPA OIR in UUT configured with one multilink bundle.
CSCug92878
Symptom: The ESP may crash when activating and deactivating NBAR in a fast long cycle.
The ESP log (cpp_cp_F0.log) contains the following error message:
add feature to instance - feature 'STILE' already exists in instance 'GLOBAL_CFT'
Conditions: The crash is seen on version v153_2_s_xe39_throttle, when an implicit/explicit fast

automatic cycle of NBAR is activated/deactivated.
The chance of an ESP crash occuring in a common case scenario is very rare as it depends on timing.
Therefore, different platforms may exhibit different scenarios.
CSCug96781
Symptom: QFP crash.
Conditions: TC is used.
34
OL-26698-16

Release 3.9.1S
Release 3.9.1S.
CSCtg13667
Symptom: Packet_Too_Big (type 2, code 0) and Destination Unreachable Administratively (type 1,
code 1) is not sent back if packets are hitting MTU checking or ACL deny on egress interface.
Conditions: Issue is observed on ASR1k running 15.0(01)S code.
CSCts83413
Symptom: While configuring Classic Netflow to export records to a user specified VRF, the user
configuration can get out of sync or be invalid such that the QFP Processor does not have the same
VRF information as is present in the IOS configuration. Thus, the configuration is out of sync and
Netflow export does not function.
This symptom may also be observed while configuring Flexible Netflow.
Conditions: Multiple cycles of VRF configuration as well as multiple cycles of Netflow export
destinations have taken place. The IOS configuration was to export to a particular VRF (for
example: VRF "BLUE"), while the QFP processor had a configuration to export to the default VRF.
Workaround: To restore Netflow export fucntionality, unconfigure the Netflow export destination
and reconfigure it.
CSCty59423
Symptom: Memory leak at IPIP channels.
Conditions: The conditions are unknown. The following is a sample error message that appears:
Alternate Pool: None
Free: 0
Cause: No Alternate pool
-Process= "VOIP_RTCP", ipl=
0, pid= 299 -Traceback= 0x25B1F0Cz 0x25AB6CBz 0x25B1029z 0x46C02Ez 0x46C89Bz

0x46BCC2z 0x471D12z 0x43EF59Ez 0x43DD559z 0x43DCF90z %SYS-2-MALLOCFAIL: Memory
allocation of 780 bytes failed from 0x46C02E, alignment 32
CSCub79487
Symptom: Traffic flow is not fine with Fragementation.
Conditions: None.
CSCuc11849
Symptom: Packets of smaller lengths (less than 100 Bytes) may be dropped occasionally when a
shaper is configured.
Conditions: This issue occurs when a shaper is configured on CSR1000V and traffic consisting of
smaller packet lengths (less than 100 Bytes) are sent below the configured shape rate.
CSCuc31339
Symptom: An error message similar to the following appears:
R0/0: linux_iosd-image: Socket event for
%ASR1000_INFRA-3-EOBC_SOCK:
EO0, fd 16, failed to send 1472 Bytes;
Resource temporarily unavailable.
OL-26698-16
35
Conditions: Large number of feature configurations exist.

CSCuc59979
Symptom: The ASR drops the original media stream before the mid call is acknowledged. After the
FAX negotiations fail, the ASR does not return/continue to the original media characteristics.
Conditions: Voice to Fax switchover and remote end point do not support fax, so it responds with
488. CUBE does not update call type to voice after 488.
CSCud19536
Symptom: A short AVC2.0 downtime is experienced after modifying the AVC2.0 configuration.
Conditions: The symptom is observed when removing the media filters on the class-map, thus
allowing more traffic to reach the monitor.
Workaround: Leave the configuration as is, or do not broaden the media filters.
CSCud29930
Symptom: A Cisco ASR1002-X with built-in SPA may record runts on its Gigabit Ethernet
interfaces when using a SFP-GE-T (copper). This issue is not seen with an SFP-GE-S (fiber).
Conditions: This issue occurs for any frame that requires Ethernet padding to be added to make it
64 Bytes.
CSCud34173
Symptom: Many statistics shown by the Entreprise Service Gateway crypto engine are zero and
these are not relevant to crypto engine in ISR4400. This is due to the reason that there is no separate
Hardware crypto engine on the ISR4400 platform for encrypt/decrypt operations. The Data plane
processor executes the encrypt/decrypt functions using software in addition to other feature software
execution. The Control plane has hardware support for general crypto operations (such as getting
Random number and ModExp operations).
Conditions: IPSEC is in use.
Workaround: There is no workaround to see the aggregate statistics for the encrypt/decrypt
operations performed by software in Data Plane processor.
The following counters in the output of show platform hardware crypto-device statistics display
these statistics. The remaining statistics in the output of this command (which are shown as 0) must
be ignored: PROCESSED(P)
:
27374510, PROCESSED(B)
:
0
ENCRYPTED(P)
DECRYPTED(P)
PURPOSE(P)
13686332, ENCRYPTED(B)
13688119, DECRYPTED(B)
:
:
0 , GEN. PURPOSE(B)
1204397216
930792092
GEN.
0
CSCud56611
Symptom: Traffic flow fails with VRF aware IPSec while using crypto maps.
Conditions: VRF configuration on the iskamp or ikev2 profile is changed.
Workaround: Remove and re-apply crypto map on the interface.
CSCud64870
Symptom: DMVPN hub ASR1004 may crash after fetching CRL from MS CRL server.
36
OL-26698-16
Conditions: The crash happens when there are five CDPs for the hub router to fetch the CRL. Given
that there are multiple CDPs, the hub router fetches CRL in a parallel way, which then lead to a crash
under a timing issue.
Workaround: Setting up only one CDP instead of multiple CDPs avoids the timing condition which
leads to the crash.
CSCud67112
Symptom: The IPv6 traffic with nbar protocol may not be classified correctly.
Conditions: When nbar protocol is configured with IPv6.
CSCud67653
(nonoperational) when CLI sensor reports no reading. No reading is seen from output of show
hw-module subslot all sensors.
Conditions: This bug is specific to 1RU (ASR1001) built-in spa 4X1GE.
Workaround: Possibly, filter entSensorStatus value within customer NMS application.
CSCud70629
Symptom: Incremental memory leaks are seen at IPSec background proc.
Conditions: This symptom is observed with clear nhrp cache.
CSCud81272
Symptom: When receiving a huge DNS response, the DNS ALG might stop translating, with the
response tranparent to the final client.
Conditions: When one single huge response consumes all init DNS pool entry (1024) and greater.
1. Config the NAT.
2. Send dns query response > 12k (vtcp).
3. Check messages.
CSCud90061
Symptom: When executing a route processor (RP) switchover, the console CLI may display an error
message beginning with CPPOSLIB-3-ERROR_NOTIFY. This symptom does not affect functionality and
does not require any action to be taken.
Conditions: Can occur when executing a route processor (RP) switchover and does not impact any
functionality.
CSCud99438
Symptom: With VRF-lite config and permit ip any any, incoming traffic is dropped.
Conditions: Different VRFs and permit ip any any.
OL-26698-16
37
CSCue04941
Symptom: When CSR1000v is being used as a VPN gateway and BFD session, the number of stable
BFD sessions is lower than expected.
Conditions: When CSR1000v is being used as a VPN gateway and BFD session, the number of
stable BFD sessions is lower than expected.
CSCue06116
Symptom: VG350 gateway crashes when the configuration file is downloaded from CUCM. This
occurs when the VG350 has 144 ports configured.
Conditions: The VG350 supports a maximum of 144 FXS ports. Configure MGCP control and
download configuration from CUCM, gateway crashes.
Workaround: Use no ccm-manager config to stop the config download from CUCM.
CSCue22731
Symptom: WCCP service cannot work.
Conditions: Two services are configured in same interface, and then one service is deleted while the
other is inactive.
Workaround: Do not remove service from interface when the other is inactive.
CSCue22764
Symptom: ip wccp check acl outbound does not work on Ultra/Overlord.
Conditions: Ultra/Overlord platform.
CSCue25575
Symptom: The crash is observed for SDP pass through or call forward or anti-trombone cases.
Conditions: The crash is observed for a basic call involving SDP pass through call forward
anti-trombone cases.
CSCue34694
Symptom: 2921 Router crashed after receiving 486 Busy.
Conditions: Observed when handling 486 Busy response.
CSCue35533
Symptom: Ping fails with security applied and IKE disabled.
Conditions: This symptom is observed when the Cisco IOS Release 15.3(1.15)T image is loaded.
CSCue36387
Symptom: When IPv6 crypto is applied, the inbound interface counters associated with the crypto
configuration are not updated correctly. There is no problem with the functionality but the counters
are incorrect.
Conditions: Problem seen with interface input counters when using IPv6 crypto.
38
OL-26698-16
CSCue37523
Symptom: When IOS is a IPSEC QM (Quick Mode) responder for ipsec, and if it receives QM1
packet from Call Manager with missing ID payload, the packet is processed, but QM2 packet is not
sent to the Call Manager. It works fine when IOS is the initiator of QM.
Conditions: IOS Responder to QM from call manager does not send ID payload in transport mode
in QM1.
Workaround:
1. Initiate traffic from IOS router so that IOS is a QM initiator.
2. Change config of racoon client on call manager to send ID payload in QM1 as initiator
(support_proxy on).
CSCue40138
Symptom: sip parse error in case of retransmission.
Conditions: tcp retransmission with segments.
CSCue41031
Symptom: Exta IPsec flow is shown in the show crypto session output.
Conditions: This symptom is observed with the Cisco ASR 1000 RP1 FlexVPN Client.
CSCue45952
Symptom: Retransmitting phase 2 QM_IDLE seen in debugs and Phase2 information is resent
after successful IPSec tunnel establishment, causing tunnel teardown.
Conditions: Seen only if the following conditions are met:
Certificate authentication is used
There is no traffic on the tunnel
This DDTS is exposed by the commit of DDTS CSCua36739.

Workaround: Generate traffic, for example via IP SLA. All the branches where the fix for
CSCua36739 is published, need this fix as well.
CSCue46222
Symptom: When CSR1000v is used as a VPN gateway and has zone based firewall with AVC
configured, the NDR value for 72 Byte packets is lower than expected.
Conditions: When CSR1000v is used as a VPN gateway and has zone based firewall with AVC
configured, the NDR value for 72 Byte packets is lower than expected.
CSCue46664
Symptom: Packet drop may be observed during IP security (IPSec) rekey, in high scaling
deployment.
Conditions: This symptom is observed on a Cisco ASR1000 series router when functions as IP
Security (IPSec) termination and aggregation.
OL-26698-16
39
CSCue47463
Symptom: Certain ASR1K platform-specific CLI commands are accepted on the console, but a not
supported message is displayed.
Conditions: This issue is seen with on ISR4400 routers.
CSCue47940
Symptom: ip mtu value 1390 configured in running-configuration and startup-configuration. But
after a reboot, its value was changed to 1438.
Conditions: After a reboot.
CSCue48143
Symptom: BQS feature is not supported on ISR routers, therefor BQS show commands do not
provide any output. Example: ISR4451#show platform hardware qfp active bqs 0 cif
ISR44515#show platform hardware qfp active bqs 0 fif ISR4451#show platform hardware qfp
active bqs 0 gif ISR4451#
Conditions: None.
Workaround: Ignore BQS commands, as BQS feature is not supported on ISR4451.
CSCue48243
Symptom: Undefined event is displayed instead of an event related to registration.
Conditions: Seen when show monitor event gdoi registration all CLI is executed.
CSCue51792
Symptom: ASR 1002-X is causing VPN_HW-1-PACKET_ERROR on its IPSEC peer.
Conditions: This was observed only for ASR1002-X for crypto map based tunnels, with tunnel
keepalive enabled on the peer, and esp-3des as encryption mechanism. Only the GRE returning
keepalive seems to be affected; the rest of the traffic is unaffected.
Workaround: Use one of the following:
Disable gre keepalives on the peer.
Use AES instead of DES as encryption mechanism.
Move towards tunnel-protection-based design instead of cryptomap, and use IPSEC/IKE
keepalives instead of GRE keepalives.
CSCue52065
Symptom: With WCCP configured, when you replace the configuration, you get get continuous
traceback on the console at fman_wccp_aom_batch_begin.
Conditions: Race condition when WCCP interface / WCCP ACL are configured in several
miliseconds.
CSCue53207
40
OL-26698-16
Conditions: Records can collect derived fields; calculating derived fields is dependent on the
values of other fields. The fields listed below are incorrectly defined as derived and dependent on
other fields. When a record contains one of these fields and does not include its dependent fields,
the record is punted to the route processor (RP) to complete the record processing. Punting these
records might lead to record loss.
connection delay application sum is dependent on:
connection delay response to-server sum

connection server response sum
connection delay application min is dependent on:
connection delay response to-server min

connection delay application max is dependent on:
connection delay response to-server max

connection delay response client-to-server sum is dependent on:

connection delay response client-to-server min is dependent on:

connection delay network to-server min.
connection delay response client-to-server max is dependent on:

connection delay network to-server max
CSCue59759
Symptom: When an AVC policy is assigned to a DMVPN tunnel interface, the packet count in AVC
records may be incorrect.
Conditions: Can occur when an AVC policy is assigned to a DMVPN tunnel interface.
OL-26698-16
41
CSCue61481
Symptom: After hard OIR, show inventory does not show inventory information.
Conditions: Hard OIR
CSCue63756
Symptom: FPMAN-RP memory increases when the uut flaps the interface facing the CE side.
Conditions: 8K l2tpv3 scaling event monitor.
CSCue68258
Symptom: In IOS-XE releases 15.3(1)S2 and 15.3(2)S, upon performing an RP switchover, the
following message might be displayed on the console of the newly active RP:
%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F1: fman_fp_image:
Modify not supported for FLOW-DEF:<> download to CPP failed
Furthermore, this might cause some of the features on the newly active RP to have stale objects,
which can be observed by issuing the following command:
show platform software object-manager FP active statistics
Conditions: The above message appears when Flexible NetFlow was configured on the previously
active RP.
Workaround: The only workaround available is to not do an RP switchover. However, if you do go
ahead with an RP switchover and end up in the inconsistent state noted above, you can perform one
of the following actions to bring the router back to a consistent state on the newly active RP.
Save the running configuration to NVRAM and reload the new RP.
Alternatively, if the system has dual FPs, then perform two FP switchovers successively:
1. Switch over from active FP to standby FP using redundancy force-switchover FP.

2. Switch back from standby to active using the same command.
CSCue69960
Symptom: Traceback and Queuing error for interface AppNav-Compress interface.
Conditions: Upon disabling the service context, saving config and reload.
Workaround: Upon enabling service-context, traceback is no longer seen.
CSCue71931
Symptom: Traceback is seen as soon the router reloads.
Conditions: This is an intermittent issue seen when the router reloads and at the same time WCM
sends a sync message to apply the configuration. We have 2 channels trying to apply config at the
same time.
Workaround: Reload the router again.
CSCue72258
Symptom: A Cisco ASR1000 series router cannot forward specific size of packets via L2TPv3
tunnel.
Conditions: The problem occurs only when the ping size is 1501-1503.
42
OL-26698-16
CSCue76134
Symptom: With NAT dynamic route-map configuration and HA, lower pool allocation is displayed
on the standby.
Conditions: With NAT dynamic route-map configuration and HA, you sometimes see a lower pool
allocation on the standby compared to the active. This could be caused by DNS traffic going through
the boxes.
Workaround: Perform the following:
1. clear ip nat trans
2. Turn off DNS ALG on the both active and standby boxes, if possible.
3. no ip nat service dns tcp no ip nat service dns udp
CSCue77265
Symptom: Increment memory leaks are seen at IPSec background proc.
Conditions: This symptom occurs when clear cry session is issued multiple times when bringing up
the tunnel.
CSCue82511
Symptom: The traffic-classes keeps switching between the Border Routers and PfR fails to
converge.
Conditions: The issue is seen when PfR Border Routers are deployed over different platforms.
Workaround: Use the same platform for all PfR Border Routers.
CSCue83147
Symptom: WCCP does not work properly with IPSEC/PBR/ZBF/NAT together or vice versa.
Conditions: Configured IPSEC/WCCP/PBR/ZBF/NAT in the same interface.
Further Problem Description: This defect is to track the rework of the WCCP feature so that it can
work together with IPSEC/PBR/ZBF/NAT.
CSCue85415
Symptom: For CSCue40506, KS uses 1 acl with 4 ace, and GM applies the same gdoi cm on 500
interfaces. This config creates four flows (which is expected), but around 2000 (and sometime 4000)
dummy aces.
Conditions: getvpn lisp scaling.
Workaround: Use the same platform for all PfR Border Routers.
CSCue85737
Symptom: ASR with PKI certificate may crash when issuing show crypto pki certificate.
Conditions: Issue show crypto pki certificate on ASR with pki certificate.
CSCue85737
Symptom: ASR with PKI certificate may crash when issuing <CmdBold>show crypto pki
certificate<noCmdBold> command.
OL-26698-16
43
Conditions: This symptom is observed when the <CmdBold>show crypto pki

certificate<noCmdBold> command is issued on ASR with PKI certificate.
CSCue87308
Symptom: All incoming lisp packets are dropped with cause IpLispHashLkupFailed in
overlord(ISR4400) platform.
shmcp-ovld-1#shdrop
------------------------------------------------------------------------ Global Drop Stats
Packets
Octets
------------------------------------------------------------------------ IpLispHashLkupFailed
2007
0
Conditions: Basic lisp traffic.
CSCue87883
Symptom: NAT might not release some of its ALG-related memory.
Conditions: NAT having a large memory footprint after several hours of traffic failed FTP64 ALG
traffic.
Workaround: Reload and turn off FTP64 ALG: no nat64 service ftp.
CSCue88591
Symptom: DSP error message printed on console, and crash takes place.
Conditions: DSP firmware (version:33.1.00) sends corrupted DSP error message to RP IOS, which
leads to crash:
%SPA_DSPRM-3-DSPALARM: Received alarm indication from dsp (1/0/9).
%SPA_DSPRM-3-DSPALARMINFO: 0008 0000 0080 0000 0000 0001 7F3B FEDF
%SPA_DSPRM-3-DSPALARMINFO: ;????
%DSP-3-DSP_ALARM: SIP1/0: DSP device 2 is not responding. Trying to recover DSP device
by reloading
Workaround: Downgrade to XE36, which runs firmware v. 31.1.0
CSCue89006
Symptom: SIP ALG creates PAT translation before portlist.
Conditions: This is a SIP ALG cooperation for consistency with NAT modification on defect.
CSCuc85157 for PAT. This resolves a problem since v. XE37.
Workaround: There is no workaround
CSCue89491
Symptom: GM tries to re-register after the rekey mechanism change.
Conditions: When the user changes rekey transport type and waits for the schedule to take place.
Workaround: After changing rekey transport type, issue crypto gdoi ks rekey to send the rekey
instead of waiting for schedule rekey.
44
OL-26698-16
CSCue89658
Symptom: A kernel core file is generated. Process core files that were being generated are
incomplete.
Conditions: When a process encounters a defect, it causes the generation of a core file. The system
is supposed to wait to finish generating a core file. But, if a second critical process encounters a
defect concurrent to the first process, then the system starts the shutdown procedure before the first
process is finished with generating a core file. As part of the shutdown procedure, the manager of
the hardware watchdog is shutdown. This causes a kernel panic in about 120 seconds. If the first
process does not finish generating the core file, then a kernel panic occurs. This leads to generating
a kernel core file, and terminates generation of the core file of the first process before it can
complete.
CSCue90034
Symptom: Router cannot boot up.
Conditions: Seen on certain configurations.
CSCue92716
Symptom: Variable length exceeding 256 characters may cause issues.
Conditions: Traffic with HTTP extracted fields with length exceeding 1 Byte.
Workaround: Use traffic with HTTP fields with length less than 1 Byte.
CSCue93355
Symptom: GM failed to register with KS.
Conditions: SGT tagging enabled.
CSCue94610
Symptom: DSP crash with the following console error:
%SPA_DSPRM-3-DSPALARMINFO: Checksum Failure:80000000,0000000e,d0156a80,d0156000 *Mar
14 17:56:05.851: %SPA_DSPRM-3-DSPALARM: Received alarm indication from dsp (1/3/6).
%SPA_DSPRM-3-DSPALARMINFO: 0042 0000 0080 0000 0000 0000 4368 6563 6B73 756D 2046 6169
6C75 7265 3A38 3030 3030 3030 302C 3030 3030 3030 3065 2C64 3031 3536 6138 302C 6430
3135 3630 3030 0000 0000 0000 0000 0000
Conditions: Error occurs during an RP switchover process. The standby RP presents DSPs failing to
come up.
Workaround: The following command may clear up the DSPs:
Router# hw-module subslot x/y reload
CSCue96079
Symptom: There is out of memory traceback on ASR1K router.
Conditions: Too many sessions are created which is over scale limitation.
Workaround: Clear a few sessions.
CSCue97118
Symptom: Cube crashes when codenomicon test is run. This is basically a stress test that checks the
boundary condition for a large From header sent in invite.
OL-26698-16
45
Conditions: Very large From header in incoming SIP invite.

Workaround: Fix provided in stack, to handle these error scenarios properly.
CSCue97338
Symptom: Update PDP context request is dropped.
Conditions: TEID is 0, IMSI is existing.
CSCue97986
Symptom: Hung call at SIP, CCAPI, VOIP RTP components (but cleared in the Dataplane of ASR1k
platform).
Conditions: Video call set up as audio call. Call then gets transferred with REFER but caller hangs
up the call before the call gets transferred. This is an intermittent problem.
CSCuf00166
Symptom: With GM Local ACL (deny), traffic must be sent clearly but is dropped instead.
Conditions: GM Local ACL (deny) is configured on GM and running image with CSCuc87266
fixed.
CSCuf01088
Symptom: Memory leaks are observed in ASR with CVP call flows.
Conditions: Under load condition, memory leaks are seen in XE3.8.
CSCuf02990
Symptom: Users might experience high CPU utilization during AVC bringup. Bring-up process does
not converge correctly and leads to high CPU utilization with traffic.
Conditions: AVC bringup after CPU regulation mechanism turns off service.
CSCuf04726
Symptom: With IPsec (crypto-map mode) configured, after VFR disable followed by ASR reboot,
the no ip virtual-reassembly-out CLI is lost and VFR is re-enabled.
Conditions:
1. Apply crypto map on the interface.
2. Manually disable VFR with the no ip virual-reassembly-out command.
3. Save config.
4. Reload.
Workaround: After reload, again disable VFR with no ip virual-reassembly-out.
CSCuf04906
Symptom: ASR crashes when running VZ Inst image with VZ call flows.
Conditions: Crashes under load conditions.
Workaround: Fix given. While confId is valid, do a hash entry search.
46
OL-26698-16
CSCuf08585
Symptom: NAT64 does not work in simulator.
Conditions: This issue is not seen on hardware.
Workaround: A reboot is likely to clear the issue.
CSCuf09056
Symptom: The traffic may not be shaped correctly resulting in more traffic to leak through or the
router crashes when model 3/4 subscriber policy is applied.
Conditions: The model 3 and 4 hierarchy is built incorrectly on ESP-100/200 and ASR1002X when
the subscriber policy is added after the main interface is already active.
CSCuf15260
Symptom: ASR box crashes while sending Notify with KPML Digit.
Conditions: ASR DTMF type is changing to SIP-KPML mid-call.
CSCuf20409
Symptom: Netsync customer seeing clock in ql-failed state on one ASR-2ru.
Conditions: The issue occurred when distributing stratum 1 clock source through its network.
Workaround: If both SPAs are in the same slot, do not send the secondary config.
CSCuf21611
Symptom: TDM Voice call is terminated due to voice-port shutdown when T1/E1 module on other
NIM slot is reloaded (OIR).
Conditions: OIR of T1/E1 module in any NIM slot shuts down the voice ports (if any) on all other
T1/E1 NIM slots.
CSCuf24592
Symptom: 1. Certain counter values will appear to wrap around for condition 1 under the section
"Aggregate traffic distribution statistics". 2. Certain counter values will appear to decrement instead
of incrementing for condition 2 under the section "Aggregate traffic distribution statistics". The
following fields are affected: Packet and byte counts ---------------------- Redirected
Bytes Redirected Packets Received Bytes Received Packets Occurrences ----------Initial Redirects Initial Redirects Accepted Initial Redirect -> Passthrough Redirect
-> Passthrough
Conditions: 1. When counter values exceed 4294967296. 2. When one of the following clear
commands are run and the value exceeds 4294967292: clear service-insertion statistics, clear
service-insertion statistics service-node, clear service-insertion statistics service-node-group.
The symptom is observed when viewing the output from either of the two show commands show
service-insertion statistics service-node or show service-insertion statistics service-node-group.
Workaround: Avoid issuing the clear service-insertion statistics service-node-group and clear
service-insertion statistics service-node commands. We can monitor the stats for the counter
values up to 2^32 and wraparound thereafter. This limit the counter values to 2^32 instead of 2^64.
CSCuf25027
Symptom: Substantial drop in performance. High latency and packets drop.
OL-26698-16
47
Conditions: Router is configured with full AVC config (NBAR,ART,QoS) and Ipsec. This issue is
seen with high traffic (more than 500 Mbps). Packet drops can be verified by issuing this command:
show platform hardware qfp active statistics drop clear
The following is an example of the outpout of this command:
Global Drop Stats
Packets
Octets
------------------------------------------------------------------------IpsecOutput
797
276
3250
3242721 Ipv4NoAdj
1056357 PuntErr
Workaround: Disable AVC from the interface.
Workaround: Disable AVC from the interface.
CSCuf25232
Symptom: Crashes are seen in CUCM code, which is also applicable for IOS stack.
Conditions: Not known. See also CSCtz08251 and CSCua92010.
CSCuf25318
Symptom: ESP crashes when executing show platform hardware qfp active feature fnf client
application name MMA
Conditions: The performance monitor has five or more traffic monitors, or if there are more than
eight monitors that bind to the application. Example: performance monitor context my-visibility
profile application-experience traffic-monitor application-response-time traffic-monitor
conversation-traffic-stats traffic-monitor url traffic-monitor media traffic-monitor
application-traffic-stats interface GigabitEthernet0/0/3 performance monitor context my-visibility.
Workaround: Execute object and instance separately instead of the default like: show platform
hardware qfp active feature fnf client application name MMA object show platform hardware qfp
active feature fnf client application name MMA inst. The default is to show both object and
instances and this is crashing if there are more than eight instances. Therefore, do not use the
following in that case: show platform hardware qfp active feature fnf client application name MMA
CSCuf29121
Symptom: System crash.
Conditions: On ASR1002 system with IPSec is configured on both ingress and egress GRE tunnel
interface and configure NAT64 feature with FTP stateful traffic, the system crashes.
Workaround: Configure no nat64 service ftp to disable FTP64 ALG. The system does not crash
with FTP stateful traffic.
CSCuf29962
Symptom: Aggressive alert is seen when no alert is set.
Conditions: ZBFW is on and alert is seen after disabling the parameter-map type inspect global and
clearing drops.
CSCuf34496
Symptom: Router crashing when T1/E1 module is reloaded (OIR) with active TDM calls on another
T1/E1 module on same router.
Conditions: OIR of a module with or without any configurations, along with another module with
active TDM calls is leading to a crash.
48
OL-26698-16
CSCuf39338
Symptom: Running sh sbc FOO sbe mib mgmmediaaddresstable on standby causes CLI to hang.
Conditions: When enabled SBC-B2B redundancy.
Workaround: Do not run this command on standby.
CSCuf43548
Symptom: When POS Rx fiber at the tail end of the MPLS TE FRR is pulled, the FRR takes longer
than 200 ms to cut over to the other Tunnel.
Conditions: This happens with POS MPLS TE FRR, when head end receives remote defect due to
rx fiber pull at the tail end. Remote defects wont trigger FRR quickly.
CSCuf46942
Symptom: When the router receiving the SYN is reloaded, traffic is not optimized after the router
has come up. This occurs with ACG scenario and asymmetric scenario.
Conditions: Immediately after router reload.
CSCuf47717
Symptom: A major alarm is listed indicating that the node is not reachable even though the cluster
is up and operational.
Conditions: This happens on switchover from Active to Standby.
Workaround: The alarm can be cleared with disable and enable of service context.
CSCuf49959
Symptom: Router crashes when tunnel interface is flapped.
Conditions: When sessions are there, do shut/no shut multiple times.
CSCuf51801
Symptom: The CLI command show crypto session xxx results in memory leaks.
Conditions: Execution of show crypto CLI command appears to cause 168 Byte memory leak for
each of the following commands: - show crypto session brief - show crypto session local <IP>
brief - show crypto session local <Mac> brief - show crypto session remote <Mac> brief - show
crypto session remote <Mac> brief - show crypto session username <any> brief - show crypto
tech-support peer <IP> - show crypto tech-support.
CSCuf51881
Symptom: Memory is holding up on CUBE if the KPML Subscription expiration timer is too big
and no unsubscribe is received.
Conditions: This is seen for KPML subscription duration too high under load, with no unsubscribe
received.
CSCuf56693
Symptom: Traceback might appear when configuring NBAR custom protocol on Border Router.
OL-26698-16
49
Conditions: This symptom is observed when PfR is "updating" or "deleting" Traffic-Classes during
NBAR custom protocol configuration.
Workaround: Before configuring NBAR custom protocol, shut the PfR-Master.
CSCuf57226
Symptom: Scheduler is not handling gratuitous arp packets properly before dataplane comes up.
Conditions: Scheduler is not handling gratuitous arp packets properly before dataplane comes up.
CSCuf60585
Symptom: cpp_cp_svr crash at cpp_qm_event_insert_aggr_node.
Conditions: While bringinup 4K PPPoA sessions with QOS policy attached in ATM subinterfaces.
CSCuf65404
Symptom: call fails if the transcoder is needed for DTMF interworking and vcc offer-all is
configured.
Conditions: CUBE reserves the transcoder for codec mismatch and releases the transcoder, since the
codecs are identical. But dtmf still requires the transcoder for interworking.
CSCuf68548
Symptom: ccpp_cp_svr and fman_fp cores during mdr.
Conditions: While doing spa/SIP OIR during mdr.
CSCuf78259
Symptom: cWAAS optimized traffic cannot pass ZBF zone-pair.
Conditions: WCCP outbound is used, and WAAS optimization enabled.
Workaround: Configure WCCP inbound rather than outbound, or disable ZBF.
CSCuf81742
Symptom: An ESP crash occurs.
Conditions: In the rare case, where the software managed memory pools have been increased and a
coalescing of buffer pools is required to create large buffers out of smaller buffers. Only a few
features (MLPPP, FRF12, ESS, SSL, and IP reassem) make use of this memory.
CSCuf82550
Symptom: The fragment issue is seen in lisp getvpn, and flapping ipsec sessions. After 2 to 3 hours,
the console reports a series memory fragment error and traceback. After several hours, cef will be
disabled. IOS Router displays malloc failure error message.
Conditions: lisp getvpn flapping IPSec session.
CSCuf85449
Symptom: Crash at be_ewag_gtp_path_pdp_remove_one during session churns.
50
OL-26698-16
Conditions: 48K EoGRE sessions of mix GTP (18K) PMIP (18K) and SIP (12K). During session
churning, GTP crash is observed.
CSCuf90643
Symptom: WRED state not completely reset between packets causing drop policy to work
incorrectly.
Conditions: If a class has WRED fair queue and another class with fair queue, then average depth
calculation is done on wrong queue causing functionality issue.
Workaround: Do not use class with fair queue when there is another class with WRED and fair
queue.
CSCuf93376
Symptom: CUBE reloads while testing SDP pass-through with v6.
Conditions: CUBE reloads while testing SDP pass-through with v6.
Workaround: Do not use SDP pass-through and use normal SIP processing call flows.
CSCuf98264
Symptom: An incorrect error is printed when trying to update the maximum back-off time.
Conditions: The symptom occurs only when CPU regulation is enabled (it is disabled by default)
and the user wants to update the maximum back-off time.
Workaround: Use the default back-off time.
CSCug01256
Symptom: QMovestuck is observed when you attempt to change the policy map with traffic ON.
Conditions: This is seen when changes are made in policy-map with traffic ON.
Workaround: Reload the router to bring it back to normal state.
CSCug04287
Symptom: Tunnels may fail to come up without warning.
Conditions: When there is a limit on tunnels or on unlicensed routers.
CSCug04660
Symptom: Spurious CPLD-EHSA interrupts are seen. These interrupts are seen in cmand_R*
tracelog file. Sometimes, these can also cause high CPU depending on the activity on the USB
device.
Conditions: When an external USB device is attached to an Intel-x86 based RP. This includes RP2,
1RU, 2KP platforms. RP1, 2RU, 2RU-F are PPC based platforms, so these do not have this issue.
On Intel x86 platforms, CPLD interrupt lines are shared with external USB devices. Spurious
CPLD-EHSA interrupts are in fact USB interrupts.
Workaround: Remove external USB device from the router when not in use.
CSCug04947
Symptom: Ucode may crash with high FTP ALG traffic NAT PAT configraution.
Conditions: Ucode may crash with high FTP ALG traffic NAT PAT configuration.
Workaround: Turn off all ALGs with no ip nat service. Use static or dynamic NAT configuration.
OL-26698-16
51
CSCug09187
Symptom: A router crash can be observed with console logging a message:
"UNIX-EXT-SIGNAL: Segmentation fault(11),
Process = EWAG GTP PDP 1" when trying to
bring up GTP sessions.
Conditions: A misconfigured subscriber profile without "cisco-msisdn" configured in AAA for a

GTP subscriber will cause the crash.
Workaround: cisco-msisdn is mandatory IE for iWAG GTP. It must be present in AAA profile.
CSCug11093
Symptom: The following message is logged: SCOOBY-3-SERIAL_BRIDGE_CRITICAL_ERROR:
F1: cman_fp: Reloading F1:0 due critical event 0x80000 in block epi/0 of serial bridge 0.
Conditions: When FP100 is deployed.
CSCug11220
Symptom: GETVPN ipv6 packets get dropped.
Conditions: None.
CSCug12997
Symptom: Router crash with the following message:
CPPHA-3-FAULT: F0: cpp_ha: CPP:0.0 desc:ETC_ETC_LOGIC1_LEAF_INT_INT_LP_LONG_PKT_ERR
det:DRVR(interrupt) class:OTHER sev:FATAL id:2694 cppstate:STOPPED res:UNKNOWN
flags:0x7 cdmflags:0x0.
Conditions: During normal operation.

CSCug14039
Symptom: Router crashes when all three subslots are 8-port E1 and all are configured with PRI
voice.
Conditions: When router boots up, the voice port creation will cause the router to crash.
CSCug14060
Symptom: Booting a Cisco ISR 4450 router with three NIMs (fully populated) with a 3.9.0 IOS XE
release image for the first time may see a reset of the router. The problem is not seen on subsequent
boot up. The reset may be seen with the following syslog message.
%PMAN-0-PROCFAILCRIT:pvp.sh:
A critical process cmcc has failed (rc 134)
%PMAN-5-EXITACTION:pvp.sh: Process manager is exiting: critical process fault, cmcc,

cc_0_0, rc=134 %PMAN-5-EXITACTION: Process manager is exiting: reload fru action
requested
Conditions: Cisco ISR 4450 router needs to have 3 NIMs plugged in to the system, and system is
booting IOS XE 3.9.0 release for the first time.
Workaround: Reset the system one more time. This issue is not seen again after a reset.
CSCug18233
address to the client. The prefix always gets pushed as 128.
52
OL-26698-16
Conditions: ikev2 local authorisation.

Workaround: Use radius server to push the prefix to the client.
CSCug20100
Symptom: Traffic drop as PaWalkErr.
Conditions: NAT FTP IPSEC on ovld.
CSCug20669
Symptom: ASR1000 router crashes due to PPTP related traffic.
Conditions: Router is running on 3.9.0S. NAT PAT is configured in CGN mode on the router.
Workaround: Disable PPTP ALG in CGN mode. No ip nat service pptp.
CSCug28631
Symptom: Silent suppression of the line that is causing the difference in behavior.
Conditions: Silent suppression of the line that is causing the difference in behavior.
Workaround: Remove the silent suppression line using the lua script LVASR01#more
bootflash:edit_silence_supp.lua function delete_lines(msg) for line in
msg.sdp:select_by_prefix("a=silenceSupp:off"):iter() do line:delete() end end
MeEditor.register(MeEditor.BEFORE_RECEIVE,"SilenceSupp",delete_lines).
CSCug28904
Symptom: Router deops ESP packets with CRYPTO-4-RECVD_PKT_MAC_ERR.
Conditions: Peer router sends nonce with length 256 Bytes.
CSCug30823
Symptom: No media forwarded or media dropped for "Reprocess limit exceeded".
Conditions: This issue occurs when all the following conditions are met:
the call is setup as nat call
media is received before off/answer completed
the call is modified to hairpin with other calls both on two sides
CSCug31076
Symptom: ASR1000 ESP may get reloaded unexpected when PfR NAT OER integration feature is
enabled.
Conditions: When one of the NAT outside interface shuts down administratively with active NAT
translations.
Workaround: Disable PfR NAT OER integration feature.
CSCug33656
Symptom: When turning off a wccp service or detachin a service from an interface, the memory
allocated for wccp is not freed. This can be seen using: show platform software memory
qfp-control-process qfp active | section WCCP.
Conditions: None.
OL-26698-16
53
CSCug34822
Symptom: ESP might crash.
Conditions: While running clear ip nat translations * after the forced removal of a NAT mapping.
Workaround: Before removing any NAT mappings, run clear ip nat trans *. And do not use the
forced option when removing a NAT mapping. The following is an example:
ip nat inside source list 1 pool pool1 overload
CSCug36251
Symptom: GETVPN KS downloaded TEK / IPsec policy handling on the GM which is now
"Centralized" across both ASR and ISR to support Suite-B policy (i.e. a "permit A B" will install its
SA's as as A => B for both INBOUND and OUTBOUND). Previously, the ISR platform installed
GETVPN TEK / IPsec policy as "Site-to-Site" where a "permit A B" will install its SA's as A => B
for OUTBOUND and B => A for INBOUND.
Conditions: None.
CSCug40546
Symptom: QFP reloads and gets stuck in reset loop until pap or cgn configuration.
Conditions: This occurs when the router is reloading when the following configurations exist: ip nat
setting mode cgn and ip nat setting pap.
Workaround: Either remove PAP or CGN configuration. A fix is expected in release 3.9.1 and later.
CSCug41599
Symptom: VTCP needs to adjust in case 10k h323 resemble packets size are received. Clear DF bit
to decrease the impact on MPLS Path Selection and Limit Packet length for assembled h.323 packet
to 8K.
Conditions: The following apply:
Send 10K tcp segments from server
pmod manipulate the 1st tcp segment into h323 realization format (03 00 length after tcp
header)
the response src port 80 and dst 1720
Workaround: Disable h323 alg.
CSCug43136
Symptom: After applying the QoS configuration with policy-maps, the configuration is seen in show
running config properly. However, on checking the QFP, the following is displayed:
sh platform hardware qfp active feature qos all output all"
no interfaces are
configured as QoS target(s)
When checking the matching of the packets on the interface, it is displayed as "0".
Conditions: IOS XE Version: 03.07.01.S.
CSCug44667
Symptom: CM tone detector being turned ON irrespective of the fax and modem features being
disabled.
Conditions: CM tone detector being turned ON and being reported to the host by the DSP.
54
OL-26698-16
CSCug44944
Symptom: vg350-universalk9-mz.SSA image fails to build.
Conditions: Building image fails.
CSCug45964
Symptom: PAP reference count (viewed via 'sh pl h q a f nat data pap') is too high. The PAP reference
count should match the number of sessions referencing that local address. This will cause NAT
memory footprint to be higher than expected because the PAP entries are not properly freed in this
case.
Conditions: This issue can only happen when PAP is configured ('ip nat setting pap') and certain
types of ALG traffic is run.
Workaround: Issuing a clear ip nat trans periodically will remove the stranded PAP entries and
prevent the NAT memory footprint from buidling up.
CSCug49130
Symptom: KP crashes with FTP traffic.
Conditions: When NAT is configured in CGN mode with PAP.
CSCug49843
Symptom: IPSec SA reset when sequence number rolls back to 0 with anti-reply disable.
Conditions: OUT_OCT_DETECT_SEQ_OVEFLOW counter increase.
CSCug51847
Symptom: RP crash is observed when the following command is issued:
<CmdBold>show gtp pdp imsi <CmdArg> IMSI <noCmdArg><noCmdBold>
Conditions: This crash happens only when the above command is issued to show the detail of a gtp
pdp, which is in dns look up pending state.
CSCug57503
Symptom: ESP crash.
Conditions: Executing show platform hardware qfp active feature packet-trace configuration.
Workaround: Do not execute unsupported command.
CSCug61097
Symptom: In some traffic conditions, running AVC configuration on the ASR1002-X platform may
lead to a crash.
Conditions: Under heavy load and with specific traffic pattern, usually found at ISP network,
running AVC configuration on ASR1002-X may lead to a crash.
CSCug63419
Symptom: Call coming from CUCM on a SIP Trunk to ISR4400 platform and goes out on a PRI
Trunk on the same ISR4400 platform.
OL-26698-16
55
Conditions: Call is coming on a SIP dialpeer and goes out on a POTS dialpeer and router crashes.
CSCug65541
Symptom: Traceback observed at service_controller_delete_sc_node on performing RP
switchover.
Conditions: On performing RP switchover and when the ASR is registered with the CM.
CSCug76754
Symptom: ISR4451 Crashed under traffic.
Conditions: ISR4451, crashed when used as CUBE under extended traffic.
Software Version: Cisco IOS Software, IOS-XE Software
(X86_64_LINUX_IOSD-UNIVERSALK9-M), Experimental Version 15.3(20130501:122311)
[v153_2_s_xe39_throttle-BLD-BLD_V153_2_S_XE39_THROTTLE_LATEST_20130501_111211-ios
170] CallFlow:
Phone-A-------------CUCM10.0------------------CUSP-------------------(ISR4451-CUBE)
--------------------------CUSP---------------ISR-3900-CUBE-----------------CUSM10.0
----------------PhoneB Type of traffic: SIP-SIP (Basic and Supplementary Services)
Traffic Rate: 200 Concurrent calls. TRACEBACK 1#1b67e6e760d4ea492a73b51cd18661d7
:400000 74BD589 :400000 78F5760 :400000 790432B :400000 78EBDC9 :400000 78E6B06
:400000 7915DE2

Release 3.9.0S

3.9.0S
CSCtw74124
Symptom: For a slot housing ASR1000-SIP40, or on ASR1002-X, the output of the show platform
hardware slot <slot#> plim buffer settings detail command will show the value of Max always as
0 against Fill Status Curr/Max, even when the RX buffers have been utilized.
Conditions: When the SPA aggregation ASIC has been flow controlled by the Network Processing
Unit, the buffers inside the SPA aggregation ASIC will start filling up.
CSCuc59324
Symptom: Errors while executing the request platform software package clean command.
56
OL-26698-16
Conditions: After executing subpackage ISSU upgrade procedure, the request platform software
package clean command is giving errors.
CSCud19536
Symptom: In AVC for IOS XE 3.8, a short downtime is experienced after modifying the AVC
configuration.
Workaround: Leave the configuration as is, or do not broaden the media filters.
CSCud30442
Symptoms: On a Cisco ASR1002 router, the show platform hardware crypto-device context
packet count does not display correctly.
Conditions: Cisco ASR1002 router.
CSCud47058
Symptom: Committed Memory value 96% exceeds warning level 95% on 4RU ISSU SIP upgrade.
Conditions: This symptom is observed when performing a SIP ISSU upgrade in a 4RU.
Workaround: This is just a warning message. There is no impact on the functionality or the traffic.
CSCud56245
Symptom: Error is seen during post router clean up %CWAN_HA-4-IFEVENT_BULKSYNCFAIL:
receive failed ifevent: 10 error: 3.
Conditions: Error message seen in the Release 15.3(02)S image on mcp_dev.
CSCud59647
Symptoms: On a ASR1002 router, the configure wrong static routes point to ipsec tunnel, and cpp
crashes under high rate traffic.
Conditions: Cisco ASR1002 router.
Workaround: no workaround.
CSCud67112
Symptom: In some cases, NBAR does not classify IPv6 HTTP traffic correctly.
Conditions: May occur with IPv6 HTTP traffic.
Workaround: In cases where IPv4 addressing is sufficient, use IPv4 as an alternative.
CSCud90061
Symptom: When executing a route processor (RP) switchover, the console CLI may display an error
message beginning with CPPOSLIB-3-ERROR_NOTIFY. The symptom does not affect
functionality and does not require any action to be taken.
Conditions: Can occur when executing a route processor (RP) switchover.
CSCud91780
Symptom: RP crashes pointing to REDUNDANCY FSM.
OL-26698-16
57
Conditions: This symptom is observed when an active RP crashes or is reloaded.

CSCue08522
Symptom: Traffic loss when over 95% DS3 line rate in 2CHT3-CE-ATM SPA.
Conditions: None
CSCue26791
Symptom: On scaled configs with mcast/oif, tracebacks are seen.
Conditions: On bootup with scaled configs PLATFORM_INTR_OVER_LIMITS are seen.
Workaround: Boot with empty configs and then apply the scaled configs.
CSCue29276
Symptom: Embedded Services Processor (ESP) board may be out of service due to run out of
process memory.
Conditions: This symptom is observed on a Cisco ASR1000 series router when functions as an IP
Security (IPSec) termination and aggregation router, and when dual-stack (over IPv6 transport)
Dynamic Multipoint VPN (DMVPN) is deployed with high scaling of spokes, and with Netflow,
NAT, URPF features enabled. And when Route Processor (RP) switch-over happens.
Workaround: there is no workaround.
CSCue53207



58
OL-26698-16



CSCue63092
Symptom: The Application ID field shows up as 0.
Conditions: ICA traffic is sent through a ASR functioning as a single ANC in an ACG.
CSCue69960
Symptom: Traceback and Queuing error for interface AppNav-Compress interface.
Conditions: Upon disabling the service context, saving config and reload.
Workaround: Upon enabling service-context, traceback is no longer seen.
CSCue77228
Symptom: The show service-insertion statistics connection summary command displays large
pass-through flows (greater than two million). This issue only affects the summary output. The
non-summary output is not affected.
Conditions: Multiple AppNav Controllers in an AppNav Controller Group is configured.
Workaround: Use non-summary output to count flows.
CSCue71931
Symptom: Traceback is seen as soon the router reloads.
Conditions: This is an intermittent issue seen when the router reloads and at the same time WCM
sends a sync message to apply the configuration. We have 2 channels trying to apply config at the
same time.
Workaround: Reload the router again.
CSCue71667
Symptom: ISR-WAAS service deployment fails when using EZConfig and a network/broadcast
address as the service IP.
Conditions: When using EZConfig for enabling ISR-WAAS service, if a network or broadcast
address is used as the service IP, EZConfig does not complain and goes ahead and tries to install,
activate service and register the same with WCM, which fails.
OL-26698-16
59
Workaround: Use a valid IP address for service IP, other than loopback address, network address,
and broadcast address.
CSCue80399
Symptom: Fails to remove SN_OR_WCM class and ACL config after 'service waas disable' process.
Conditions: 1. Activate and ensure ISR-WAAS is up and running with cms status online 2. Reload
router after "wr mem" is performed on the router and ISR-WAAS. 3. Ensure that the ISR-WAAS
boots up with the required configs and cms status online. 4. With/without De-Register ISR-WAAS
from CM. 5. Perform a 'service waas disable' and ensure all the configurations performed through
'service waas enable' is removed.
Workaround: Remove the SN_OR_WCM class and ACL manually.
CSCuf24592
Symptom: 1. Certain counter values will appear to wrap around for condition 1 under the section
"Aggregate traffic distribution statistics". 2. Certain counter values will appear to decrement instead
of incrementing for condition 2 under the section "Aggregate traffic distribution statistics". The
following fields are affected: Packet and byte counts ---------------------- Redirected
Bytes Redirected Packets Received Bytes Received Packets Occurrences ----------Initial Redirects Initial Redirects Accepted Initial Redirect -> Passthrough Redirect
-> Passthrough
Conditions: 1. When counter values exceed 4294967296. 2. When one of the following clear
commands are run and the value exceeds 4294967292: clear service-insertion statistics, clear
service-insertion statistics service-node, clear service-insertion statistics service-node-group.
The symptom is observed when viewing the output from either of the two show commands show
service-insertion statistics service-node or show service-insertion statistics service-node-group.
Workaround: Avoid issuing the clear service-insertion statistics service-node-group and clear
service-insertion statistics service-node commands. We can monitor the stats for the counter
values up to 2^32 and wraparound thereafter. This limit the counter values to 2^32 instead of 2^64.
CSCue49361
Symptoms: Jumbo packet drop due to re-assemble timeout.
Condition: On a Cisco ASR1002 router with NAT64 and Firewall configured, the traffic is GRE
tunnel over ipsec in and GRE tunnel over ipsec out. On the egress tunnel, you have to configure "ip
virtual-reassembly", otherwise you will observe a jumbo packet drop due to the re-assemble
timeout.
Workaround: Configure "ip virtual-reassembly" on GRE tunnel over ipsec.
CSCue51515
Symptoms: On a Cisco ASR1002 router with NAT64 scenario, send udp port 64 stateless
unidirectional traffic firewall shows it is sip pkt. And sh policy-map type inspect zone-pair displays
NATed ipv4 address as source address instead of ipv6 source address.
Conditions: None.
CSCue59629
Symptom: GM re-registers two times after issuing "clear crypto gdoi ks members" on the KS.
Conditions: KS has multiple IPSec SAs configured on the GDOI group. GM is an ASR.
CSCue59759
60
OL-26698-16
Workaround: No known workaround.
CSCue61643
Symptom: When the encapsulation on pvc is aal5mux.
Conditions: Ping fails when encapsulation on pvc is aal5mux.
Workaround: Configure a different encapsulation aal2snap and make it default.
CSCue67984
Symptom: Pending objects are seen.
Conditions: This symptom is observed on an SSO with ATM PVP local switch scaling configuration.
CSCue71282
Symptom: ISR G2 only supports 1,000,000 cache entries per monitor and thus ISR G3 will support
only 1,000,000 entries as well. Future releases of the software will enforce this restriction so
configurations that exceed 1,000,000 with this release will not work for subsequent releases.
Conditions: The number of entries in a flow monitor can be configured using the flow monitor
<name> cache entries <NUMBER of ENTRIES> command.
Workaround: It is recommended not to configure more than 1,000,000 cache entries per monitor on
the ISR G3 platform, and this will be enforced in future software releases.
CSCue81059
Symptom: After the aggressive aging trigger goes off, the number of half open sessions is not
consistent for a given set of configurations.
Conditions: This symptom is observed when ZBFW aggressive aging is configured with inspect
action.
Workaround: There is workaround.
CSCue88209
Symptom: Bay based cmcc environmental monitoring works but it does not come up in the show
env command.
Condition: None.
CSCue89658
incomplete.
Conditions: The kernel core is generated when HMAN stops strobing the HW Watchdog timer. This
occurs concurrently when a process with a large resident set size (IOSd) is dumping core.
CSCuf09249
Symptom: ESP40 is observed to reload.
Conditions: ESP40 is observed to reload with 100 flexvpn sessions with one FW and qos.
OL-26698-16
61
CSCuf56693
Symptom: Router may experience a free garbage pointer crash.
Conditions: May occur when all of the following are true:
The border router is configured with performance routing (PfR).
The master controller (MC) router is using NBAR to monitor/control traffic.
The ip nbar custom zzzz tcp range 50000 51000 command is executed one or more times.
Workaround: Shut down the MC before configuring an NBAR custom protocol.

Release 3.9.0S
Release 3.9.0S.
CSCsr06399
Symptom: A Cisco 5400XM may reload unexpectedly.
Conditions: This symptom is intermittent and is seen only when the DSPs available are insufficient
to support the number of calls.
Workaround: Ensure that sufficient DSPs are available for transcoding.
CSCsu57181
Symptom: When the retransmission number is changed, the next rekey does not reflect this change.
Conditions: Change the number of retransmissions from 2 to 5, and the number stays at 2; and when
changing the retransmissions from 2 to 1, the number of retransmissions stays at 2. This happen for
both unicast and multicast rekey.
Workaround: clear crypto gdoi and start over again.
CSCsz65576
Symptom: One or more linecards may fail to boot in an ASR1000 with an RP2 or there may be an
error with the EOBC. %CMFP-3-STANDBY_EOBC_LINK_ERROR: F0: cman_fp: Standby
EOBC link error detected.
Conditions: This symptom is observed with certain combinations of RP2 and ESP10.
CSCtc18691
Symptom: DRAM Error Correction (ECC) is not properly enabled for memory modules installed on
certain ASR1k-CC boards.
Conditions: For these DIMMs, ECC will not be enabled. The system will not be able to detect or
correct any single bit errors which may occur during normal operation.The effect of these
uncorrected bit errors could lead to unpredictable system behavior.
Workaround: The card or 2RU system must have the ROMMON upgraded to either version XNC,
XND1, or 15.3(1r)S or later. Upon subsequent restart the system will run with the new ROMMON
and ECC will function as expected. For full ROMMON upgrade instructions see:
62
OL-26698-16
http://www.cisco.com/en/US/products/ps9343/prod_maintenance_guides_list.html. As a temporary
workaround until the ROMMON upgrade can be performed, reset the card in question, this will clear
the bit error and normal operation will resume, although ECC will still be disabled.
CSCtg47129
The Cisco IOS Software implementation of the virtual routing and forwarding (VRF) aware network
address translation (NAT) feature contains a vulnerability when translating IP packets that could
allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
Cisco has released free software updates that address this vulnerability. Workarounds that mitigate
this vulnerability are not available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat
Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes
seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each
Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the
vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases
that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.
Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security
Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html
CSCti62247
Symptoms: If an IPv4 or IPv6 packet is sent to a null interface, a Cisco ASR 1000 series router will
not respond with an ICMP or ICMPv6 packet.
Conditions: This symptom occurs with a prefix routed to Null0 interface.
CSCtq41512
Symptoms: After reload, ISDN layer 1 shows as deactivated. Shut/no shut brings the PRI layer 1 to
Active and layer 2 to Multi-frame established.
Conditions: This symptom occurs when "voice-class busyout" is configured and the controller TEI
comes up before the monitored interface.
Workaround: Remove the "voice-class busyout" configuration from the voice-port.
CSCtq81245
Symptom: SPA-4XCT3/DS0 spa reloads after doing fp reload.
Conditions: 1. Issue is seen on single fp system. 2. Issue is seen when serial interface are configured
on the spa. 3. SPA-4XCT3/DS0 spa is installed in SIP40 only
CSCtr96024
Symptom: The user is not notified about an error scenario relating to larger-than-allowed flow
record of type performance-monitor being used in a Performance Monitor policy. This is misleading
because the user may mistakenly believe that the Performance Monitor policy is correctly attached
to the desired interface, but will find that monitoring of traffic is not working as expected.
Conditions: 1. The Performance Monitor feature is being used on ASR platform. 2. A flow record
of type performance-monitor, which contains more than the maximum allowed fields has been
configured. 3. The user is referencing the above flow record in a Performance Monitor policy which
OL-26698-16
63
has been attached to a desired interface. The maximum number of fields allowed in a flow record =
30 "timestamp sys-uptime first" field "timestamp sys-uptime last" field. If absent, the timestamp
fields are automatically added to the record. However, the total number of fields should still be less
than or equal to 32.
Workaround: Use a flow record of type performance-monitor which has 32 or less fields.
CSCts08224
Symptom: Expected ACL/sessions not found for most of the protocols.
Conditions: The symptom is observed with expected ACL/sessions.
CSCts52120
Symptom: Tracebacks are seen for PLATFORM_INFRA-5-IOS_INTR_OVER_LIMIT.
Conditions: This symptom is observed with RPSO.
CSCtu02543
Symptom: Sometimes, users may face a "peer leak" situation with EzVPN.
Conditions: This symptom may occur when an NAT box gets reloaded/rebooted with live
translations.
Workaround: Reload the router to clear the leaked peers.
CSCtu54300
Symptom: Tracebacks are seen when configuring the key server.
Conditions: This symptom occurs when configuring the key server.
CSCtv93326
Symptom: Inconsistency between IOS CLI and platform state with regard to flow record
configuration on the router. Reporting of Mediatrace statistics may fail, with the following error
reported on the Mediatrace Initiator device: Metrics Collection Status: Fail (19, No
statistic data available for reporting)
Conditions: This is a Flowdef modify event as a result of event consolidation. It can occur in the
following scenario: 1. Detach the flowdef associated with a monitor. 2. Change the flowdef (add /
delete fields). 3. Re-attach the flowdef to the monitor. For the Mediatrace symptom, the problem can
occur when a route change occurs for the traffic being monitored.
CSCtw72739
Symptom: The "retry-after" time in a 503 message is not used by the gateway (UAC) and retries
seem fixed at 180 seconds.
Conditions: This symptom is observed when trying to register.
CSCtw74598
64
OL-26698-16
Symptom: Call Menu (CM) tone may be detected and suppressed in the following call Flow:
Modem - - [FXS] - - VG224 - - [MGCP] - - CUCM - - [SIP] - - CUBE - - [SIP] - - PSTN Modem
connected to the VG224 places an outbound call to a destination in the PSTN. CM tone from the
originating modem gets removed by the VG224. To verify the symptom, enable "debug voip hpi
notification" and you would see a line "MODEM CM tone detected" in the debug output.
Conditions: SIP trunk provider does not support NSE based modem passthrough and hence VG224
was not configured with "mgcp modem passthrough".
Workaround: 1. Configure the FXS port as a non-mgcp port, disable fax relay and sg3-to-g3
suppression commands at the voip dial-peer level : dial-peer voice 99920 pots no service mgcpapp
port 2/0 dial-peer voice 4001 voip destination-pattern 4001 session protocol sipv2 session
target ipv4:<ip-address> codec g711ulaw no fax-relay sg3-to-g3 fax protocol none no vad 2.
Downgrade to 15.1(3)T4.
CSCtw76527
Symptom: The crypto session stays in UP-NO-IKE state.
Conditions: This symptom occurs when using EzVPN.
CSCtx06895
Symptom: Command "parameter type urlfpolicy" is not available in "policy-map type inspect
urlfilter" configuration mode. This makes it impossible to configure IOS URLF in 15.2(3)T. Unable
to call the "trend" keyword in the class-map under the policy-map.
Conditions: IOS 15.2(3)T and 15.2(1)T2(6) both show the same symptom.
Workaround: Downgrade to 15.2(2)T1.
CSCtx1579
Symptom: An MTP on a Cisco ASR router sends an "ORC ACK" message through CRC for the
channel ID that is just received but does not reply to the ORC for the next channel.
Conditions: The symptom is observed when there is a very short time lapse between the ORC and
CRC, say 1 msec.
CSCtx59316
Symptom: A packet punt to RP due to incomplete adjacency gets processed by CoPP. This makes
CoPP complex, because these punted packets are not directed to the system itself and requires the
CoPP to be opened up.
Conditions: This symptom is observed with 3.5.2S and similar release and by current design.
CSCtx84766
Symptom: No MOH resource is allocated.
Conditions: Phone1 calls Phone2 over SIP trunk,Phone2 parks the call (MTP required is checked on
SIPT).
CSCtx92716
Symptom: Cisco IOSd crashes.
Conditions: This symptom occurs when you remove and add service policies on unsupported
interfaces.
OL-26698-16
65
CSCty01105
Symptom: DO-EO Flow Around sip to sip with VCC call fails and causes "CCSIP_SPI_CONTROL"
memory leaks.Note: With No transcoder involved in CUBE.
Conditions: CUBE configured with early offer forced and flow around globally under voice service
VoIP and VCC, basic call fails with no transcoder enabled in the CUBE.
Workaround: Configure Transcoder in CUBE.
CSCty05282
Symptom: Last reload reason in "show version" output is seen as LocalSoft after some reloads.
Conditions: The conditions under which these symptoms are observed is unknown.
CSCty35726
Symptom: The following is displayed on the logs: InterOp:Cube-NavTel : LTI: Video Xcode Call
with plain Audio FAILS.
Conditions: This symptom is seen when video Xcode call with plain audio fails.
CSCty57856
Symptom: The Standby router crashes for an SRTP call on Active.
Conditions: This symptom occurs intermittently. This issue is seen due to a transient scenario, where
unstable data from Active is checkpointed on Standby.
CSCty94210
payload based on the configuration (global for responder, IKEv2 profile for initiator).
Conditions: None.
CSCtz31720
Symptom: We get some failed debugs when we try to configure snmp-server CLI.
Conditions: This symptom is observed when you try to configure snmp-server CLI.
CSCtz49911
Symptom: Certain attributes received from RADIUS might not be displayed as unsupported by
IKEv2; printing messages similar to: *Apr 23 06:50:59.952: IKEv2:unsupported attr type 477 *Apr
23 06:50:59.952: IKEv2:unsupported attr type 476.
Conditions: Flexvpn on 15.2.2S software, but not exclusive to it.
Workaround: None should be needed. Attributes should be processed correctly.
CSCtz50013
Symptom: Memory leak Seen with HA Configs under load Conditions.
Conditions: HA under Load Conditions.
66
OL-26698-16
CSCtz59258
Symptom: DSP not released when the IP call leg is abnormally disconnected by SIP SPI. This is not
reproducible consistently. It is more of timing issue.
Conditions: SIP SPI abnormally disconnects the call with out sending 200 OK.
Workaround: Switch over to the secondary to recover DSP resources.
CSCtz69527
Symptom: Route not found on UUT for RRI testcases.
Conditions: When the testcase for RRI, reverse-route remote-peer 16.0.0.1 gateway is checked,
route is not found on the router.
CSCtz75816
Symptom: NBAR Field Extraction (AKA collect through IPFIX) does not work for flows over IPv6
tunnels.
Conditions: Relevant when configuring NBAR to classify inside the tunneled IPv6 flows. This is
anyway not fully supported in the AVC eco-system in XE3.7.
CSCtz77702
Symptom: URI based routing is not working when tel-uri is present in 302 contact header.
Conditions: Configure call route URL.
CSCtz81129
Symptom: During OCSP revocation check the trustpoint source interface loopback address is also
used as the destination address.
Conditions: During OCSP revocation check the source interface loopback address is also used as the
destination address.
Workaround: Use the physical interface as the trustpoint source interface.
CSCtz97197
Symptom: SIP SPAs go in the out of service state in a scaled subinterface configuration (more than
2000 subinterfaces on a single Gigabit Ethernet port).
Conditions: This symptom occurs while performing ISSU between the iso1-rp2 and iso2-rp2 Cisco
IOS XE Release 3.6S throttle image. After ISSU runversion, the SIP SPAs go in the out of service
state. This issue is seen in a heavily scaled configuration. This issue is observed when there are 2000
to 3000 subinterfaces on a single SPA and the following limits are exceeded: Overall Dual stack
VRFs per box : 2800 Dual stack limit on interface: 1000.
Workaround: This issue is not seen in the following scenario: 1. Before doing a load version from
RP0 (initial active), issue the following command: asr1000# show ipv6 route table | inc IPv6 2.
Note down the number of IPv6 route tables in the system. 3. Do a load version. 4. Wait for standby
to come up to Standby hot. 5. Enable the standby console from RP0 (active). asr1000#configure
terminal Enter configuration commands, one per line. End with CNTL/Z. asr1000(config)#
asr1000(config)#redundancy asr1000(config-red)#main-cpu asr1000(config-r-mc)#standby
console enable. 6. Log in to the standby console and issue the following command: asr1000-stby#
OL-26698-16
67
show ipv6 route table | inc IPv6 Then, note down the number of IPv6 route tables in standby. If
the number is less than the number noted at step 2, wait for some time and reverify till it reaches
the number noted in step 2. 7. Issue ISSU runversion from RP0 (active).
CSCua04668
Symptom: 3945 voice gateway crashes when the config file is download from CUCM. this is 112
FXS bundle.
Conditions: Once 96 ports have registered and when we try to register the 97 port on, the gateway
will download the config from CUCM the router will crash
Workaround: One workaround is that we do a "no ccm manager config" this will stop the config
download form CUCM, we would then have to do a manual config of the rest of the ports an other
is to move to H323 as a protocol instead of MGCP
CSCua06897
Symptom: Ikev1 session are not coming up on the spoke after sh/no sh on Hub tunnel interface.
Conditions: sh/no sh on Hub tunnel interface.
CSCua10477
Symptom: The ASR1002-X Series Aggregation Services Router with large numbers of MLPPP
bundles may experience a crash.
Conditions: When the ASR1002-X Series Aggregation Services Router with large numbers of
MLPPP bundles may experience a crash preceded by the following message followed by a traceback
and eventual reload of the router; %CPPOSLIB-3-ERROR_NOTIFY: SIP0: cpp_cp: cpp_cp
encountered an error.
Workaround: Keep the number of single-link MLPPP bundles under 4,000, and the total number of
multi-member MLPPP bundles under 2,000.
CSCua12998
Symptom: Call not going between SCCP and SIP phones.
Conditions: After configuring "no outbound-proxy" under the "voice register global", SCCP
endpoints to SIP endpoints call is successful. After some time (approx. 10 minutes or more), the
functionality reverts back to "outbound-proxy system", and the same call fails. The configuration
still shows "no outbound-proxy" in the running-configuration.
CSCua14749
Symptom: Carried-id (source/target) CLI is not taken into effect when configured under dial-peer.
Conditions: Call-route url configured along with voice source-group CLI.
CSCua16122
Symptom: %PKI-4-CRLINSERTFAIL: Trustpoint "..." failed to verify CRL signature (error
1815:E_NAME_ENCODING : invalid encoded format for name).
Conditions: "chain-validation continue" is configured on a local trustpoint that is part of the
certificate chain from the root CA to the peer.
Workaround: Configure either "chain-validation stop" or "revocation-check crl none" on all
trustpoints in the chain.
CSCua27722
68
OL-26698-16
Symptom: Netflow TimeStamp may show time drift compared to NTP time. This effect has been
judged to be equal to about 50 seconds of lost time per day.
Conditions: Flexible or Traditional Netflow running on either an ESP40 based Forwarding Processor
or on an ASR1001 platform.
Workaround: There is no workaround but when the time skew exceeds 10 minutes it should self
correct.
CSCua33788
Symptom: The router does not pass multicast traffic consistently; only some traffic passes.
Conditions: Occurs when you configure 255 EVCs spanning across different slots on the router.
CSCua36330
Symptom: Trace backs found.
Conditions: While copying the text file from the certificate server. Accessing
https://msca-root/test.txt...
CSCua39375
Symptom: Cube Crash with SIP config.
Conditions: Call flow with forking with update, ie. 183 w/ SDP followed by 180 w/o SDP with a
different To body (forked call). A resulting reinvite from CUCM causes CUBE to crash as it is
applied to the forked call with no SDP causing the crash. voice class sip-profiles in configuration.
CSCua42104
Symptoms: Malformed RTCP packets are observed.
Conditions: This symptom occurs when DTMF interworking is enabled or SRTP/SRTCP is in use.
Workaround: Disable DTMF interworking if not required for the call.
CSCua44407
Symptom: Trace back is seen when user part is greater than 32 characters in incoming 302 response
contact header.
Conditions: CUBE in 302 consume mode. userpart in 302 contact header is greater than 32
characters.
CSCua51898
Symptom: TGW Failed to send BYE message after 200 OK.
Conditions: TGW Failed to send BYE message after 200 OK with 15.2(03.16)M0.1.
CSCua54514
Symptom: BQS queue output is different for FP10 and FP80.
Conditions: Output difference is seen while checking the "sh plat hard qfp ac fe qos queue out all d
" output.
OL-26698-16
69
CSCua68736
Symptom: Source files cannot be referenced in the new project.
Conditions: New project requirement.
CSCua69578
Symptom: Cleartext send out from flexVPN VAI interface during session flap.
Conditions: Session delete and create.
CSCua70065
Symptom: CUBE reloads on testing DO-EO secure video call over CUBE when SDP passthru is
enabled.
Conditions: The symptom is observed when running Cisco IOS interim Release 15.3(0.4)T.
CSCua75781
Symptom: CME reloads for E911 call ELIN translation for incoming FXS/FXO trunk.
Conditions: The symptom is observed from Cisco IOS interim Release 15.3(0.2)T.
CSCua78616
Symptom: Not able to retrieve Via header for sending OPTIONS response back.
Conditions: This issue is seen in OPTION message case.
Workaround: Use the las_option_request from ccb while retreiving Via header.
CSCua78782
Symptom: Authentication of EzVPN fails.
Conditions: The symptom is observed with BR-->ISP-->HQ.
CSCua90697
Symptom: Traffic-class cannot be learned with delay as learning type reports incorrect number of
TCs.
Conditions: configurate delay as learning type.
CSCua91473
Symptoms: Memory leak occurs during rekey on the IPsec key engine process.
Conditions: This symptom occurs after rekey, when the IPsec key engine does not release KMI
memory, causing the IPsec key engine holding memory to keep increasing.
Workaround: Clear crypto session for IPsec key engine to release memory.
CSCua94334
70
OL-26698-16
Symptom: Hung calls seen in show call active voice brief are as follows: 1502 : 26 36329310ms.1
-1 pid:1 Answer XXXYYY4835 connected dur 00:00:00 tx:0/0 rx:0/0 IP 0.0.0.0:0 SRTP:
off rtt:0ms pl:0/0ms lost:0/0/0 delay:0/0/0ms g729r8 pre-ietf TextRelay: off media
inactive detected:n media contrl rcvd:n/a timestamp:n/a long duration call detected:n
long duration call duration:n/a timestamp:n/a.
Conditions: This symptom is observed when an inbound H225 call setup request to a CME gateway
results in a hung call if a release complete is received while still in alerting state. This issue occurs
only when the shared line is configured on the phone and the shared line is not registered.
Workaround: Remove the shared line or register the shared line.
CSCub04205
Symptom: Incorrect phone screen display, when an incoming call is forwarded. Specifically, with
the following config- alias 1 666 to 85004001 cfw 85004002 timeout 5 calling from external
PSTN phone number ex:0612345678 To 4597, which is translated to 666, first rings the phone
85004001 and when it is ringing, screen phone display is OK. When the call is cfw'd to the second
phone ( 85004002 ), the screen phone display : Forward 612345678 For 04929 (850... By 04929
(666) is incorrect. The number 04929 is corresponding to the external phone number mask in
CUCM of an other IP phone. The external phone number mask displayed is the field "name" or
"description" of the FIRST ephone recorded in the SRST router ( see "call-manager-fallback
ephone-dn" attached file), whatever the redirect phone number used the mask is ALWAYS the one
of the first ephone recorded.
Conditions: 1. SRST 2. alias command, under call-manager-fallback.
CSCub07288
Symptom: Path Confirmation fails between 2 SIP phones in a blind transfer scenario over SIP trunk.
Conditions: This symptom is observed when no supplementary-service SIP refer is configured.
Workaround: Configure supplementary-service SIP refer.
CSCub07868
Symptom: The show controller pos pm command does not display the correct SFP line type for
'SPA-1XOC12-POS'.
Conditions: Line type is shown as LONG MM for all SFPs in show controller pos pm.
Workaround: show hw-module subslot x/y transceiver #port idprom brief IDPROM for
transceiver POS0/1/0:
Description = SFP or SFP
optics (type 3)
Transceiver Type:
= OC12 LR-1/STM4 L-4.1 (12).
CSCub07931
Symptom: White noise after Transfer completion.
Conditions: SRTP-RTP xcoder is allocated on CUBE. Version 15.2(3)T1.
CSCub13457
Symptom: Memory Leak seen at xcode_associate_local_stream.
Conditions: Leak could be seen for SIP-SIP transcoded call with mid-call UPDATE (with SDP)
pass-through or UPDATE-to-ReINVITE cases.
Workaround: Disable UPDATE, instead use ReINVITE for mid-call renegotiations.
CSCub14044
OL-26698-16
71
Symptom: A crash with traceback is seen, and all calls are dropped.
Conditions: This symptom is observed under all conditions.
Workaround: There is no workaround. The gateway crashes, and the soak time appears to be six
weeks.
CSCub16403
Symptom: On the ASR1K series of routers running the Flexible Netflow feature, when the command
show flow monitor MON cache is issued timestamps are displayed as local wallclock time. These
timestamps may be skewed by the time delta between how long the Route Processor (RP) has been
up and how long the Forwarding Processor (FP or ESPXX) has been up. This delta is typically in
the range of several minutes but it may be even longer than that.
Conditions: ASR1K router running Flexible Netflow when show flow monitor MON cache
command is issued.
CSCub18086
Symptom: FlexVPN IKEv2 adding ipv4 address and not adding ipv6 address to the tunnel interface.
Conditions: Unassigned local pool on client.
CSCub28997
Symptom: Overlord crashes with 2000 crypto sessions (4000 IPSec SAs) upon repeatedly clearing
and reestablishing the SAs.
Condition: The box is configured with 1K VRFs and 1K Virtual templates. And the crypto sessions
are repeatedly cleared/reestablished.
CSCub33119
Symptom: sh pl software interface fp active name interfacexxx ip reassembly? command doesn't
display reassembly parameter correctly.
Conditions: When the router is not configured reassembly max-reassembly value, it is using its
default value 16. in this case, ios sh ip reassembly gigabitEthernet 0/0/0 will display this value
correctly, but binos (show platform software inter fp active name xxx ip reassembly) will not.
CSCub34318
Symptom: Some of SIP calls between Cisco IOS Voice gateway and a remote SIP UA that is behind
a NAT router may experience audio issue (one way audio) if a private IP address is being advertised
by the remote site for the media connection.
Conditions: When Cisco IOS Voice gateway has a peer SIP UA that is behind a NAT router, and a
private IP address is being advertised during the call setup by the remote side, you may need to
enable, on the IOS Voice Gateway, support for Symmetric NAT traversal using "nat symmetric
check-media-src" command to have the voice gateway to learn the media address and port from the
first incoming RTP packet. But two consecutive 180 responses received by the IOS Voice gateway
(during call setup) with different "To:" tags (what is a normal behavior of a SIP Proxy), is breaking
this support for "SIP NAT symmetric" feature. And you will experience one way audio issue even
though "nat symmetric check-media-src" is configured.
CSCub35268
72
OL-26698-16
Symptom: Call dropping issue was found while testing new network based features on AT&T's
FlexReach network. The features are network-based Simultaneous Ringing and Sequential Ringing.
Conditions: The following is the behavior for Simultaneous Ringing: 1. Hopon call from PSTN to
7323204351 2. Both Phone 2 (7323204351) and Phone 3 (7323204350) ring 3. Phone 3 is answered,
but immediately drops 4. Phone 2 stops ringing (I see CANCEL from AT&T for this call-id) 5. PSTN
caller continues to hear ringback tone Per the attached trace, CUBE fails to send a 200 OK with SDP
in response to AT&T's re-INVITE to open up the voice channel. For Sequential Ringing: 1.
HOPON from 4085271217 (Phone 1) to Phone 3 (7323204350) 2. Note the INVITE has media
attribute codec pref 18 0 100 ; INACTIVE 3. CUBE sends 100 Trying then 180 Ringing 4. Phone
rings ~3X then call is cancelled by AT&T side by sending SIP CANCEL message 5. CUBE
acknowledges by sending 200 ok followed by 487 Request Cancelled 6. AT&T sends INVITE to
Phone 2 (7323204351) with media attribute codec pref 18 0 100 ; INACTIVE 7. CUBE sends 100
Trying then 180 Ringing 8. Upon answer - CUBE sends 200 ok with no codec pref in media
attribute 9. AT&T sends re-INVITE - with no SDP 10. CUBE sends 100 Trying 11. AT&T sends
BYE even before CUBE can send 200 ok 12. Caller from AT&T side hear continuous RINGBACK
tone Again, per the attached trace on Sequential Ringing, CUBE fails to send a 200 OK with SDP
in response to AT&T's re-INVITE to open up the voice channel. Per AT&T, their side might be
sending the BYE because CUBE sends its initial 200 OK with SDP but no codec preference. (refer
to Sim. Ring Trace).
CSCub39131
Symptom: Packets are dropped.
Conditions: 5cps basic sip call.
Workaround: Reduce the traffic load from 5 CPS to 2 CPS.
CSCub42181
Symptom: The router crashes continuously after a normal reboot due to power or some other reason.
Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M4, RELEASE
SOFTWARE (fc1) uptime is 4 days, 11 hours, 38 minutes System returned to ROM by error - a
Software forced crash, PC 0x88D26F0 at 07:42:45 UTC Sat May 5 2012 System restarted at
07:43:55 UTC Sat May 5 2012 System image file is
"flash:c3900-universalk9-mz.SPA.150-1.M4.bin" ; Last reload type: Normal Reload
---------------------------- generated Traceback:
Pre Hardware Replacement
Crashinfo: ------------------------------------ #more

flash0:crashinfo_20120519-165015-UTC
------------------
------------------ Traceback Decode:
tshakil@last-call-2% rsym
c3900-universalk9-mz.150-1.M4.symbols.gz Uncompressing and reading

c3900-universalk9-mz.150-1.M4.symbols.gz via /router/bin/zcat
c3900-universalk9-mz.150-1.M4.symbols.gz read in Enter hex value: 0x88D1D88z
0x88D27C0z 0x729E558z 0x729E6F4z 0x495F298z 0x4962FC8z
0x88D1D88:fsm_crank(0x88d1d2c) 0x5c 0x88D27C0:fsm_exec_w_option(0x88d2650) 0x170
0x729E558:htsp_process_event(0x729e1d4) 0x384 0x729E6F4:htsp_main(0x729e62c) 0xc8
0x495F298:ppc_process_dispatch(0x495f274) 0x24 0x4962FC8:process_execute(0x4962e24)
0x1a4 Enter hex value: 0x88D1D88z 0x88D27C0z 0x729E558z 0x729E6F4z 0x495F298z
0x4962FC8z 0x88D1D88:fsm_crank(0x88d1d2c) 0x5c
0x88D27C0:fsm_exec_w_option(0x88d2650) 0x170 0x729E558:htsp_process_event(0x729e1d4)
0x384 0x729E6F4:htsp_main(0x729e62c) 0xc8 0x495F298:ppc_process_dispatch(0x495f274)
0x24 0x4962FC8:process_execute(0x4962e24) 0x1a4 Enter hex value:
-------------------------------- Crash File Post Installation:
------------------------------
#more flash0:crashinfo_20120519-185725-UTC
------------------ Traceback Decode: -----------------
Enter hex value: 0x88D1D88z
OL-26698-16
73

0x4962FC8z
0x88D1D88:fsm_crank(0x88d1d2c) 0x5c

0x24 0x4962FC8:process_execute(0x4962e24) 0x1a4
---------------------------------------------------
Conditions: This symptom is observed with the following conditions: - MGCP gateway. - Take out
all the modules from the router. - Put the modules one by one. - Apply the configuration. - The router
is stable. The lab test recreated as follows: 1) Disable auto-configuration, that is, "no ccm-manager
config". 2) Reload the gateway. 3) Enable the CCM manager configuration and the router does not
crash.
Workaround 1: Bypass the start-up configuration and log in via ROMmon without any configuration.
Add the configuration one by one. Once the configuration is added, save the configuration and
reload the gateway.
Workaround 2: Shut down the router and add the cards one by one in slots 0, 1, 2, 3, and 4. The
device is stable until the third slot is inserted and brought up. As soon the router is powered on, after
adding the fourth slot, the crash starts. Shut down the router and remove the card in slot 4
(EVM-HD-8FXS/DID). Bring the device up without the card in slot 4 (EVM-HD-8FXS/DID).
Remove the "mgcp" and "ccm-manager fallback-mgcp" configuration from the device because the
console log is displaying the "Call Manager backhaul registration failed" error message. Shut down
the router and add the card which was removed. Bring up the router. Read the ccm-manager
fallback-mgcp command and do a "no mgcp/mgcp". The router becomes stable.
Workaround 3: Remove the ccm-manager config command by no ccm-manager config which tears
down the connection from the call manager to the MGCP gateway. The gateway will not download
the configuration from the call agent at the time of startup. Reload the router. Once the router is back
and stable, readd the command.
CSCub46423
Symptom: Connecting from Windows 7 L2TP/IPSec client to the VPN fails when using HSRP
virtual IP as a gateway IP and Error 788 is displayed.
Conditions: This symptom is observed with Cisco IOS Release 15.2(3)T or later releases, and the
Windows 7 L2TP/IPsec VPN client.
Workaround: Downgrade to Cisco IOS Release 15.1(3)T.
CSCub46841
Symptom: CUBE reboot.
Conditions: Under recording load.
CSCub49291
Symptoms: Static tunnels between hubs and spokes fail to rebuild.
Conditions: The symptom is observed when you reload the hub on the DMVPN IPv6 setup with
DPD on-demand enabled on all spokes.
CSCub50350
74
OL-26698-16
Symptom: Remote loopback messages under show interface and show controller output are not set
correctly.
Conditions: This symptom occurs due to the remote loopback configuration.
CSCub50601
Symptom: Cube CME Call - Working with SCCP XCoding / Not Working with LTI.
Conditions: HA Configuration exists on Cube.
Workaround: Don't Configure HA.
CSCub50695
Symptom: The netflow data is fragmented when an IPv6 exporter is used.
Conditions: The symptom occurs when:
An IPv6 exporter is used
A large amount of data is to be exported at once.
CSCub50708
Symptom: call flow: PSTN--3rd party ---SIP--CUBE--SIP--3rd party--agent IOS version:
c3900-universalk9-mz.SPA.151-3.T3 when CUBE receive multiple 183 session progress,
for the 3rd 183 session progress
<-200 OK for INVITE
105.
<- the third 183 session progress
->ACK for INVITE
-->REINVITE 105
-> PRACK 104
<-200OK for PRACK 104
->ACK
The ACK for the PRACK has the wrong Cseq number. It should be 104 instead of 105.
Conditions: CUBE receives multiple 183 session progress.

CSCub51279
Symptom: A Cisco ASR1k series router resets its FP with FW NAT feature combination.
Conditions: A Cisco ASR1k series router resets its FP with FW NAT feature combination along with
traffic.
CSCub52943
Symptom: When executing Media Forking with midcall codec change, memory leaks are found in
Cisco ASR for CCSIP_SPI_CONTROL. After decoding, the memory leak is found to be for the
function is_x_participant_sips() as it is not releasing the memory after allocated with some memory.
This seems to be a side effect of one of the DDTS that was committed to Cisco IOS Release
15.3M&T (CSCtz96408).
Conditions: This symptom occurs when executing Media Forking with midcall codec change.
Workaround: The fix is done and is committed to Cisco IOS Release 15.3M&T.
CSCub53856
Symptom: On ASR1K and related platforms, when configuring a Flow NetFlow (FNF) Performance
Monitor with a record that has a large number of fields (typically 30 or more), the following
traceback may be observed at the time that the Service Policy is bound to the interface:
%FNF-3-FNF_FIELD_LIST_TOO_LARGE: Field_list too large, max 32.
Conditions: Configuring a Performance Monitor, typically with more than 30 fields, and binding it
to an interface via a Service Policy.
OL-26698-16
75
Workaround: Reduce the number of fields. Using fewer than 30 should work, although it does
depend on the exact fields in the record.
CSCub56064
Symptom: Ping fails after doing EZVPN client connect if CEF is enabled.
Conditions: This symptom is observed with the Cisco IOS Release 15.3(0.8)T image. This issue is
seen only for a specific topology, where the in/out interface is the same.
CSCub57913
Symptom: The memory of ESP is exhausted due to continuous leak in the cpp_ui_pfr TDL
messages.
Conditions: This condition occurs when the show platform hardware qfp active feature pfr is
used repeatedly.
CSCub58775
Symptom: The stand by RP of the Cisco ASR1000 routers might crash if the Stby-rp "cmand" core
is written after ASR1013-PWR-DC replacement.
Conditions: This issue occurs either after an OIR of a power-supply or when similar events occur.
CSCub59275
Symptom: Configuration of CT3 controller Serial interfaces does not match between standby RPs.
Several error messages such as there are generated :
%COMMON_FIB-4-FIBHWIDBMISMATCH: Mis-match between hwidb Serial1/0/1/2:0 (ifindex
634) fibhwidb Serial1/0/1/1:1 (ifindex 634) - appears on standby RP during controller configuration.
IP addresses are assigned to wrong Serial interfaces. Due to mismatch of interfaces, during RP
switchover traffic does not pass through.
Conditions: This condition occurs when the CT3 SPA is configured on a dual RP router
CSCub60278
Symptom: OSPF neighbor cannot bring up over point to multipoint atm bundles.
Conditions: This condition occurs when two Cisco ASR 1000 routers are directly connected with
ATM pvc bundles, one end is point-to-point sub-interface and the remote is multipoint sub-interface.
When you try to run OSPF over bundle, the OSPF neighbors bring up over point to multipoint atm
bundles.
Workaround: Change to P2P ATM interface.
CSCub61637
Symptom: Mid-call xcoder insertion does not happen when TCL app is involved in the call
Conditions: TCL app initially connects a SIP trunk call to SCCP phone and later transfers to CUEvoice mail
Workaround: Do not use TCL app or have same codec settings on either side of trunk
CSCub62988
Symptom: Cisco ASR 1000 routers crashes consecutively.
76
OL-26698-16
Conditions: This condition occurs on Cisco ASR 1000 routers with ESP10 with ios 15.2(2)S
CSCub63146
Symptom: No modem upspeed.
Conditions: This condition occurs when modem pass through protocol based configured include
g711/silence suppression in the RINGING/200 OK
Workaround: Use SIP profile to strip "silence suppression off" in the incoming messges of the intial
call setup
CSCub63208
Memory corruption detected in memory, when allocated for RTCP statistic
Symptom: An error occurs when CALL_CONTROL-3-STAT_MEMORY_CORRUPTED: Memory
corruption detected in memory=XYZ allocated for RTCP statistic.
Conditions: This condition is occurs when call involves trans-coding.
CSCub64068
Symptom: "CPPOSLIB-3-ERROR_NOTIFY F0: cpp_cp: cpp_cp encounters an error" log message
with tracebacks. This results in a ESP crash or control plane or configuration events are not
processed on the ESP.
Conditions: This symptom is observed with a combination of ESP20 or ESP40 and CC40 installed
on a Cisco ASR 1006 router or Cisco ASR 1013 router. This issue is observed when the CC40 does
not have SPAs installed in bay 0 or 2 and bay 1 or 3.
Workaround: If you have two or more SPAs installed in the CC40, ensure that there is a SPA in bay
0 or 2 and bay 1 or 3. If you only have one SPA installed in the CC40, there is no workaround.
CSCub65151
Symptom: The Cisco ASR 1000 CPP crashes when shutting down core facing MPLS interfaces on
NPE
Conditions: This condition occurs rarely.
CSCub65380
Symptom: when SIP gateway receives an INVITE with user=phone in the request URI, the prefix"
" is removed from phone number. For example, when gateway receives the following INVITE
INVITE sip: 1234567;npdi=yes@14.50.219.4:5060;user=phone SIP/2.0 It will route the call to
1234567, instead of 1234567
Conditions: This condition is observed when user=phone in the request URI.
CSCub66957
Symptom: ESP40 Crash seen with 4% traffic on a basic LSM setup . Basic LSM setup of PE-P-PE.
1 join for SM, 1 join for SSM, 1 join for Bidir. (Both v4 and v6)
Router is performing a tail end (Disposition) function.
Moment traffic hits the box, ESP 40 crashes. (4% of Gige line rate, 2% for v4 and 2% for v6)
Conditions: ESP40 crashes when traffic passes through the router.
OL-26698-16
77
Workaround: Disabling LRE fixes the issue set platform hardware qfp active feature multicast v4 lre
off set platform hardware qfp active feature multicast v6 lre off.
CSCub68021
Symptom: A show interface command on a SPA interface shows "0" for "unknown protocol drops",
yet when the same interface is polled for ifInUnknownProtocols, a value is returned.
Conditions: This condition is observed during normal polling.
CSCub68200
Symptom: FP may crash while flapping sessions with ISG services, or flapping the ISG services
themselves.
Conditions: This behavior might be seen on the Cisco ASR 000 routers running 15.1(2)S images or
later. The ISG services involved must be Traffic Class services, and they may have any of L4R,
DRL/Policing, or accounting-based features applied. The behavior may be observed when such
services are quickly added and removed from a subscriber.
CSCub68814
Symptom: CUBE sends response to reinvite from CVP through proxy, not respecting Via header of
reinvite. Response should be sent directly back to CVP
Conditions: SIP call routing from ITSP to CUBE to SIP Proxy to CVP. Initial transaction is handled
through the proxy. With record route turned off the CVP sense reinvites directly to the CUBE,
bypassing the proxy. The Via header of the reinvites indicated to send responses directly back to
CVP. However the CUBE sends the responses to the proxy.
CSCub69414
Symptom: Traceback at FreeUInt64 on booting up router
Conditions: An ASR 1006 router running mcp_dev towards XE38 On booting up the router seeing
a traceback
Workaround: The tracebacks are due to snmp-server enable traps entity-qfp mem-res-thresh.
Disable the snmp-server enable traps entity-qfp mem-res-thresh.
CSCub69764
Symptom: Occasionally, after full chassis reload, all ATM autovc fail to come up upon reception of
PADI. CPE gets no PADO. All PPPoEoA sessions fail to establish on the chassis.
Conditions: Trigger unknown. This condition occurs intermittently, after full chassis reload, once
every ~50 reloads.
Workaround: If the condition occurs, reload the chassis again.
CSCub70819
Symptom: There is no way for customers to upgrade existing throughput licenses. (ex. from
throughput_10g to throughput_20g)
Conditions: This symptom is not caused by any specific conditions.
Workaround: The throughput value can be obtained by installing the corresponding exact throughput
license.
CSCub71981
78
OL-26698-16
Symptoms: The show voice register pool on-hold brief command displays the same number (for
both phone number and remote number) when both local and remote phone are put on-hold.
Conditions: This symptom is observed when with Cisco IOS Release 15.3(8)T.
CSCub73484
Symptom: Standby ESP100 reloaded.
Conditions: 4k IKEv2 IPv6 static crypto map 4k VRF (ivrf = fvrf). Running bi-directional IMIX
traffic @ 4Gbps for 5 minutes.
CSCub74272
Symptom: Intermittently during Phase II rekey, after new SPIs are negotiated and inserted into SPD,
old SPIs are removed and then VTI tunnel line protocol goes down
Conditions: This symptom is observed with Cisco IOS Release 15.2(3)T, with VTI over GRE.
CSCub74279
Symptom: While ringing, warm transfer committed which does not negotiate with video. Agent-1
complete transfer to Agent-2, while agent-2 is ringing and after sometime Agent-2 pick up the call.
Conditions: This symptom is observed when:
Caller and Agent-1 had 2-way audio.
Agent-1 did a warm transfer. Caller puts on hold and Agent-2 is ringing.
Agent-1 complete the warm transfer. Still Agent-2 is ringing.
After sometime Agent-2 pick up the call.
CSCub76384
Symptom: In legacy call-park mechanism, when a call is parked and if the parkee hangs up while
waiting for the parked call to be answered, the final party who dials the park slot DN hears MOH
and is put on hold and is unaware that the parkee has dropped the call.
Conditions: This symptom is observed in CME : 8 and 9 versions (tested till CME 9.0) IOS : 15.X
(tested till 15.2(3)T1)
Workaround: Add the following under "telephony-service" to move from legacy call-park
mechanism: call-park system application.
CSCub76612
Symptom: The console reports "%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F0:
fman_fp_image: PFR TT Enable download to CPP failed" and prints traceback. Also, ASR 1000
router may reload with fman_fp core file
Conditions: FMAN-FP reports PfR ERR log when there is PfR session flapping between MC and
BR.
CSCub78299
Symptoms: Ping fails from host1 (192.168.1.2) to host2 (192.168.4.2).
Conditions: This symptom occurs when Suite-B is configured on IPsec sa.
OL-26698-16
79
CSCub79318
Symptom: Codec changes spontaneously during mid-session without a RE-INVITE
Conditions: This symptom occurs with the following conditions:
Fax passthrough is configured.
Codec negotiated is G711alaw, and changes to G729.
CSCub79543
Symptom: CLI changes in the show spi details command
CSCub79806
Symptom: - H323 GW disconnects call due to pre-ACF notify
A sample signaling flow: GK---(h323)----GW---(h323)---CVP <----SETUP------ <-----ARQ----<----NOTIFY----- -----Disengage-> ------ACF---->
Conditions: - Notification is received by the GW prior to the ACF
CSCub80491
Symptoms: A Cisco router may experience alignment errors. These alignment errors may then cause
high CPU.
Conditions: This symptom occurs as the alignment errors require using Get VPN. It is currently
believed to be related to having the Get VPN running on a multilink interface, but this is not yet
confirmed.
CSCub80654
Symptoms: Randomly, there is no audio if a call comes from the following call flow using G729:
IP Phone -- CUCM -- ICT GK Controlled -- GK -- CME 9.1 -- Phone A and B If one of the phones
in CME tries to GPickup the call randomly, it will have no audio. When this happens, if you check
the codec directly in the phone, it is G711. However, when it works, it is G729. Everything is
configured for G729. Even if you hard code the phone in CME to use G729, this issue will occur.
This issue does not occur in CME 7.1.
Conditions: This symptom occurs if a call comes from GK as G729 and CME 9.1 is being used.
Workaround: Use CME 7.1 or enable fast start in CUCM Trunk by enabling the following check
boxes:
Media Termination Point Required
Enable Outbound FastStart
CSCub80710
Symptoms: SSL handshake between Cisco VCS and the Cisco ASR fails if the Cisco ASR 1000
router is running Cisco IOS XE Release 3.7S. image
80
OL-26698-16
Conditions: This symptom occurs in a working setup, if the Cisco ASR is upgraded to Cisco IOS
XE Release 3.7S, then SSL handshake and subsequently SIP-TLS calls start to fail. If in the same
setup, the Cisco ASR is downgraded back to Cisco IOS XE Release 3.5S or Cisco IOS XE Release
3.4.4S, then the calls work (without requiring any additional changes).
CSCub81374
Symptom: ASR1001 Feature Navigator does not show correct image to license mapping
Conditions: This condition is observed for ASR1001 ordering with or without licenses.
CSCub81489
Symptom: show tech-support out is not displayed intermittently.
Workaround: Execute show log or any other show tech-support command, out is displayed again.
CSCub82275
Symptom: Cisco ASR 1000 Routers may experience reloads on the ESP module due to a CPP driver
fault during an in-2-out NAT translation. .
Conditions: Issue has been observed with IOS 15.2S, but not in 15.1S when NAT is enabled. No
other requirements known.
Workaround: Disable NAT or downgrade to a 15.1 release.
CSCub83071
Symptom: Traceback is observed during RP switchover with mediatrace configuration, since SSO
is not supported by mediatrace.
Conditions: This condition is observed when configure mediatrace and RP switchover is performed
twice.
Workaround: There are two workarounds:
Remove mediatrace configuration before running RP-switchover. Add mediatrace configuration
on new active RP.

If traceback occurred, remove mediatrace configuration and reapply it.
CSCub83960
Symptom: After the second RP switchover, mcast traffic stop forwarding by PE.
Conditions: mVPN topo, during mcast traffic sending, do RP switchover on PE1.
Workaround: Using Clear ip mroute * to make the global MDT mroute re-built can restore mcast
traffic before or after the second switch-over.
CSCub84076
Symptoms: CRYPTO MAP ACL FILTERING TEST FAILED due to indent counters
Conditions: CRYPTO MAP ACL FILTERING TEST FAILED due to indent counters
CSCub84204
Symptom: GTPv0 request dropped and failed to create session
OL-26698-16
81
CSCub85608
Symptom: ASRNAT address leak may occur. This will show a larger number of allocated addresses
in show interface nat stat command, then the translations that exist for that address via the show
ip nat trans command
Conditions: This issue only occurs when a dynamic route-map configuration is used and the NAT
sub-drop code ESP_CREATE_FAIL is incrementing (i.e. there must be ESP traffic).
Workaround: The leaked addresses can be reclaimed periodically by executing a clear ip nat trans
* command, but that will be disruptive to users so this task should be schedule during off-hours.
CSCub86791
Symptom: The maximum active memory for NBAR flows exceed the maximum allowed memory
Condition: 1RU platform XE3.8 installed. maximum flows set to 750000 you have traffic which
contains flows higher than 750000
CSCub86827
Symptom: To enable CFA to 918079611, then press 'CFwdALL' softkey and enter any 4 digit
number, then enter 918179611 and press end. After this we will be able to see "Forwarded to
918179611" on Phone.
Conditions: This condition is observed when SRST mode is configured with after hours.
Workaround: Remove the after hours configuration .
CSCub89144
Symptoms: In a VTI scenario with HSRP stateless HA, the tunnel state on standby is up/up.
Conditions: This symptom occurs when HSRP is configured and there is no SSO configuration.
CSCub89150
Symptom: pw with backup
Conditions: switch between active/standby pw
Workaround: reload the boxes
CSCub89157
Symptom: GTP: CPC response message is dropped.
Conditions: This condition occurs when cause is not equal 128.
Workaround: Resend the messages.
CSCub89194
Symptom: On boot, the group member registers KS twice.
Conditions: This condition is observed only during bootup.
CSCub89711
Symptoms: The atm keyword in the show command disappears after a SPA power shut.
Conditions: This symptom occurs when a SPA card is powered shut and is brought back up using
the no form of the previous command.
82
OL-26698-16
CSCub90459
Symptoms: If CUBE has midcall reinvite consumption enabled, it also consumes SIP 4XX
responses. This behavior can lead to dropped or hung calls.
Conditions: This symptom occurs when midcall reinvite consumption is enabled.
CSCub91150
Symptom: Cannot ping SBC interface from ASR 1000 Router
Conditions: This condition is observed when
SBC interface created with netmask /32
SBC activated
Workaround:
Deactivate SBC
Delete SBC interface and re-create it again.
CSCub91178
Symptom: ALG FTP44 does not work, fails to establish data path.
Conditions: This issue occurs under the following conditions:
Divide two networks into two vrf, both client and server reside in different network.
Topo: Client --- Gi 0/0/0 --- vasileft 1 --- vasiright 1 --- Gi 0/0/1 ---- Server
(inside)
(outside)
(outside)
(inside)
vrf_in
vrf_out
For vrf_in, there's dynamic NAT access-list 10 permit 10.0.0.0 0.255.255.255 ip nat pool in
202.120.0.2 202.120.0.10 prefix-length 24 ip nat inside source list 10 pool in vrf vrf_in overload.
For vrf_out there is one inside static nat ip nat inside source static 192.168.0.2 202.119.0.2 vrf
vrf_out Client runs FTP active mode.
Workaround: Use dynamic NAT .
CSCub91815
Symptom: Certificate validation fails with valid certificate.
Conditions: This symptom is observed during DMVPN setup with an empty CRL cache. This issue
is usually seen on the responder side, but the initiator can also show this behavior.
Workaround: There is no known workaround.
CSCub93048
Symptom: NHRP error message should indicate node IP that triggers the Error Syslog message
format is changed to include the trigger source, source NBMA and destination addresses.
Example: %NHRP-3-PAKERROR: Received Error Indication from 10.0.0.2, code: administratively
prohibited(4), (trigger src: 10.0.0.1 (nbma: 172.16.1.2) dst: 192.168.2.1), offset: 0, data: 00 01 08
00 00 00 00 00 00 FE 00 68 F4 03 00 34
Conditions: This condition is observed when NHRP error indication is received on the box.
CSCub93228
Symptom: Traffic not passing even it matches the filter conditions are met.
OL-26698-16
83
Conditions: This condition in observed when IPv4 and IPv6 co-exist in the interface configuration
and with FW NAT configuration.
Workaround: Instead of using pre-natted source address in ACL, use post-nat source address.
For example, if the following static NAT is used, IP NAT inside source static 36.1.1.2 37.1.1.83
In order to allow traffic from host 36.1.1.2 to pass thru fireall, the ACL should be :
ip access-list extended foo-list
permit ip host 36.1.1.2 any
Due to this list, the acl can be configured as follows to workaround the issue:
permit ip host 37.1.1.83
CSCub93496
Symptoms: One-way video from CTS-1000 to TS-7010 is seen in the following topology:
CTS-1000 (v1.9.1) >>> CUCM 8.6.2aSU2 >>> CUCM 9.0 >>> CUBE 15.1.2T (2811) >>> CUBE
15.1.4M4 (2951) >>> CUCM9.0 >>> VCS X7.1 >>> TS-7010 2.2
Conditions: This symptom occurs when SDP Passthrough mode on CUBE is used.
Workaround: RTP payload types 96/97, which are associated with fax/faxack need to be remapped
to some other unused values.
CSCub94825
Symptoms: After Cisco IOS XE bootup, there are no static reverse routes inserted as a result of
applying/installing and HA crypto map. The same issue is present on the HSRP standby device,
namely, the static RRI routes will not get installed in case a failover occurs. The show cry map
command can be used to verify that RRI is enabled. The show cry route command can be used to
determine if RRI has happened and if it has been done correctly.
Conditions: This symptom is observed with the following conditions:
Cisco IOS XE Release 3.5 up to Cisco IOS XE Release 3.7 - VRF-aware IPSec with stateless
HA and static RRI - IPv4 Workaround: Removing and reentering the reverse-route static
command into the configuration will actually trigger the route insertion.
Problem Description After IOS-XE bootup, there are no static reverse routes inserted as a
result from applying/installing and HA crypto map. Same issue is present on the HSRP standby
device, namely, the static RRI routes will not get installed in case a failover occurs. show cry
map.
can be used to verify that RRI is enabled show cry route - can be used to determine if RRI has
happened and if its been done correctly Conditions IOS-XE 3.5 - 3.7 VRF aware IPSec with
stateless HA and static RRI IPv4.
Workaround: Removing and re-entering the reverse-route static command into the configuration will
actually trigger the route insertion.
CSCub96558
Symptom: Phone calls to a Directory Number (DN) on a Cisco Communications Manager Express
(CME) system gets continuous ringback tone instead of forwarding to a voicemail number or any
other configured "call forward" destination.
Conditions: The problematic DN is a "shared line" between a SIP phone and a SCCP phone
registered to the same Cisco CME system. Both SIP and SCCP phones that have the "shared line"
are configured with the same "call forward' parameters. The CME system version is 9.0 or higher.
The SCCP phone is "unregistered" from the CME system during the problem occurrence.
Workaround: Since the problem only happens when the SCCP phone is "unregistered" from the
CME system, possible workarounds would be:
84
OL-26698-16
Diagnose and fix the "unregistration" issue on the SCCP phone

Configure the "shared line" on another SCCP phone that is registered and reset the phones
CSCub96576
Symptom: Reload may occur when removing static rmap mapping.
Conditions: On ASR1k NAT very rarely reload may occur when removing static rmap mapping
CSCub97641
Symptom: Netflow was tested on NAT CGNmode, abnormal Netflow log was found . But no issues
were found for the default mode .
Conditions: configure as CGN mode : ip nat log translations flow-export v9 udp destination
10.75.163.59 9995 ip nat settings mode cgn
CSCub98177
Symptom: In the ASR1K that has a LAC running IOS XE RLS3.5.2, disconnects the PPP session by
TermReq without any reason, each time in the show pppoe stat incrementing the SSM
DISCONNECT.
Conditions: This symptom occurs in the SSO mode, RP switchover.
CSCub98357
Symptom: A Cisco router running IOS-XE release 3.6.0S, IOS release 15.2(4)M or newer may
reload.
Conditions: This condition is observed during key exchange with OCSP disable nonce configured.
Workaround: Disable 'ocsp disable-nonce'.
CSCub99205
Symptom: Mod F: Shaper becomes inactive when policy-map rem/add back on sub-interfaces
Conditions: This issue occurs each time on rem/add on sub-interface.
Workaround: Changing shaper value reactivates shaper.
CSCub99216
Symptom: With DMVPN phase2, the DMVPN hub is not responding to a resolution request for an
address that the hub has an authoritative cache entry. Instead it's forwarding the request along the
routed path.
Conditions: - This problem is observed in a DMVPN phase 2 deployment environment, where the
hub router is configured with no ip nhrp cache non-authoritative command. - XE 3.6 and above.
CSCub99756
Symptoms: The Cisco ASR 1000 router running Cisco IOS Release 15.2(4)S acting as a GM in a
Get VPN deployment starts using the most recent IPsec SA upon KS rekey instead of using the old
key up to 30 seconds of expiration.
Conditions: This symptom is observed only in Cisco IOS Release 15.2(4)S.
OL-26698-16
85
CSCub99778
ASR1K GETVPN GM does not attempt registration after reload interface up
Symptoms: The Cisco ASR 1000 router being GM in a Get VPN deployment fails to start GDOI
registration after a reload.
Conditions: This symptom occurs when running Cisco IOS Release 15.2(4)S. The following error
is displayed in the show crypto gdoi command output after reload. Registration status: Not
initialized.
Workaround: Use an EEM script to issue clear crypto gdoi command some time after boot time or
issue this manually.
CSCuc00465
Symptom: configured permit-error, for 3GPP RLS7&8 req/resp, sessions are created, but for those
unknown/unwanted IE, gtp counter does not work correctly.
Conditions: This condition is observed when permit-error is turned on.
CSCuc00658
Symptom: Unable to ping direct connected peer ip address.
config ip reassembly on sub interface
configure ipv6 reassembly on the same sub interface
no sub interface
CSCuc01194
Symptom:
If there is a "peer .. fqdn ..." statement in the startup-config
For example: crypto ikev2 client flexvpn flex
peer 1 fqdn <FQDN>
Then after rebooting, the "peer ..." statement may be missing from the running-config.
Conditions: This occurs because at boot time, when the startup-config is parsed, there is no DNS
connectivity so the DNS resolution of the FQDN fails and hence the command is not accepted.
Workaround: Remove the peer and add it again with the "dynamic" keyword, i.e.:
client flexvpn flex no peer 1 fqdn <FQDN> peer 1 fqdn <FQDN> dynamic
Note
crypto ikev2
This process will delay the DNS resolution of the fqdn until the VPN tunnel is built.
CSCuc01368
Symptom: This is issue introduced in skyrise as part of a feature. This a display issue due to space
length defined for displaying ipv6 addresses
Conditions: Media addresses being used is IPV6 and when show voip rtp connections is run.
CSCuc02916
Symptom: IPv6 packet with Hop-By-Hop extension header is dropped when the packet is sent out
to L2TP Virtual-Access interface.
86
OL-26698-16
Condition: Cisco ASR 1000 router is configured as L2TP LNS. At that time, EssUnsupPktType drop
counter is incremented.
CSCuc02921
Symptom: ESP crash.
Conditions: When SYN cookie protection is being triggered, and the packet TCP data offset is
wrong.
Workaround: Do not configure SYN cookie protection.
CSCuc03389
Symptom: traceback message can be observed on the voice gateway %SDP-3-SDP_PTR_ERROR:
Received invalid SDP pointer from application. Unable to process. -Traceback= 0x637B4F10z
0x61ADC2B4z 0x61A4886Cz 0x61AD6AC8z 0x619919BCz 0x6199A6C8z 0x61B30364z
0x61B3082Cz 0x63A7BCACz 0x63A7BC90z
Conditions: Router with IOS 15.1(3)T4
CSCuc03831
Symptom: During system shutdown, occasionally the system will reboot, with a soft reset indication
shutdown, before the system reaches a safe reboot state.
Conditions: This condition is observed when the system is trying to shutdown and system reaches
an error state. the system unexpectedly reboots with a soft reset indication, but no core or tracefiles
are saved.
CSCuc04061
Symptom: When CUCM sends a single digit ASR is sending multiple NTE events as expected
however the Marker bit is incorrectly set to TRUE most of them.
Conditions: ASR1006 running 15.2(2)S1 is configured as an MTP.
This problem is observed on the release 3.6.1 (asr1000rp1-adventerprisek9.03.06.01.S.152-2.S1)
image.
The release 3.4.3 (asr1000rp1-adventerprisek9.03.04.03.S.151-3.S3.bin) image is not affected.
CSCuc04837
Symptom: On serial interface the IOS counters for input packets, input errors and aborts increase
even after the interface is administratively shutdown
Workaround: As this is a corner case situation, un-shutting and shutting down the interface may
resolve the issue.
CSCuc05174
Symptom: ESP Crashes
Conditions: Configuration results in exhaustion of CPP external memory
Workaround: Ensure that the scale does not exceed supported configurations.
CSCuc05660
OL-26698-16
87
Symptom: ttl in CNAME record is reset

Conditions: DNS CNAME record
CSCuc05671
Symptom: The console reports "[aom]: (ERR): Unable to find async context for AOM" and
traceback.
BR.
CSCuc07235
Symptom: When using the command "call-policy-set copy source x destination y", the
na-src-name-anonymous-table is not copied.
Conditions: If you copy the policy to a set number that did not previously exist, this problem does
not occur; it only seems to happen if you reuse a number that was removed previously.
Workaround: Copy to new set number which has not been used before.
CSCuc07317
Symptom: Show controller pos pm command does not show correct SFP line type for All POS
SPAs
Conditions: Line type is shown as LONG MM for all SFPs in show controller pos pm frp
Sphinx/POS and SHORT SM for Iguana/Ninja
Workaround:
show hw-module subslot
POS0/1/0:
Description
Transceiver Type:
x/y
transceiver #port
idprom brief IDPROM for transceiver

= SFP or SFP optics (type 3)
= OC12 LR-1/STM4 L-4.1 (12)
CSCuc08061
Symptom: IPv6 DMVPN spoke failed to re-build tunnels with hubs.
Conditions: This symptom occurs when the tunnel interface on the spoke is removed and reapplied
again.
Workaround: Reboot the spoke.
CSCuc08964
Symptom: IOS PKI server keeps updating CRL list even if PKI server is shut down. Found in
15.1.4.M, but may be more wide spread.
Workaround: Block access to CRL Distribution point so PKI server will not be able to upload
updated CRLs.
CSCuc09772
Symptom: ISR running CME with AFW may experience bus error crashes and spurious accesses
during call disconnect.
CSCuc10081
88
OL-26698-16
Symptom: ISSU/ISSD would be failed.

Conditions: Always
CSCuc11275
Symptom: PSTN user cannot hear the MOH when the call is put on hold.
Condition: If a call is put on hold after the previous call is parked using PARK softkey, the PSTN user
cannot hear the MOH.
Workaround: The following workarounds are available:
Use FAC code to park the call.
Seize this DN and then release it to reset the park flag after parking a call.
CSCuc11853
Symptom: T1 controller will stay DOWN after switchover.
Condition: This symptom is seen when SATOP is configured on T1.
Workaround: Do a shut and no shut.
CSCuc12685
Symptom: Address Error exception is observed with ccTDUtilValidateDataInstance.
Condition: This symptom is observed with ccTDUtilValidateDataInstance.
CSCuc14204
Symptom: IOS PKI certificate enrollment fails due to collision with another enrollment request.
Condition: IOS PKI auto-enrollment Multiple trustpoints are configured and try to enroll at same
time. See error: CRYPTO_PKI: Failed to send the request. There is another request in progress.
Workaround: Use manual enrollment. Use different re-enrollment percentages on each trustpoint.
CSCuc15854
Symptom: SRTP - RTP fallback failure - CUBE sends back both 488 and 503
Condition: For a SRTP - RTP transcoding failure scenario, CUBE sends back both 488 and 503
response codes. It should reject the call with only 503 with the correct Warning Header.
CSCuc16623
Symptom: After changing the grandparent shape rate via ancp, traffic is not shaped to the new rate.
Condition: PPPoE model F QoS. Via ancp, change the grandparent shape rate.
CSCuc20045
Symptom: The maximum configurable PBHK (Port Bundle Host Key) source interfaces on an
ASR1K router is random and could be as low as 1. Here is a sample error message seen on a
customer's ASR1K router when adding 83rd source interface for PBHK: PortBundle: Unable to add
source IP into list PortBundle: Command failed PortBundle: allowed number of source IPs: 82
Condition: Configure multiple PBHK source interfaces on an ASR1K router.
OL-26698-16
89
CSCuc22348
Symptom: 3900e running 15.2(3)T1 crash at be_MediaOper_UpdateStats
Condition: 3900e running 15.2(3)T1 crash at be_MediaOper_UpdateStats
CSCuc22655
Symptom: IOS Router Identity Certificate missing upon reboot.
Condition: Identity certificate imported into a trustpoint that does not contain the direct issuer
Certificate Authority certificate.
Workaround: Import the identity certificate into the trustpoint which contains the issuer's certificate.
CSCuc22942
Symptom: Show version may report reload due to address error. Example: System returned to ROM
by address error at PC 0x7F10BB0, address 0x4E1B383C at 23:46:01 EDT Mon Sep 10 2012
System restarted at 18:17:48 EDT Thu Sep 13 2012 System image file is
"flash:c2951-universalk9-mz.SSA_8_5_ES2.1" Last reload type: Normal Reload Last reload
reason: address error at PC 0x7F10BB0, address 0x4E1B383C This bug happens within IOS
internal. It is not a common and at the same time, not a a rare occurrence.
Condition: Platform independent. Seen usually in 29xx and 39xx class routers. Originally seen in
15.2(2)T and 15.2(4)M release. Feature that need to be active for this crash to happen: Music on hold
should be actively in use.
Workaround: There is no workaround. If you suspect that you are affected by this OR if you are
proactively researching for known bugs to side-step, kindly engage your Account Team or your
Advanced Services Team for guidance. Releases that have the fix include: 15.2(2)T3, 15.2(4)M3 and
later releases.
CSCuc24741
Symptom: buffer overflow in opssl_parser corrupts OPSSLContext when all cipher suites were
selected
Condition: This symptom occurs on working setup, when all the cipher suites were selected at
openssl layer. This issue is observed from xe37 onwards.
Workaround: Instead of selecting all cipher suites, select required cipher suite.
CSCuc24937
Symptom: The voice gateway router is configured as a CME for handling ephone reloads due to
spurious memory access.
Condition: This symptom occurs as the voice gateway router is capable of handling ephones. Reload
is very specific to ephone handling.
CSCuc25529
Symptom: Static routes created by RRI are created with the wrong mask for subnet ACLs.
Condition: This has been observed on an ASR1k and 7200 running IOS 15.2(4)S and 15.1(4)M.
Workaround: Configure a static route to the remote network manually.
CSCuc26232
Symptom: Reload indicating stuck thread may occur.
Condition: On clear ip nat translations vrf vrf-name*.
90
OL-26698-16
Workaround: Use clear ip nat trans * This issue exists only on Cisco IOS XE Release 3.7.1S.
CSCuc26434
Symptom: RP information is not learned when Auto-RP is configured for customer domain and the
MA and RP candidate are on different PE.
Condition: MA and RP candidate are on different PE.
CSCuc27517
Symptom: Permanent license disappear after the IOS upgrade or downgrade.
Conditions: This symptom occurs when:
The ASR1001 IOS is upgraded from 03.05.02 or older to 03.06.00 or later.
The IOS is downgraded from 03.06.00 or later to 03.05.02 or older.
Workaround: Without this fix: Do a license save from 3.4 before the upgrade and re-install in 3.6 in
34, save all the licenses to a file to bootflash 1RU#license save <file location> in 36 , install back
all the licenses from the file 1RU#license install <file location>.
With this fix: To avoid this, customers have to create a file in the bootflash called
1RU_34_36_ENFORCE_LICENSE_MIGRATION to enforce the migration of all the licenses
before the upgrade process. The file will be removed automatically after the license migration.
For example: 1RU#license save bootflash:1RU_34_36_ENFORCE_LICENSE_MIGRATION
For the routers, which are already experiencing this issue, customers can either try to reinstall the
licenses or downgrade to 34, create the file in bootflash and upgrade with 36 or later image with
this fix again.
CSCuc28138
Symptom: Tracebacks are seen.
Condition: When protocol mode dual-stack is enabled under telephony-service and create cnf-files
is executed.
CSCuc30500
Symptom: The following features: NBAR, FNF (AVC), Seawolf (FME), and Lhotse (AppNav)) may
appear as being properly activated where as, they are not.
Condition: CFT infra that above listed features are not properly initialized.
CSCuc31692
Symptom: ASR1K ucode crashes with scaled MLPPP configuration with sustained high data rates
across most bundles.
Condition: Highly scaled MLPPP configuration with sustained high data rates across most bundles.
Problem has only been seen with the ESP40. Likelihood of encountering this issue is lesser because
this issue has only been seen in a lab environment under extremely high data rate conditions.
CSCuc31725
Symptom: CUBE fails to resolve the configured DNS through a query when the SRV query fails.
Condition: This symptom occurs when running Cisco IOS Release 15.3(0.11)T.
OL-26698-16
91
Workaround: Use DNS SRV records for SIP servers.
CSCuc31761
Symptom: Router crashes when removing GDOI groups.
Conditions: KS has 100 GDOI groups being configured.
CSCuc34574
Symptom: A pending issue update is seen at SSL CPP CERT on the Cisco ASR 1002, ESP-1000
platform.
object-manager fp active pending-issue-update Update identifier: 128 Object identifier: 117
Description: SSL CPP CERT AOM show Number of retries: 0 Number of batch begin
retries: 0.
CSCuc32543
Symptom: Changes in the configured PPP multilink fragment size or fragment delay are not pushed
down to the data path for Broadband MLPPP sessions. Note that this issue does not apply to MLPPP
over Serial connections.
Conditions: If PPP multilink fragmentation is enabled on a Broadband MLPPP bundle before the
bundle is established and the user later attempts to modify the fragment size or fragment delay, the
resulting fragment size changes are not pushed down to the data path (i.e. the original fragment size
configuration is retained). The IOS show ppp multilink command indicates that the new fragment
size was applied but, in fact, the new fragment size may not yet be active.
Workaround: After changing the fragment size or fragment delay configuration, restart the Multilink
PPP session. This can be accomplished via the
clear ppp interface Bundle-Virtual-Access-intf-name command.
CSCuc33214
Symptom: The PADI drops statistics shown in show interafces are not cleared.
Conditions: When there are PADI drops on any of the ATM interfaces, they are displayed in show
interfaces. And, these are not cleared even after doing clear stats.
CSCuc34315
Symptom: ASR crashes with fman_fp while unconfiguring in PBR scalability test.
Conditions: After the scalability test is performed with 1024 intefaces, crash is observed.
CSCuc36464
Symptom: Traffic check fails for user-defined classes with HQoS policy.
Conditions: This condition occurs on sending traffic from ixia.
CSCuc36469
Symptoms: Crash is observed when removing the crypto call admission limit ike
in-negotiation-sa value configuration and clear crypto sessions, which triggers a connection from
all the clients burdening the server and forcing it to crash within few seconds.
92
OL-26698-16
Conditions: This symptom happens only when 150 connections simultaneously try to establish
connection with the head-end EzVPN server.
Workaround: Configure crypto call admission limit ike in-negotiation- sa 20 when scaling to 150
tunnels.
CSCuc38440
Symptom: %FMFP-3-OBJ_DWNLD_TO_CPP_FAILED messages along with tracebacks are seen.
Conditions: This symptom happens while configuring or unconfiguring the match message-id under
class-map.
CSCuc38911
Symptom: Observed (ERR): INTF: DELETE failed trace log.
Conditions: While creating Virtual Template Interface to test the L2TP scalability enhancements.
CSCuc39469
Symptom: Unable to monitor the second power supply that is just inserted into the ASR 1001
Router.
Conditions: Insert the second power supply to the up and running ASR 1001 Router.
Workaround: Make sure all power supplies are inserted before booting up the ASR 1001 Router.
CSCuc40448
Symptoms: No-way audio is observed on hair-pinned calls back from CUBE to SIP Provider. The
call flow is as follows: PSTN caller --Verizon---(sip)---ASR
CUBE---(sip)---CUSP---(sip)---Genesis (SIP refer sent to transfer back to Verizon) -- CUSP CUBE - Verizon -- PSTN
Conditions: This symptom is observed only after upgrading to Cisco IOS Release 15.2(2)S.
Workaround: Modify the diversion header on the transfer leg invite. Therefore, the Verizon handles
the call differently.
CSCuc40585
Symptom: Ucode crashes when the GTP AIC inspects the packets.
Conditions: GTP AIC is configured.
CSCuc40912
Symptom: Stale objects are seen on RP SWO.
Conditions: Delete IPv6 VRF tunnel that have FNF configured and then do rpswo.
CSCuc41243
Symptom: PfR border router might get reloaded when PfR session flaps under session condition.
Conditions: PfR BR session flap under session condition, not likely to reproduce in the lab.
CSCuc43943
OL-26698-16
93
Symptoms: A Cisco ASR 1000 hub on dual-hubs causes DMVPN crash. This issue is only seen in
Cisco IOS XE Release 3.9S.
Conditions: This symptom is observed with shut or no shut of the tunnel interface.
CSCuc44071
Symptom: GRE keepalives are going out unencrypted if the Tunnel interface is in up or protocol
down state.
ASR1k platform (reproduced on 3.4S through 3.7S)
GRE/IPsec using tunnel protection
Keepalives configured on GRE/IPsec tunnel
Tunnel interface in protocol down state because of previously missed GRE keepalives
PIM configured on Tunnel interface
ip multicast-routing distributed command is configured globally.
Workaround: Disable ip multicast-routing distributed command (possible performance impact) or

remove PIM configuration from Tunnel interface. The GRE keepalives will be encrypted as long as
there is no CEF adjacency on the Tunnel interface when in protocol down state (i.e. no output from
show adjacency tunnel number detail command).
CSCuc45528
Symptoms: Leaks are seen at nhrp_recv_error_indication.
Conditions: This symptom occurs only when the fix of CSCub93048 is present in the image.
CSCuc46087
Symptoms: CUBE does not send a response to an early dialog UPDATE in a glare scenario.
Conditions: This symptom occurs when CUBE receives an early dialog UPDATE when it sends
200OK to INVITE and expects ACK.
CSCuc46352
Symptom: One-way audio when using anti-trombone on a CUBE for a inbound call that is call
forwarded back to the ITSP. After the call is forwarded, the CUBE never sends a Re-INVITE to the
calling party to change the IP address from it's own IP to the IP of the ITSP. Therefore, the calling
party doesn't get any audio. Whereas, the forwarded party hears the calling party fine.
Conditions: media anti-trombone command is configured under voice service voip.
CSCuc47356
Symptoms: Static routes are not getting removed.
Conditions: This symptom is observed with Smap - Smap. Removal of CLI does not remove the
static route.
Workaround: Remove the ACL before removing the SA.
CSCuc47399
94
OL-26698-16
Symptoms: IKEv2 STOP Accounting records show wrong counters for packets/octets, when the
sessions are locally cleared using clear crypto sa command or clear crypto session command on
ASR 1000 Routers.
Conditions: This symptom is observed with latest Cisco IOS XE Release 3.8S images when
IKEV2-Accounting is enabled. This issue is easily reproducible with a single session, and may be
service impacting as STOP Accounting records are usually used for billing purposes.
Workaround: The STOP records reflect the right counters when the disconnect is through the
remote-end.
CSCuc48884
Symptom: Cannot make more than 4000 CUBE calls with the default configuration, and this can be
a limitation for HA as well.
Conditions: Trying to make more than 4000 CUBE calls.
Workaround: In most cases, multiple media-address ranges can be configured, though this may not
work for HA.
CSCuc49319
Symptom: An INVITE that contains a Replaces: header and also a parameter in the Request URI
will be responded to with a SIP 481 Call Leg/Transaction Does Not Exist. The transfer that was the
trigger of the INVITE with the Replaces: header will fail to complete.
Conditions: This was seen on CUBE when handling a triggered INVITE during a REFER based
transfer.
CSCuc49386
Symptom: Traceback is seen @ crypto_gdoi_gm_wavl_show_members_in_group.
Conditions: Execute the show crypto gdoi ks members A.B.C.D command on GETVPN group
member.
CSCuc50498
Symptom: cpp_cp_svr crash is observed.
Conditions: This symptom occurs on attaching service-policy to member link with port-channel
configured.
CSCuc51076
Symptom: The Reason: header in a SIP BYE may not be consistently passed from the incoming
call-leg to the outgoing call-leg.
Conditions: This was seen on CUBE running 15.1(4)M through 15.2(4)M1.
CSCuc53085
Symptom: When the peer's public key has outlived its usefulness, it will be marked for deletion and
upon the next time, we search the public key cache, all peer public keys that are marked for deletion
are removed. In the case of this defect, it has been observed that, after performing a manual CRL
update (crypto pki crl request TrustPoint) whatever the content of the crl response, the router
deletes keys according to the following sequence: 10 keys, next time 6 keys, then next time 4 keys
and so on, i.e. 2/1/0. This occurs whatever the amount of revoked certificates inside the updated crl
OL-26698-16
95
and it occurs also when the crl content does not change between different requests, i.e. when no
certificates were revoked. So, the amount and number of keys to be deleted follows a pattern but the
choice of key to be deleted is random. There is no negative impact on operation.
Conditions: Manual CRL update on a device running IOS 15.2(03)T. CRL caching is enabled.
CSCuc53349
Symptom: In ASR CUBE-ENT platform, the show voice call rate table command displays the call
per second (cps) information in histogram instead of tabular format.
Conditions: None.
Workaround: Use show call history stats cps table command instead. This command is available
from Cisco IOS XE Release 3.8.
CSCuc54220
Symptoms: The SVTI always-up feature is broken.
Conditions: This symptom occurs in clear and rekey cases.
Workaround: Use shut and no shut commands.
CSCuc54604
Symptom: CUBE SP does not respond to any SIP messages sent across using TCP. SIP using UDP
works fine. Call Flow: Multiple CUCM's ---> SIP --->CUBE SP--->Provider.
Conditions: This defect is noticed on 15.2(01)S01 and is only active when we have calls running SIP
TCP. Reason for this behavior is that during the create or close transaction on TCP, the control buffer
would be on hold. Therefore, if close of existing TCP connection is needed while the control buffer
are all being held, the connection would be marked as dead but not able to notify corresponding peer,
therefore the peer might still send data through that connection, which CUBE-SP would think as
invalid and get dropped internally.
Workaround: As a workaround we need to send the SIP call as UDP instead of TCP.
CSCuc56136
Symptom: Traffic fails to pass on PW.
Conditions: Configure xconnect on EFP and do RP SSO.
Workaround: Reconfigure the EFP and xconnect.
CSCuc56259
Symptoms: A Cisco 3945 that is running 15.2(3)T2 and running as a voice gateway may crash. Just
prior to the crash, these messages can be seen: %VOIP_RTP-6-MEDIA_LOOP: The packet is seen
traversing the system multiple times and Delivery Ack could not be sent due to lack of buffers.
Conditions: This happens when a media loop is created (which is due to misconfiguration or some
other call forward/transfer scenarios).
Workaround: Check the configurations for any misconfigurations, especially, with calls involving
CUBE and CUCM.
CSCuc56895
Symptom: Incorrect Profile trunk-route 4 is getting configured when different profile trunk-route is
configured under Voice service saf.
Conditions: Observed this issue in 15.3(0.13)T in c3945 platform.
96
OL-26698-16
CSCuc57822
Symptoms: The NBAR classification granularity reduced for some protocols or some protocols may
be classified as unknown.
Conditions: This symptom is observed when the following command is executed: test platform
hardware qfp active feature nbar function sui_gmc_show_chunks_brief. If the errors? column
has a non-zero value, it is most likely caused by the problem described here.
Workaround: Restarting NBAR will typically solve the problem. If a protocol pack is loaded, a
simple way to restart NBAR would be to unload and reload the protocol pack. In order to
workaround the problem and verify that the problem is resolved, perform the following steps:
1.
Clear the above counters using the command: test platform hardware qfp active feature nbar
function sui_gmc_reset_counters
2.
Verify that the number of errors has been cleared: test platform hardware qfp active feature
nbar function sui_gmc_show_chunks_brief
3.
Enter configure mode: config terminal
4.
Unload the protocol pack: no ip nbar protocol-pack protocol-pack-filename
5.
Reload the protocol pack: ip nbar protocol-pack protocol-pack-filename
6.
Verify the number of errors is 0: test platform hardware qfp active feature nbar function
sui_gmc_show_chunks_brief
CSCuc57882
Symptom: High CPU on the 2911 router causing voice-ports going from
S_CONNECT/S_TRUNKED to -/S_TRUNK_PEND after a few hours. This is an LMR deployment
(Hool and Hooter config) Call flow: ============ Recording server (E&M port) <------- (E&M
port) 2911 <--------IP link--------(((multicast source --application)))
Conditions: The High CPU was seen with the following IOS versions:
c2900-universalk9-mz.SPA.152-4.M1.bin c2900-universalk9-mz.SPA.151-4.M2.bin
151-3.T4.bin
Root Cause Of The Issue: In the above IOS versions, the issue was observed in the udp_checksum()
routine, which gets invoked in this case as the other endpoint is sending the checksum. Currently,
the behavior is such that when it receives UDP checksum in incoming packet, it will try to compute
it. Thereby, leading to the High CPU errors and causing the PVDMs to crash, which leads to the
voice ports going to S_CONNECT/S_TRUNKED to -/S_TRUNK_PEND after a few hours.
Make sure that udp checksum is disabled on the other endpoint sending the packet to us.
Have an image ready which basically ignores the udp checksum in the incoming packet, if the
udp checksum is not important. The image was provided by the DE.
CSCuc58513
Symptom: Fp reload.
Conditions: ALG traffic with ACL limit configuration.
Workaround: Remove ACL limit configuration with ALG traffic.
CSCuc59991
Symptom: Traceback may appear on applying or removing Seawolf configuration.
Conditions: In very rare condition of massive applying or removing Seawolf configuration
sequence, the traceback may appear.
OL-26698-16
97
Workaround: In case of traceback, remove the configuration and reapply it again.
CSCuc60435
Symptom: Packets with single digit MNC are not matched in L7 class-map Instead counters are
increasing in class class-default Service-policy inspect gtpv1 : gtpv1_grx_inside_mcc_mnc
Class-map: gtpv1_grx_inside_mcc_mnc (match-any) 0 packets, 0 bytes
<<<< zero
30
second offered rate 0000 bps
Match: mcc xxx mnc 1
Class-map: class-default (match-any)
543464 packets, 11565497 bytes <<<<
30
second offered rate 19000 bps, drop rate 0000 bps
Match: any
Conditions: Match criteria in L7 class-map define single digit MNC as follows: class-map type
inspect gtpv1 match-any gtpv1_grx_inside_mcc_mnc match mcc xxx mnc 1 match mcc xxx mnc 1
CSCuc60509
Symptoms: A Cisco 2951 that is running Cisco IOS Release 15.2(1)T1 may have a processor pool
memory leak in CCSIP_SPI_CONTROL.
Conditions: The issue is seen when CUBE receives a PUBLISH request. At customer site, the issue
was seen due to incorrect SIP trunk configuration, which resulted in PUBLISH requests to be sent
to CUBE instead of CUSP.
Workaround: Correct the SIP Trunk configuration so that PUBLISH requests are not sent to CUBE.
CSCuc61244
Symptom: BFD flaps.
Conditions: Configure hardware BFD and configure egress ACL.
Workaround: Change the hardware BFD to software mode.
CSCuc61956
Symptom: Agent Stats corrupted on agent reset.
Conditions: Set timezone other than UTC on the CME router and reset the agent in EHG.
CSCuc62078
Symptom: Call Flow: 9971 ---- SIP ---- CUCM ---- SIP ---- CUBE ---- SIP ---- Provider
Issue: Provider does not support video codecs, as soon as an INVITE with video codes in the SDP,
provider is disconnecting the call. The customer wants to use Video capability for internal calls and
when external call is made, is requesting if they can strip the Video attributes from SDP going in the
INVITE to provider.
Conditions: Created voice class sip-profiles 1000 and applied under the outgoing dial-peer to
provider. Voice class sip-profiles 1000 request INVITE sdp-header Video-Attribute remove request
INVITE sdp-header Video-Media modify "m=video(.*)" request INVITE sdp-header
Video-Bandwidth-Info remove Before applying the profile, below is the snippet of SDP rcv on
CUBE: After applying the profile, the SDP is like below:
v=0 o=CiscoSystemsSIP-GW-UserAgent 1127 4805 IN IP4 10.59.0.6 s=SIP Call c=IN IP4
10.59.0.6 t=0 0 m=audio 17800 RTP/AVP 8 101 c=IN IP4 10.59.0.6 a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=ptime:20 c=IN IP4 10.59.0.6.
98
OL-26698-16
To remove the third c= line, tried the below under sip-profiles: not working as expected: request
INVITE sdp-header Video-Session-Info REMOVE***Trying to add this line, to see if it will make
any difference, however show run, displays Video-Session-Name request INVITE sdp-header
Video-Connection-Info REMOVE***Trying to add this line, to see if it will make any difference,
however show run, displays request INVITE sdp-header remove.
Workaround: If the customer does not have a requirement to have video for external calls, then much
better option is to disable video at CUCM only for external calls. This can be done on CUCM by the
following ways:
1.
Create a new region on CUCM with video disabled.
2.
Keep the SIP trunk to CUBE in that new region.
3.
This way, internal calls can still have video, and there won't be any video coming to CUBE for
external calls.
CSCuc62212
Symptom: show pla so ob fp active pending-ack-update command output hw dirty-bit has error.
Conditions:
CSCuc62409
Symptom: Pseudotime skew between Secondary key servers and Primary key server.
Conditions: Clear crypto GDOI on the primary key server. It has been seen in 15.2(4)M1 but not in
15.1(4)M1.
Workaround: Clear crypto GDOI on all devices.
CSCuc63246
Symptom: Call Flow: PSTN->PRI->Voice GW->SIP->CUCM->IP phone. During an active call
between PSTN and IP phone (non-secure), if the IP phone user presses the Hold key for second time
call gets disconnected. Hold and Resume for the first time works fine. MOH server is using SRTP.
Also, if the IP phone used is secure (SRTP), then call will not get disconnected; no matter, how many
times the user presses the Hold and Resume keys. Customer has mixed mode cluster.
Conditions: When audio session between IP phone and VG is RTP and then the Hold key is pressed
for the second time. The MOH uses Secure RTP.
CSCuc63696
Symptom: Sometimes, cable detect test reported false (not connected) test result on FXOGS.
Conditions: Cable detect test and incoming call to FXOGS are running at the same time.
CSCuc65424
Symptoms: On dual RP configurations, a standby route processor might crash when establishing
new interfaces (could be PPP sessions).
Conditions: This symptom is observed when IDB reuse is turned on, for a dual RP configuration,
and when some interfaces are deleted and created again.
Workaround: Turn off the IDB reuse option.
CSCuc65437
Symptom: cpp_cp_svr crash is seen.
OL-26698-16
99
Conditions: This symptom occurs on removing service-policy from main int.

CSCuc65609
Symptom: During SIP attack, NAT causes ESP lock-up.
Conditions: SIP registration attack.
Workaround: Using ACL to block SIP attack.
CSCuc66821
Symptom: Remote-Party-ID is missing in the SIP Re-Invites.
Conditions: When using newer CUBE version 8.7.
Workaround: Currently not identified.
CSCuc67468
Symptom: show platform h q a f nat data dynbin command output gets into a loop.
Conditions: When executed on ASR 1000 Routers.
Workaround: Use show ip nat trans command and its filters for showing this information
CSCuc68743
Symptoms: A crash occurs while running CME smoke regression.
Conditions: This symptom is observed while running CME smoke regression.
CSCuc69095
Symptom: When cpp_fm_vmr_ops_execute_OPTIMIZE( ) function queries the TCAM manager for
number of free entries in TCAM, then cpp_fm_free_tcam_entry_query( ) throws an error
sometimes.
Conditions: This is always invoked for all the configurations that are attached.
Workaround: A running count to keep track of free entries in TCAM has been implemented. This
solution might not work for a configuration whose size is as big as the size of TCAM.
CSCuc69342
Symptoms: About 10 minutes after CUBE boot, the router crashes with the following traceback:
Traceback= 5B01805 46158ED 45F4F57 45BB19E 45BA1CF 451D6DC 4525549 45252D9
4519C30 45196A9 4778FFD. After the reload from the crash, it may take sometime before it crashes
again.
Conditions: This symptom occurs when CUBE receives the SIP REFER message with the Refer-To
header having no user part.
CSCuc70310
Symptoms: RRI routes are not installed in DMAP. reverse-route is a configuration in the DMAP.
This prevents packets from being routed through the intended interface, and hence packet loss
occurs.
Conditions: This symptom is observed when a simple reverse-route is configured in DMAP without
any gateway options.
100
OL-26698-16
CSCuc70578
Symptom: While clearing the counters, we are seeing the error message. %IOSXE-3-PLATFORM:
R0/0: kernel:
/scratch/mcpre/BLD-BLD_V153_1_S_XE38_THROTTLE_LATEST_20121015_080026/os/linux/
drivers/binos/i2c/psmcu/psmcu_main.c:read_from_psmcu (line 185): i2c_smbus_read_byte()
returned -110. Other potential errors: %IOSXE-3-PLATFORM: R0/0: kernel:
/auto/mcpbuilds13/release/03.08.00.S/BLD-03.08.00.S/os/linux/drivers/binos/i2c/psmcu/psmcu_m
ain.c:read_from_psmcu (line 175): MCU set pointer command failed, -5.
Conditions: Error message should not been seen, while clearing the counters.
CSCuc71379
Symptom: An incoming INVITE that is received by CUBE with a Replaces: header will dropped
that Replaces if the outgoing INVITE must hunt through multiple outbound dial-peers.
Conditions: This was seen on CUBE in a SIP to SIP configuration running 15.2(4)M1.10
CSCuc71706
Symptoms: Execution of the show run command and other commands such as copy run start and
show access-list cause the router to stop for a few minutes before completing.
Conditions: This symptom is observed with Cisco ISR G2 routers. This issue is seen only with IPv6
configured and used.
CSCuc72643
Symptom: Memory leak.
Conditions: periodic.
CSCuc73677
Symptoms: RSA keys are not generated correctly.
Conditions: This symptom occurs when you first clear the RSA keys that are already generated on
the router, and then generate the RSA keys.
CSCuc73993
Symptom: High PPS in the single flow traffic can reduce the overall system performance by 90%.
Conditions: This symptom occurs only when there is a very large PPS in the single flow traffic and
when NBAR is enabled
CSCuc74857
Symptom: NAT address pool exhaustion with high DNS traffic.
Conditions: Payload addresses in DNS PTR record NATed without active NAT bindings. RFC 2694
suggests that DNS PTR queries should not be translated if no active bindings are found in the NAT
translation table. Per current implementation, new NAT dynamic bindings are created when
processing DNS PTR queries, eventually, contributing to NAT address pool exhaustion.
OL-26698-16
101
Add deny ACL to avoid NAT translation of unknown payload addresses in the DNS PTR query.
Turn off DNS application-level gateway (ALG) service, if possible.
CSCuc75142
Symptom: Ucode crash when h323 ALG traffic passed through router.
Conditions: This symptom is seen with ALG traffic.
Workaround: Remove HSL logging. Problem is not seen.
CSCuc75480
Symptom: Show call active video compact command doesn't show any active video calls while
testing EO-EO Secure Video Call over CUBE when SDP PassThru is enabled.
Conditions: This symptom occurs on running with IOS version- 15.3(0.14)T.
CSCuc76130
Symptoms: IPsec SAs are not getting deleted even after removing ACL.
Conditions: This symptom occurs when using the IPsec feature with Cisco IOS Release
15.3(0.18)T0.1.
CSCuc76298
Symptoms: In ASR B2B HA setup, the new active router crashes at ccsip_send_ood_options_ping
immediately after switchover with OOD OPTIONS enabled.
Conditions: This crash is seen in the following scenarios:
Standby router has OOD OPTIONS enabled either because it is present in startup configuration
or enabled after boot-up.

Disable OOD OPTIONS.
When Switchover happens.
Workaround: Reload standby router once after OOD OPTIONS configuration changes from enabled
to disabled.
CSCuc76670
Symptom: 2X1GE-SYNCE (metronome) SPA does not boot on a 2RU (Cisco ASR 1002).
Conditions: This symptom is observed from Cisco IOS XE Release 3.7.0S onwards, when the
metronome SPA (2X1GE-SYNCE) fails to boot on a 2RU. An error message indicating that the SPA
is not supported is displayed on the RP console.
CSCuc77704
Symptom: The GETVPN/GDOI Secondary Cooperative Key Server (COOP-KS) does not download
the policy, that is, when the show crypto gdoi ks policy command is issued on the Secondary
COOP-KS and the command output shows that no policy is downloaded and Group Members (GMs)
registering to the Secondary COOP-KS fail to register without any warning or error message.
Conditions: This symptom is observed when the GETVPN/GDOI group (with COOP configured)
has an IPSec Profile configured with one of the following transforms in its transform-set: esp-sha256-hmac - esp-sha384-hmac - esp-sha512-hmac
Workaround: Use esp-sha-hmac as the authentication transform.
102
OL-26698-16
CSCuc78320
Symptom: QFP crashes with ICMPv4 error packets when ZBF debugs are enabled (debug platform
hardware qfp active feature firewall datapath global all detail).
Conditions: This symptom is observed when ZBF debugs are enabled.
Workaround: Do not enable ZBF debugs with detail or drop keywords for all traffic. Instead, enable
ZBF debugs only for the traffic you like to debug. For more information, See CSCtf45361.
CSCuc78499
Symptom: GTPv1 memory chunk leak.
Conditions: This symptom is observed when the GTP AIC is configured
CSCuc78702
Symptom: %NAT: VRF ID 2385 does not exist is seen in the output of show run vrf.
Conditions: If a VRF is defined without configuring an address-family, then this message is
displayed when the user executes the show running vrf command.
Workaround: The show command output is valid. This has no impact on functionality.
CSCuc79208
Symptom: Error %Port <> is being used by system while configuring the static nat with the same
ports for different IP addresses as shown below, we can sometimes get an error message %Port 1720
is being used by system: ip nat inside source list IP_PBX_MP_NAT_ACL_PUB interface
Loopback12 overload ip nat inside source list IP_PBX_MP_NAT_ACL_SUB interface Loopback13
overload IP NAT inside source static tcp 161.92.7.42 1720 interface Loopback12 1720 ip nat inside
source static tcp 161.92.7.43 1720 interface Loopback13 1720 This issue happens when we have
nat with overload statements configured before we configure static nat for ports.
Conditions: This happens if we have NAT with overload statements are configured first.
Workaround: Remove all NAT statments and configure the static NAT before the NAT overload.
(Note that we will get the failure message again at the reload time since the commands are nvgenned
with the overload command first.)
CSCuc79283
Symptom: The nat64 map-t subcommands cannot be syntax checked when running config check
syntax.
Conditions: This applies only when the user runs config check syntax in the syntax check mode.
CSCuc80725
Symptom: VFR subblock remains without CLI IP virual-reassembly displayed.
Conditions: This symptom is observed when NAT is enabled without VFR and VFR is re-enabled.
Workaround: Do not enable the VFR manually.
CSCuc81645
Symptom: CPP crashes on overlord when the show command is executed.
Conditions: There is no known conditions.
CSCuc81650
OL-26698-16
103
Symptom: Ingress QoS policy-maps on frame-relay type interfaces do not correctly show QoS
policy-map packet counters.
Conditions: This problem only occurs when egress QoS policy-maps are attached to a frame-relay
sub-interface and to a frame-relay DLCI on that same sub-interface.
Workaround: Apply egress QoS policy-maps to only the frame-relay sub-inteface or to the
frame-relay DLCI.
CSCuc81993
Symptom: IKEv2 framed route support on server is required.
Conditions: IKEv2 framed route support on server is required.
CSCuc82246
Symptom: RTSP Timeout doesn't work on VXML GW when Bargein is set to N. IOS 15.1.M4 CVP
9.01 ICM 9.02. When the vxml GW receives the following, RTSP will not timeout <prompt
bargein="false" cisco-maxtime="30s" cisco-typeaheadflush="false" > <audio
src="rtsp://10.2.247.40/rtpencoder/moh.sdp" fetchtimeout="4s" /> When the vxml GW receive the
following, RTSP will timeout at 30 seconds <prompt bargein="true" cisco-maxtime="30s"
cisco-typeaheadflush="false" > <audio src="rtsp://10.2.247.40/rtpencoder/moh.sdp"
fetchtimeout="4s" />
Conditions: This symptom is observed when Bargein is set to N.
CSCuc83104
Symptoms: Path confirmation fails for blind transfer scenarios for both SIP Line and trunk-side
scenarios.
Conditions: This symptom is observed if no supplementary-service sip refer is configured.
Workaround: Configure supplementary-service sip refer.
CSCuc85002
Symptom: Unexpected logs printed in the console during configuration. *Oct 17 06:54:50.711:
%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F1: fman_fp_image: PORTLIST: (tcp/50.1.1.1
port 4096 - 5119) download to CPP failed *Oct 17 06:54:50.534:
%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F0: fman_fp_image: PORTLIST: (tcp/50.1.1.1
port 4096 - 5119) download to CPP failed.
Conditions: This Symptom is seen when the configuration includes dynamic PAT (Port Address
Translation) with the interface overload.
CSCuc85157
Symptom: The packet is dropped with the reason NatIn2out.
Conditions: This symptom is observed due to the PAT.
CSCuc85319
Symptom: RP is crashed.
Conditions: This symptom is observed after flapping the ATM sub-interface that is configured with
the ATM bundle 8192 times
104
OL-26698-16
CSCuc85807
Symptom: Values of certain flows have incorrect jitter values when MMON is activated on
non-video UDP traffic jitter.
Conditions: Non video and/or UDP traffic is being injected to the MMON engine. May also happen
on video traffic before it is classified as such (first few packets). This is self corrective. This is
unlikely to happen as usually MMON is enabled on specific media flows.
CSCuc87847
Symptom: QFP crashes.
Conditions: Packets are replicated and field in_interface in pkt_state is invalid.
CSCuc88112
Symptom: Ucode crashes.
Conditions: This symptom is observed while testing the frf12 feature.
CSCuc88175
Symptoms: When a dynamic cryptomap is used on the Virtual Template interface, SAs are not
created and the testscripts fail. This issue occurs because the cryptomap configurations are not
added to the NVGEN, and hence there is no security policy applied on the Virtual Template
interface.
Conditions: This symptom occurs only when a dynamic map is used on the Virtual Template
interface. However, this issue is not seen when the tunnel protection is used on the Virtual Template
interface or when a dynamic map is used on the typical physical interface.
Workaround: There is no workaround apart from using tunnel protection on the Virtual Template
interface.
CSCuc88575
Symptom: The following message can be seen on Cisco ASR routers which runs IOS-XE: FAILED:
File [location]:[name] is not a valid consolidated package file.
Conditions: Multiple conditions can lead to this error message. One of these is if the specified file
doesn't exist at the path specified. The reason for failure is not clear.
CSCuc89261
Symptom: The router is crashed with ucode traceback.
Conditions: This symptom occurs while adding 32 Service Node Group under Service Context and
removing them.
CSCuc89646
Symptom: When TCP SYN packet is sent with no specified MSS, the default value is set to 0, not
to 536, as on other platfroms.
Conditions: TCP SYN packet is sent with no MSS specified.
OL-26698-16
105
CSCuc89800
Symptom: Receive a for_us packet with multiple (thousands of) tunnel headers, make ESP crash.
Conditions: Router A-------Router B-------Router C there is a tunnel T1 between A and C. In the
router A, there is a PBR that makes the packets from B transmitted through T1. In router B there is
a default route pointing to A. Then in router A a packet is transmitted through T1 encapsulated with
a GRE header. When this packet arriving at router B, due to the flapping of route between B and C,
it cannot be sent to C. But it will be sent to A because of the default route. When the packet arriving
at A, according to the PBR rule, it will be transmitted through T1 again encapsulated one more GRE
header. again and again, this packet will be encapsulated with thousands of GRE header. At last,
when the route between B and C no longer flaps, it will arrive at C, and make C crash.
Workaround: Workaround for customer's scenario: Customer can configure a ACL in router C 's
tunnel T1 interface, deny the packet if it has an inner header with the same src addr and dst addr
with outer header. But this workaround can't cover the scenario of an attack packet encapsulated
with multiple different tunnel headers.
CSCuc89958
Symptom: Perf-mon flow timeout or expiry takes longer than expected
Conditions: The functionality related to timeout or expiry of flows after media stop event seems to
be taking longer than expected. The related configs are: - monitor params interval duration <x"
and timeout <y>, under policy-map class submode or - cache timeout .. <x> and history size
<value> timeout <y> under Perf-mon flow monitor config mode
CSCuc91056
Symptom: sip-notify is not getting negotiated in the mid-call. After the midcall invite, rtp-nte to
sip-notify dtmf negotiation falls to rtp-nte to default inband-voice
Conditions: This symptom is observed with IOS version: 15.3(1.2)T.
CSCuc91409
Symptom: CallManager intermittently fails to reply to SIP messaging when a hostname is present
in the host field. This will occur when CallManager fails to resolve the hostname quickly enough
resulting in the messaging being dropped.
Conditions: This symptom is observed TCP or TLS is used. UDP will not experience this issue.
Workaround: Do not use a hostname in the host field for SIP messaging.
CSCuc92086
Symptom: 2921 crashed twice due to http caching. The crashes happened in about 1 month from
each other. At least one of them was triggered by issuing clear http client cache. However not every
issue of "clear http client cache" causes the crash.
Conditions: This symptom is obsrved when 912 is running as a gateway.
CSCuc92567
Symptom: IP may reload during MDR due to ESI reconciliation failure with active ESP.
Conditions: Extremely rare race condition.
106
OL-26698-16
CSCuc93053
Symptoms: The WCCP stops working after adding Cisco IOS Zone Based Firewall (ZBF. Message
of WCCP packets being redirected can be seen but not leaving the Cisco ASR router.
Conditions: This symptom is observed when Cisco ASR router with netflow and ZBF is enabled
under the same interfaces.
Workaround: Disable netflow on all the interfaces.
CSCuc93739
Symptom: Phase 2 for EzVPN client with split network and VTI does not come up if IPSec SA goes
down.
Conditions: The root cause of the issue is that IPsec SA is not being triggered after IPsec SA is down
due to no traffic. So in spite of traffic IPsec SA is not coming up leading to packet drops in client
network. The same problem is not seen with Cisco IOS Release 15.0(1)M7. This behavior is
introduced post-PAL where virtual-interface creates a ruleset where traffic cannot trigger IPsec SA
again once IPsec SA is deleted.
Workaround The following are workarounds for this symptom:
Configure ip sla on EZVPN client for split networks, so that IPSec SA will not go down.
Remove virtual-interface from EZVPN client profile if it is not needed.
CSCuc95192
Symptom: The ucode crash is seen.
Conditions: This symptom occurs when configuring or unconfiguring the static NAT in B2BHA
setup.
CSCuc97316
Symptom: Incorrect show running-config all after running no vxml audioerror.
Conditions: This symptom occurs when there is no vxml audioerror in the show running-config all
command.
Workaround: Run show running-config.
CSCuc98021
Symptom: One-way voice audio issue is seen over CUBE after session re-INVITE is sent.
Conditions: This symptom is observed with the following call flows:
Signaling: Cisco IP phone ==> CUCM ==> CUBE ==> CCIPL ==> CCIPL IP phone
Media: Cisco IP phone <=== sRTP ==> CUBE <== RTP ==> CCIPL IP phone
Workaround: Do not use SRTP on the CUCM <-> CUBE leg.
CSCuc98107
Symptom: The performance of urpf with acl gets downgraded.
Conditions: The downgrading has been found since 15.3(01)S.
CSCuc98855
Symptom: For some reason the EzVPN server send the savepwd off. When it does, the client fails
to establish the connection.
OL-26698-16
107
Conditions: There is no known conditions.

Workaround: Run the client in interactive mode authentication.
CSCud01502
Symptom: A crash occurs in CME while accessing a stream in sipSPIDtmfRelaySipNotifyConfigd.
Conditions: This symptom occurs in CME.
CSCud01905
Symptom: Match not APN is not working.
Conditions: This symptom occurs during the basic GTP message flow.
CSCud02357
Symptoms: The extension mobility feature is failing.
Conditions: This symptom is observed in Cisco IOS Release 15.3(2)T.
CSCud04066
Symptom: CPP CVLA traceback appears.
Conditions: This may happen during monitor configuration rollback when configuration fails.
CSCud05194
Symptom: Traceback is seen in 302 consume SDP pass through scenario.
Conditions: This symptom occurs when the UUT is failing on 15.3(0.19)S.
CSCud05368
Symptom: Traffic is be redirected to WCCP client even when defined as deny in wccp redirect ACL.
Conditions: WCCP on ASR1K.
Workaround: The following are the workarounds for this symptom:
Move the deny entries before the permits when possible (especially for deny ... host ...), but it
still may not work in some situation.

Use different redirect ACLs for each service, and remove the unnecessary ones for specific
services.
CSCud06171
Symptom: The Cisco router crashes upon clearing of the AppNav counters.
Conditions: This symptom can occur in a normal running device.
CSCud06852
Symptom: T1 Controller will not be marked as DOWN when there are alarms after RP Switchover.
Conditions: RP Switchover .
Workaround: SPA Soft OIR.
108
OL-26698-16
CSCud06887
Symptom: There is no sync of SADB on an active router when it reloads from the current standby
router.
Conditions: This symptom occurs when the active and standby routers are up. Whenever a session
is up, there is a sync of SADB from active to standby. When active reloads and is up, there is no sync
of SADB from the current active router.
Workaround: Remove the isakmp-profile configuration under the crypto map.
CSCud08595
Symptoms: After the reload, ISDN layer 1 shows as deactivated. Shut or no shut brings the PRI
layer 1 to Active and multiframe is established in layer 2.
Conditions: This symptom occurs when voice-class busyout is configured and the controller TEI
Workaround: Remove the voice-class busyout configuration from the voice-port.
CSCud10343
Symptom: The VG224 phone can not hear FAC tone.
Conditions: This symptom is observed during the config cptone br under voice-port.
Workaround: Change cptone to us.
CSCud11761
Symptom: The cpp_svr crashes.
Conditions: This symptom is obsrved with Policy-Aggregator scalability config.
CSCud12022
Symptom: The SPA buffer oversubscription causes a message to be logged indicating the packet
drops in the SPA.
Conditions: This symptom is observed during reconfiguration, flow-control cannot be set correctly
on the ESP resulting in broken flow-control on the interface being reconfigured.
CSCud14033
Symptom: Traceback appears and the packet is dropped with uRPF specific cause.
Conditions: Remove and add uRPF and ACL configuration in the following manner while the traffic
is runnin:, copy remove_config running and copy add_config running.
CSCud11761
Symptom: The cpp_svr crashes.
Conditions: This symptom is obsrved with Policy-Aggregator scalability config.
CSCud14601
Symptom: iDivert call to voicemail failed in flow-around mode for both consult and blind transfer
scenarios
Conditions: This symptom is observed when running with IOS version 15.3(1.4)T.
OL-26698-16
109
CSCud16127
Symptom: CPC request message is passed by AIC and sent to another side.
Conditions: This symptom is observed when the IMSI is invalid.
CSCud16274
Symptom:CPP crash with core dump file and traceback.
Conditions: This symptom is observed when the session setup rate is 10.
CSCud17362
Symptom: ASR router may crash running under heavy load
Conditions: This issue is considered an extreme corner case caused by the exhaustion of resources
combined with the aggressive polling of information through CLI while the system is overloaded.
CSCud19265
Symptom: CPP error and traceback when ATM PVC sub-interface deleted or reconfigured.
Conditions: This symptom is observed when ATM PVC in sub-interface is configured under ATM
PVP.
CSCud21267
Symptom: Accesses to the midplane EERPOM or power supply fails.
Conditions: This symptom is observed when the system has dual RPs.
CSCud21500
Symptom: Router crash at speed dial.
Conditions: This symptom occurs during the speed dial.
CSCud23420
Symptom: This is a backout of the PI commit of CSCuc10263.
Conditions: The initial implementation of enabling logging to CC required dependency on the PI
code committed. But after the code review for the PD the PI commit is not required. Hence Backing
out.
CSCud24079
Symptom: CUBE could not handle multiple 18x responses with different to-tags in early dialog.
Conditions: When 18x responses doesn't contain SIP Contact header.
Workaround: Include Contact header in 18x responses.
CSCud24321
110
OL-26698-16
Symptom: The interface hierarchy gets corrupted during OIR such that subsequent reconfiguration
events lead to a system crash. Impacted Platforms: ESP-100 and VXE-2, aka Yoda platforms. Not
Impacted Platforms: All CPP10 platforms, i.e. ESP-10, ESP-20, ESP-40, etc. It also does not impact
Overlord and ultra.
Conditions: The FRF.12 P3 queue is not removed from the interface during OIR. The code assumes
all features would have been removed from the interface before the default queue is removed. When
the default queue is re-added while the P3 is already active, its sub-hierarchy is built on top of the
leaf node for the P3 queue. This causes the hierarchy to grow exponentially to a point where
programming the hardware fails.
Workaround: Remove FRF.12 before OIR and re-apply it after OIR. While this should work when
done manually or via a script, it may be unreliable in the real world where OIR could occur due to
swapping out one SPA for another unless the user remembers to disable FRF.12 before swapping the
SPAs.
CSCud24483
Symptom: Dialling FAC (Feature Access Codes) in the On-Hook state and then going Off-hook
causes the phone to dial the last called number (Redial Operation).
Conditions: This symptom occurs when FAC (Feature Access Codes) Standard or Custom is
configured.
CSCud24885
Symptom: See some drops: FirewallInvalidZone 12676.
Conditions: ASR with WCCP and ZBF and netflow both configured.
Workaround: Ping the destination on ASR1000 before introducing WCCP traffic.
CSCud25675
Symptoms: Packet drop might be observed during IP Security (IPSec) rekey.
Conditions: This symptom is observed on a Cisco ASR1000 series router when functioning as an
IPSec termination and aggregation router, with Internet Key Exchange.
CSCud31542
Symptom: DHCP reply message was dropped in the data plane after RPSO or clear ipv6 neighbor.
Conditions: This symptom is observed during the following situations:
Setup DHCPv6 binding
Clear IPv6 neighbor or RPSO and without traffic before adjacency convergence then DHCP
reply message will be dropped in data plane.

Workaround: The following are the workarounds:
Send downstream traffic to the client that will re-learn the neighbor.
Clear IPv6 route X::X/prefix <dhcp installing route> to re-learn the neighbor.
Client is reconnected after the timeout of DHCP session.
Client sends RS or NS.
CSCud34131
Symptom: ERSPAN only could monitor ZBFW interface Rx packets.
OL-26698-16
111
Conditions: ERSPAN packets will be drop if the ERSPAN output interface is not in same zone with
moitor interface
Workaround: Configure ERSPAN output interface with same zone with monitored interface
CSCud34647
Symptom: ucode along with the fman_fp cores is seen in the supporting FP80 router.
Conditions: This symptom is observed on the flapping member link interface in the UUT.
CSCud35550
Symptom: Many tracebacks are printed in the console when GTPv2 messages are handled.
Conditions: Attached configuration is imported. It can be triggered too if layer 7 drop is configured.
CSCud35735
Symptom: ucode along with fman_fp core seen in UUT with
GTP_AIC_FUNC_POLICY_CHANGE
Conditions: This symptom is observed while sending traffic from SGSN.
CSCud36089
Symptom: sh per-call buffer list output shows an extra 'I' in the LAST UPDATED column.
Conditions: This symptom is observed when the Per-Call debugging is enabled
CSCud37568
Symptom: Memory leak in GTP PDP pool.
Conditions: GTP AIC must be configured.
CSCud37921
Symptom: Communication broken. Update PDP context requests are dropped if GSN address is not
identical with GSN address provided in Create PDP context request.
Conditions: 3GPP communication on GRX interface. Roaming mobile users from GRX to inside can
have different GSN address information.
CSCud38010
Symptom: Due to the change of CSCud35735: ASR1K: ucode crash @gtp_aic_match_policy. It is
a defense for smtp aic, as the function call re_multi_match_ascii may result crash?
Conditions: When the function re_multi_match_ascii meet some invalid array address,it would
return 0xFFFFFFFF as the match length,here in smtp aic,it should be protected from this exception?
CSCud38558
Symptom: The two causes are:
Might be no monitoring.
112
OL-26698-16
Trackback message appears in log: 1#7e4ed294e9cee774e6d357fbecf1228d errmsg:CB20000
2230 cpp_common_os:D1AD000 BBB0 cpp_common_os:D1AD000 B9C0

cpp_common_os:D1AD000 1903C cpp_fnf_svr_lib:FE68000 15D64
cpp_fnf_svr_lib:FE68000 1C2D0 cpp_fnf_svr_lib:FE68000 18E84
cpp_common_os:D1AD000 10A94 cpp_common_os:D1AD000 110CC evlib:CEF1000
E0DC evlib:CEF1000 104C4 cpp_common_os:D1AD000 127E8:10000000 4710 c:A526000
1E938 c:A526000 1EAE0.
Conditions: The issue occurs:
On 3.8 Ver: Happens randomly if HTTP tool is deployed several times.
On 3.7 Ver: Happens randomly if AVC1.5 tool is deployed several times.
Workaround: Reapply the configuration.

Workaround: There is no workaround needed here as this is the data used for the information about
the peer for the user. No impact.
CSCud39324
Symptom: ESP reload
Conditions: ASCII ALG traffic requiring TCP seq/delta fixup on payload length change due to
address translation. This reload could occur rarely with very long lived TCP connections.
Workaround: Turn off the ALG likely causing the issue.
CSCud40015
Symptom: Client/Server IPs are interchanged in CLI sh serv-in statis conn on Peer AC's.
Conditions: Client/Server IPs are interchanged in CLI sh serv-in statis conn on Peer AC's. This
symptom is observed when there are 4 AC's in the ACG and the context is up and Operational. Some
traffic is sent and only one AC owns that flow. When the CLI sh service-inse statis conn is executed
on the AC, which owns the flow it shows the right output. But when the same command is executed
on other AC's the Client and Server IP 's are interchanged.
CSCud40063
Symptom: Stale PVP object seen.
Conditions: Do a RP switchover with a PVP configured on ATM port and cdvt global config enabled
on Barbarian SPA.
CSCud41480
Symptom: QFP may reload.
Conditions: The known conditions for this are to have oneFirewall and NAT configured on a
ASR1002-X, but crash is intermittent.
CSCud41501
Symptom: The first and last timestamps shown in the output of show flow monitor <name> cache
command shows incorrect values on an ASR1K with RP1 route processors.
Conditions: This symptom occurs during the following situations:
Attach a record that contains timestamp sys-uptime first and / or timestamp sys-uptime last
field(s) to a monitor. Predefined records such as "netflow-original" already have these fields
defined.
OL-26698-16
113
Under the interface config mode, configure the above defined monitor using [ip | ipv6 | mpls]
flow monitor <name> (sampler) [input | output]

Issue the following show command to see the cached records: show flow monitor <name>
cache.
In the output of the above show command, the values displayed for the first and last timestamp
fields can be incorrect.

CSCud42197
Symptom: map-request is missing in xTR.
Conditions: This symptom is observed in the CLI lig self all.
CSCud42595
Symptom: Hit a ipfrag traceback. Mar 12 20:18:34: IOSXE-3-PLATFORM F0: cpp_cp: QFP:0.0
Thread:116 TS:00000154141676112657 FRAG-3-REASSEMBLY_ERR Reassembly/VFR
encountered an error: Failed to restore packet persist state
-Traceback=1#414e7dc23f4098796bcf8e5a8b3063ad 804c085b 8051a7ae 80276582 80277b0d
80277b6f 80475481 800976d1 804b07e9 Mar 12 20:18:48: IOSXE-3-PLATFORM F0: cpp_cp:
QFP:0.0 Thread:082 TS:00000154156360067524 ATTN-3-SYNC_TIMEOUT msecs since last
timeout 154149821, missing packets 43
Conditions: Thiis symptom is observed when fragments received and fragments reassembly related
packets are dropped.
CSCud42919
Symptom: FP crash.
Conditions: up to 70~80K translation sessions, SIPand H323 mixed traffic
CSCud43620
Symptoms: The Gateway fails to send ACK after 200 OK while testing DNS/SRV Lookup on a VOIP
peer with weight/priority.
Conditions: This symptom is observed when a Cisco router is loaded with
c2900-universalk9-mz.SSA.153-1.7.T image.
CSCud44854
Symptom: hash table not memset for ALG during intialization.
Conditions: This symptom occurs during the following conditions:
Start sip/h323/... traffic
Establish NAT session over 60~70K
Send CLI combinations with below actions:
clear ip nat trans *
shutdown inside / outside traffic interfaces
remove nat/alg config
114
OL-26698-16
reconfig nat/alg and unshut interfaces
CSCud45750
Symptom: Extended data forwarding outage when MLPPPoLNS session forwarded to a new link
due to a OSPF link change. Possible MLPPP member link session flap.
Conditions: When a MLPPPoLNS session is defined using a member link session with multiple
paths to the destination LAC via OSPF, if the member link session interface changes after the session
is active a extended data forwarding outage may occur due to the OSPF link change. Possible
MLPPP member link session flap may also occur.
Workaround: There is no workaround. Also keep in mind that even with the fix associated with bug
report, per packet load balancing is NOT supported with MLPPP. Only per destination packet load
balancing.
CSCud47046
Symptom: No-way voice occurs after transferring external calls to an external recipient. The PBX
does a external transfer and uses a new transaction leg which indicates that media should be hair
pinned on the SBC, but no media is heard.
PBX(A)----SIP-----SBC(B)----SIP-----service-provider(C)
The following are the different Call scenarios:

PBX(A) user dials external party (towards C) the calls is answered.
PBX(A) user presses the conference/transfer key which places the call on hold. MOH is heard
by the external party.

PBX(A) user dials external party (towards c) and the call is answered.
PBX(A) user completes the call transfer.
The call transfer is completed, but no audio is heard, by either A or B.
Conditions: The issue occurs only when all of the below conditions happen together:
One side has nat enabled and rtp comes before sdp offer/answer is completed.
Four calls are modified to two hair pin call sets, that is two calls are hair pined.
Later call modification makes four calls hair pined together

CSCud49494
Symptom:ESP crashed with multicast service reflect config when recieving udp fragmented packets
Conditions: multicast service reflect configured udp fragments recieved in the VIF interface.
CSCud49777
Symptom: In a Flex scale setup, few of the framed routes do not get installed even though all the
sessions come up fine. As a result, traffic flow is affected.
Conditions: Perform clear crypto session on the headend. Sessions will be triggered again from
SVTI. For few of the sessions, framed route is not installed.
CSCud53401
Symptom: The router crashes due to a hardware interrupt.
OL-26698-16
115
Conditions: When FRF.12 is configured on ESP100 or 1RUVE2, the recycle queue cannot be
changed on-the-fly because there may be packets inflight that will be enqueued to this queue by the
hardware.
CSCud55724
Symptom: na-src-adj table does not work for text userid.
Conditions: This symptom is seen always.
CSCud56064
Symptom: iDivert call to voice mail failed after call forward
Conditions: When running with IOS version - 15.3(1.8)T
CSCud56400
Symptom: Build breakage occurs due to CSCub81489 partial export to mcp_dec.
Conditions: This symptom is observed with export to mcp_dec.
CSCud58038
Symptom: ucode crash is seen with nat tgn mode and CLI operation during traffic
Conditions: This issue occurs during the conditions:
setup sip/h323 traffic
shut ->clear ip nat tr * -> unshut
remove ip nat
shut clear ip nat tr *
CSCud60014
Symptom: The control process crashes during the reconfigurations on ESP100 or 1ruve2.
Conditions: This issue occurs during the reconfigurations such as adding a hierarchical policy to an
ATM, changing a class-of-service for an ATM VC, etc. and results in a new scheduling hierarchy.
CSCud61316
Symptom: The vTCP reset storm is observed in NAT/ALG back-to-back deployment.
Conditions: The issue occurs during the following conditions:
A TCP NAT session is established between two ASR1K.
Abnormal ALG packets are received from both the sides.
An additional TCP segment is received by ASR 1K after ASR1K sends out the TCP RST.
Workaround: Manually clear the affected NAT session.
CSCud61366
Symptom: fp20 & fp40 cards crashes if single bit parity error occurs on TCAM device#1.
Conditions: TCAM (hardware) single bit parity errors are very rare and recoverable. Due to a defect
in fault recovery code FP crashes instead of recovering from this hardware error.
116
OL-26698-16
Workaround: There is no workaround. May not run into this problem again after FP is rebooted.
CSCud63126
Symptom: The crashinfo file is not generated.
Conditions: This issue is specific to the ASR1K and the RP1. RP2 doesnt have this issue. It has
been seen for Software Forced Crashes.
CSCud66316
Symptom: The log messages for REJECT Create Session Response message is not printed in the
sys-log.
Conditions: This symptom is observed when the GTP AIC is configured in the UUT.
CSCud66955
Symptom: SPA-2CHT3-CE-ATM is flapping with Nortel Passport due to the fast bouncing of up or
down 10s, after the interface is brought up.
Conditions: This symptom is observed in E3 and DS3 mode.
CSCud70243
Symptom: Some IPv6 subscribers fail to come up in a scenario in which there is a frequent session
churn.
Conditions: The issue occurs on an ASR 1K router, for IPv6 subscribers that have traffic classes
configured. It occurs when the sessions are torn down soon after coming up. It can also involve a
change to a session's complement of traffic classes shortly after coming up, but before being torn
down. A number of pending objects can register in the output of the show platform software
object-manager fp active statistics command.
Workaround: Remove the pending objects by performing an FP switchover on ASR 1K routers that
have two of them. Before performing an FP switchover, make sure that there are not any pending
objects on the standby FP. This can be determined by using the command show platform software
object-manager fp standby statistics. If the standby FP has pending object counts when the system
is in steady-state, it should be reloaded and checked for pending objects after it comes back. If the
new pending object counts reach is 0, then proceed with an FP switchover.
CSCud71253
Symptom: Outbound traffic does not flow.
Conditions: This symptom occurs when configuring the IPv4 VRF aware IPSec with crypto maps
with ivrf=ivrf1 and fvrf=global.
CSCud72509
Symptom: The ESP100 is crashed.
Conditions: The issue occurs when the NAT is configured, TCP segments size is larger then 26K,
ESP100, or 1002-X.
Workaround: Add no payload-option in the nat entry to disable all alg or disable a specific DNS
tcp alg by using the command no ip nat service dns tcp.
OL-26698-16
117
CSCud72816
Symptom: Reload of standby QFP can (rarely) occur.
Conditions: This symptom is observed when IOS-XE NAT is configured and is used in HA mode
(either intrabox or box-to-box) and a clear ip nat trans or NAT configuration is changed while there
are translations.
Workaround: There is no workaround, but this is a very rare condition.
CSCud73594
Symptom: The MMA objects are not removed after policy detach. This can be seen with the
following CLI command: show platform software object-manager fp active object-type-count |
inc mma. Eventually, this can lead to a failure in applying a Seawolf configuration.
Conditions: This symptom is observed during the massive sequence of policy attach or detach
operations.
CSCud73599
Symptom: Records are not generated even after several configurations.
Conditions: This symptom is observed during Config replace or any other massive performance
policy configuration.
CSCud73600
Symptom: The FP is crashed.
Conditions: The issue occurs when the QoS is configured on physical interface, which is bind to a
BDI interface. Stile is configured on the same BDI interface.
Note
Stile is not supported on BDI interfaces and must not be configured on it.
CSCud73652
Symptom: Incorrect MMON/ART metrics reported and/or crash.
Conditions: The issue occurs in some rare cases, when:
Packets of the same flow are processed by FME on more than one interfaces.
FME processes from the second interface and continues further, ends due to some error (rare
case).
CSCud75024
Symptom: The ESP cpp_cp_svr process crashes, with the trace back pointing to the
cpp_ess_ea_ffr_entry_free function.
Conditions: The issue occurs during the session teardown.
CSCud75692
Symptom: Tunnel QoS is broken.
Conditions: This symptom is observed when the tunnel target interface is ATM sub-interface.
118
OL-26698-16
CSCud75856
Symptom: Presence of FP core file.
Conditions: Under certain very rare (unreproducible in lab) conditions, multicast LRE code can run
out of rbufs while serially processing the packets, presumably, because feature chain is executed.
Workaround: Disabling MLRE through the configuration command platform multicast lre off can
be done if condition occurs.
CSCud77549
Symptom: CPPOSLIB-3-ERROR_NOTIFY error messages are reported while trying to configure
the inspect policy for the ZBF in ASR1K.
Conditions: ZBF config, good number of entries in the ACL maps under the class-map
Workaround: Reload the ESP and remove the ACL entry that is creating the issue.
CSCud78649
Symptom: An error message SBC: SBC ^TÛ^\V is not configured is printed when activating sbc.
Conditions: The issue occurs when the activate command is Run just after the command
media-address ipv4...
ASR-1001-CCN-7(config)#sbc test ASR-1001-CCN-7(config-sbc)#sbe
ASR-1001-CCN-7(config-sbc-media-address)#activate SBC: SBC Â^T not configured.
Workaround: exit sbc, and enter sbc again, then Run the activate command.
CSCud79391
Symptom: AVC functionality (performance monitor and media-net) was missing from
advipservices image. It was only present in adventerprise.
Conditions: When loading an advipservices image, AVC functionality could not be configured.
CSCud80832
Symptom: The ASR 1000 router can result in a ucode crash when the box is running NAT with oer
keyword and also running PfR.
Conditions: The issue occurs when the NAT is configured with the oer keyword on NAT mapping
and PfR is used for traffic optimization, doing a shut or no shut on a PfR external link also happens
to be the NAT outside interface, which can result in a crash if the traffic is flowing.
Workaround: Avoid doing a manual shut or no shut on the PfR external interfaces when running
with NAT. If you must do a shut or no shut, shut down the NAT inside the interface first, then do a
clean ip nat trans * and then shut the PfR interface
CSCud81011
Symptom: Sometimes the fman_aom_cce traceback is seen.
Conditions: This symptom is observed only with certain configurations
CSCud86039
Symptom: ASR1K router that is running the NAT with a keyword oer in the NAT overload mapping
can cause disruption to the NATted sessions when the PfR feature changes the exit link.
OL-26698-16
119
Conditions: ASR1K router that is running the NAT with PfR with a oer keyword in the NAT
configuration can result in this condition.
CSCud86240
Symptom: The ASR1K ESP crashes (ucode core file created) when compressed packets are sent on
a Multilink PPP interface using IOS XE 3.5 and earlier ASR1K software images. On IOS XE3.6 and
later ASR1K software images a crash does not occur, but routed traffic on configured interfaces are
not forwarded. But, local traffic between the peer routers can be forwarded. In all releases, routed
traffic will be dropped on any other interfaces (for example, PPP, Multilink PPP, HDLC, and so on.)
configured for this mode of compression.
Conditions: The issue occurs if the legacy IOS compression feature compress [mppc | stac |
predictor] is configured on any interface (for example, PPP, Multilink PPP, HDLC, and so on.). If
this feature is configured on a Multilink PPP interface then the ESP crash can be encountered if
using an IOS XE3.5 or earlier ASR1K software image.
interfaces as this functionality is not supported on the ASR1K. The software fix associated with this
bug report will be removing this configuration option from the ASR1K.
CSCud88366
Symptom: Kingpin: plim tx drop if gi0/0/0 is used as tunnel source physical interface.
Conditions: The issue occurs when Gige interface as SVT tunnel source interface and 4K QoS policy
is applied to 4K SVTI tunnel.
CSCud90021
Symptom: An ASR1K running 03.06.00.S.152-2.S can crash due to a NAT bind age timing.
Conditions: This issue is a rare timing condition which is triggered by the RG infra toggle.
CSCud90142
Symptom: The GTPv2 drop counter increments, when actually, no messages are dropped.
Conditions: The issue occurs when the cause value in Create Session Response is 78.
CSCud91102
Symptom: Router reload.
Conditions: The issue occurs during the heavy AVC traffics.
CSCud91877
Symptom: Cannot include "." in the variable name, used in header editor.
Conditions: The issue occurs always.
CSCud91920
Symptom: When configuring an ACL for both IPv4 and IPv6 in a policy-map, the policy-map does
not work properly.
120
OL-26698-16
Conditions: The issue occurs when an ACL is configured for both IPv4 and IPv6 in a policy-map
and when the policy-map is attached to an interface or control-plane.
Workaround: Use IPv4 ACL and IPv6 ACL in a same class-map with match-any.
CSCud92596
Symptom: When traffic is sent with VLAN2 tag between two ixia ports through ASR1004 as below.
After executing the command show controller, input vlan errors can be found and the counter
increases without any packet drops. It is also found that when show interface command is executed,
the value of input errors counter under related interface is 0
Conditions: There is no known condition for this symptom.
CSCud92837
Symptom: Symptom: The aggregation-type prefix-length of PfR cannot be configured to less than
16. If so, the number of learned prefix will be much less than what it must be.
Conditions: The issue occurs when PfR is enabled.
Workaround: It is better to configure the aggregation-type prefix-length of PfR to greater than 24.
CSCud92879
Symptom: Symptom: The current session for control plane is too small.
Conditions: The issue occurs during the basic GTPv1 configuration, and GTPv1 traffic.
CSCue00726
Symptom: There is no functional impact to the system performance, warning messages will be seen
only during initialization of the router and there are no security concerns on these units: *Dec 16
17:58:02.432: IOSXE_PLATFORM-3-WDC_INVALID_LENGTH WDC length can not be
determined: 65535 . *Dec 16 17:58:10.703: PLATFORM_SCC-1-AUTHENTICATION_FAIL
Chassis authentication failed *Dec 16 17:58:10.703:
IOSXE_AUTHENTICATE-2-AUTHENTICATE_FAILED. The platform authentication failed.
Conditions: Programming of Quack & WDC (Watch Dog Certificate) was accidently disabled in
manufacturing during the regression testing. This caused units to ship without Quack & WDC
programming. These messages show up at boot up for these specific units that had the quack
disabled
CSCue05798
Symptom: Need to backout due to the hardware limitation.
Conditions: Fix not needed due to the hardware limitation.
CSCue12387
Symptom: FDT charts in CM GUI are improper.
Conditions: This symptom is observed due to the inconsistency between actual output of show
policy-map target service-context command and its XML equivalent.
Workaround: Check the corresponding WAAS (WAE) TCP graphs for achieved optimization.
CSCue14379
OL-26698-16
121
Symptom: If a new ATM PVP shaper is configured during the runtime and then a ATM VC with that
VPI value is configured, tracebacks will be generated. Router operation will continue but QoS
configuration for the VC and VP will be incorrect.
Conditions: A new PVP must be configured and a new VC is configured with that VPI.
Workaround: Configure the new PVP shapers, save the configuration, reboot the router. After the
router is rebooted, VCs configured in the shaped VPs will have the correct QoS configuration.
CSCue15619
Symptom: SBC CLI hung.
Conditions: The issue occurs while configuring the signaling-peer-port when the adj is attached,
the new vty terminal would be hung.
CSCue17371
Symptom: NTE cannot pass through.
Conditions: The issue occurs for a transcoding call.
CSCue17800
Symptom: 6RD and MPLSoGRE tunnel perf drop in x39 throttle more than 5% compared to 3.8
throttle
Conditions: Perform 6RD and MPLSoGRE tunnel decapsulation.
CSCue19598
Symptom: Show service-insertion statistics service-node-group command produces incomplete or
incorrect output when multiple SNGs are configured under the service-context.
Conditions: Multiple SNGs are configured under the service-context
CSCue20394
Symptom: Retransmitted SIP request message is calculated for related SIP method counter,
however, the counter for other request counter also gets incremented.
Conditions: This symptom is observed during an ongoing transmission.
CSCue22084
Symptom: The Create Session Response message is dropped.
Conditions: This symptom is observed when the TEID in Create Session Response message is 0.
CSCue25321
Symptom: BFD flaps continuously upon ESP switchover.
Conditions: This symptom is observed during the ESP switchover.
CSCue32352
122
OL-26698-16
Symptom: Non-HDLC traffic (Non standard, but customer defined traffic) coming through HDLC
interface gets dropped by ASR1K.
Conditions: Normal L2TPv3 configuration.
CSCue33171
Symptom: The command show platform software memory chunk qfp-control-process qfp active
shows that there are memory leaks from CPP STILE Server CTX Chunk. There are three cases of
this memory leak:
Case 1: When NBAR is active, there is a leak of 40 bytes every 10 seconds.
Case 2: When NBAR is active, there is a leak of 60 bytes every 10 seconds.
Case 3: When NBAR is not active, there is a leak of 20 bytes every 10 seconds.
Conditions: Case 1 is observed when the router is running an image with a version prior to 15.3(1)S.
Cases 2 and 3 are observed when the router is running version 15.3(1)S or later.
CSCue34315
Symptom: TDL incompatibility
Conditions: This symptom is seen with the ISSU.
CSCue34591
Symptom: No Symptoms as such. PTP will come up as a process on both IOS and BINOS.
Conditions: This symptom is seen when the router is upgraded to XE39 image.
Workaround: There is no workaround, the PTP process comes up on IOS and BINOS.
CSCue39090
Symptom: A very small FM memory leak is observed.
Conditions: When attach, detach, or modify a classification policy, a small leak exists.
CSCue44303
Symptom: Tracebacks or ESP reload is seen with INFRA-3-INVALID_GPM_ACCESS error msg
on standby.
Conditions: This symptom is seen under low memory conditions.
CSCue44651
Symptom: On ASR1K, with GTP ZBFW pinholes are opened on GTP-U on the initiating side.
Traffic back is dropped, since the UDP-SRC port of the initiation side is changed from xxxx to 2152.
Conditions: This symptom is observed when GTP ZBFW is enabled.
CSCue46537
Symptom: Whenever we clear the counters using clear counters only the interface counters are
getting cleared. Controllers counters never get cleared unless the router is rebooted. In this case,
controller is SPA-2XT3/E3.
OL-26698-16
123
Conditions: This symtom is observed only on ASR1K.

CSCue46852
Symptom: Local and remote UDP ports are not set correctly in the inbound IPSec Security
Association (SA).
Security (IPSec) termination and aggregation router, and when Tunnel-protection (TP) or Virtual
Tunnel Interface (VTI) is deployed, and when IPSec sessions are established behind the Network
Address Translation (NAT).
CSCue51967
Symptom: An ASR1K or ISR 4400 router may experience service interruptions and may encounter
a QFP microcode software exception. The log will indicate that the router processor has crashed and
restarted.
Conditions: The router is performing DMVPN tunneling or is operating as an AppNav controller
while collecting data for AVC.
CSCue63181
Symptom: The Delete PDP Context Response message is dropped.
Conditions: This symptom is observed when Delete PDP Context Request is rejected.
CSCue69075
Symptom: BDI interface stops forwarding the traffic.
Conditions: This symptom is observed when there is a loop in data path.
Workaround: Recreate the BDI interface.
CSCue71410
Symptom: Console corruption is seen sometimes when the punt keepalive packet drop happens
during bootup of the router.
Conditions: This symptom is observed when punt keepalive packet is dropped and other console
Workaround: Punt keepalive messages can be disabled in the config, but it is not a recommended
CSCue72210
Symptom: Ping fails when NAT64, PAT, and ZBFW are configured.
Conditions: Valid zone-pair is configured & ZBFW sessions exists, IPv6 ping fails from pagent.
This happens only with NAT64, PAT, and ZBFW combination.
124
OL-26698-16

includes severity 1, severity 2, and selected severity 3 caveats.
Note
Release Notes.
Note
Cisco Systems, Inc.

www.cisco.com
Caveats in Cisco ASR 1000 Series Aggregation Services Routers Release 3.8S, page 48

Release 3.8.2S

3.8.2S
This section documents the unexpected behavior that might be seen in Cisco ASR 1000 Series
CSCtq81245
Symptom: SPA-4XCT3/DS0 reloads after performing an fp reload.
Conditions: 1. Issue is seen on a single fp system 2. Issue is seen when serial interfaces are
configured on the SPA.
CSCuc47356
static route.
CSCuc65049
Symptoms: Routing might not be in accordance with the performance routing policy even when
NBAR classifies packets correctly.
Conditions: This may occur after reloading a Performance Routing (PfR) configuration onto the
router.
Workaround: When links between routers are defined by OSPF (Open Shortest Path First), the
problem does not occur. Use the recommended PfR configuration, using OSPF, to define peers for
each border router.
CSCud14945
Symptom: IPv4 IP Security (IPSec) tunnel bring up time is longer in the dynamic crypto-map
deployment.
OL-26698-16
Conditions: This symptom is observed on a Cisco ASR1000 series router that functions as an IPSec
termination and aggregation router.
CSCud24378
Symptom: Traffic rate verification fails after QoS configuration changes.
Conditions: On QoS configuration changes, after re-adding the p-map on tunnel.
CSCud64870
are multiple CDPs, the hub router fetches the CRL in a parallel way, which leads to a crash under a
timing issue.
Workaround: Setting up one CDP instead of multiple CDPs will avoid the timing condition that leads
to the crash.
CSCud77549
Symptom: CPPOSLIB-3-ERROR_NOTIFY error messages are reported while trying to configure
the inspect policy for the ZBF in ASR1K.
Conditions: ZBF config, good number of entries in the ACL maps under the class-map
Workaround: Reload the ESP and remove the ACL entry that is creating the issue.
CSCue48456
Symptom: Call is disconnected after CUBE sends BYE to both call legs.
Conditions: Occurs on a video call where a mid-call re-INVITE occurs to modify the media stream.
CSCue50255
Conditions: on flapping multilink interfaces
CSCue51375
Symptom: The dynamic monitor is populated with incorrect records and the performance monitor
cache incorrectly includes encapsulated traffic.
Conditions: This issue might occur when a GRE tunnel output interface is configured with a
performance monitor on an ASR1000 series router, and the output physical interface from which the
packets are transmitted is configured with a native FNF monitor.
CSCue53207
OL-26698-16






CSCue80506
Symptom: Traceback at DMVPN Spoke registration, DMVPN QoS policy not deployed to QFP
datapath component.
OL-26698-16
CSCuf04726
Conditions:
3. Save config.
4. Reload.
CSCuf20409
CSCuf43548
CSCuf50092
Symptom: Flow Around is not working with a 3.8 CCO image.
Conditions: This issue is seen only on 3.8 CCO image and not in 3.8 throttle pull image.
CSCuf61531
Symptom: Under load condition with contact-center call flows, some calls might be disconnected
unexpectedly. ASR CUBE is sending unexpected BYE for a single call for VZ call flow
Conditions: Load of 40 CPS in a contact-center flow, multiple SIP messages with DSP, and
call-block feature.
Details: VZ business call flow, where multiple mid-call re-invites with insertion and deletion of
transcoder in the call. Call block is enabled, so no mid-call changes are sent over ISP network.
CSCuf65404
Symptom: A call fails if the transcoder is needed for DTMF interworking and vcc offer-all is
configured.
Conditions: CUBE reserves the transcoder for codec mismatch and releases the transcoder, since the
codecs are identical. But dtmf still requires the transcoder for interworking.
CSCuf65537
Symptom: Crash with Verizon contact-center call flow.
Conditions: Crash is observed with CAC configs & 40 cps call rate:
OL-26698-16
UNIX-EXT-SIGNAL: Segmentation fault(11), Process = RSCCAC CALL DENIAL SCAN

-Traceback= 1#0ac7b601f45270393178c559213c70ba :400000 344C0D0 :400000 699DCD1
:400000 344C43B :400000 344C386 :400000 344C6B0 :400000 699D248
CSCuf74266
CSCug04450
Symptom: PfR fails to control traffic-classes when the subnet mask is greater than the prefix length.
Conditions: The issue is seen either with the default prefix length or when the prefix length is
configured.
Workaround: Configure aggregation-type as BGP instead of prefix-length.
CSCug08561
Symptom: After a Web logon, the user does not get a Web logon response page sent by the portal.
If the Web logon is successful, the user is not redirected to the Web address specified. Instead, the
user is redirected to the portal for authentication.
Conditions:
1. Walkby feature is enabled with L4R & PBHK features applied to lite session.
2. User initiated the Web logon request.
Details: Upon a Web logon, an account-logon COA request is triggered from the portal to ISG. In
ISG, the request triggers conversion of the lite session to a dedicated session. During the conversion,
lite session and its associated resources (L4R and PBHK mappings) are removed from PD, and the
dedicated session gets provisioned. Once conversion is done, ISG replies to the portal with COA
ACK/NACK. Based on the response from ISG, the portal generates a Web logon response-page
(SUCCESS/FAILURE) and sends it back to the client.
But when the response packet reaches ISG, it does not get classified to the downstream session
(because PBHK & L4R mapping were deleted). As a result, the packet is dropped in ISG.
CSCug12997
Symptom: The ASR 1004 router crashes with:
CPPHA-3-FAULT: F0: cpp_ha: CPP:0.0
desc:ETC_ETC_LOGIC1_LEAF_INT_INT_LP_LONG_PKT_ERR det:DRVR(interrupt) class:OTHER
sev:FATAL id:2694 cppstate:STOPPED res:UNKNOWN flags:0x7 cdmflags:0x0
Conditions: VASI, cryto, mpls, during normal operation (as per what is known).
CSCug21859
Symptom: With NBAR configured on the NAT interface, an ASR1000 crashes on receiving a broken
packet.
Conditions: ASR1000 DNS packet coming (broken at L4 header), NBAR configured (match
protocol dns), NAT with vasi interfaces.
OL-26698-16
CSCug27334
Symptom: ASR router might start using new SPIs before quick mode exchange finishes. This causes
invalid SPI messages on the receiver side and, in some cases, flap of IKE/IPsec.
Conditions: First seen on IOS XE 15.2(4)S with DMVPN.
CSCug28249
Symptom: The ASR1004 crashes on ESP when enabling NAT. In both of the cores, the packet in
question is a DNS packet. The crash is observed when trying to invoke the DNS ALG.
Conditions: Enabling NAT causes ESP to crash
CSCug28904
Conditions: Peer router sends nonce with length 256Bytes
CSCug34822
forced option when removing a NAT mapping. The following is an OK example:
CSCug37490
Symptom: VA leak is seen when removing and reapplying a virtual template from the ISAKMP
profile and clearing the crypto session. This results in a stale VA that is up, down and cannot be
cleared.
Conditions: When making changes to a virtual template under the ISAKMP profile with client
session UP-IDLE (Phase 1 only, as no VT exists).
Workaround: Reload.

Release 3.8.2S
Release 3.8.2S.
CSCtc17240
Symptom: Some third party SIP PBXs may have interoperability problems with the authentication
header of a Cisco SIP gateway.
Conditions: Per RFC 3261 section 25.1, the nc value, or nonce-count, should have lower case hex.
This is defined as follows:
nonce-count = "nc" EQUAL nc-value
nc-value = 8LHEX
LHEX = DIGIT / %x61-66;lowercase a-f
OL-26698-16
A snippet of the offending message:

... cnonce="305EE7FF",qop="auth",algorithm=MD5,nc=0000000A
CSCtg13667
Symptom: Packet_Too_Big (type 2, code 0) and Destination Unreachable Administratively
is not sent back if packets are hitting MTU checking or ACL deny on egress
interface.
(type 1, code 1)
Conditions: Issue is observed on ASR1000 running 15.0(01)S code.

CSCts83413
Symptom: While configuring Classic Netflow (and possibly Flexible Netflow) for export of records
to a user-specified VRF, occaisionally user configuration can get out of sync or invalid. In such a
case, the QFP Processor does not have the same VRF information as the IOS config. This results in
Netflow export not working.
Conditions: When this was observed, probably multiple cycles of VRF configuration as well as
multiple cycles of Netflow export destinations had taken place. The endpoint was that the IOS config
was to export to a particular VRF (VRF "BLUE" for example), while the QFP processor had a
configuration to export to the default VRF. Thus the configuration was out of sync and Netflow
export did not function.
Workaround: Unconfigure the Netflow export destination and to reconfigure it.
CSCtv93326
CSCtw74598
Symptom: Call Menu (CM) tone may be detected and suppressed in the following call Flow:
Modem - - [FXS] - - VG224 - - [MGCP] - - CUCM - - [SIP] - - CUBE - - [SIP] - - PSTN Modem
connected to the VG224 places an outbound call to a destination in the PSTN. CM tone from the
originating modem gets removed by the VG224. To verify the symptom, enable "debug voip hpi
notification" and you would see a line "MODEM CM tone detected" in the debug output.
Conditions: SIP trunk provider does not support NSE based modem passthrough and hence VG224
was not configured with "mgcp modem passthrough".
Workaround: 1. Configure the FXS port as a non-mgcp port, disable fax relay and sg3-to-g3
suppression commands at the voip dial-peer level : dial-peer voice 99920 pots no service mgcpapp
port 2/0 dial-peer voice 4001 voip destination-pattern 4001 session protocol sipv2 session
target ipv4:<ip-address> codec g711ulaw no fax-relay sg3-to-g3 fax protocol none no vad 2.
Downgrade to 15.1(3)T4.
CSCty59423
OL-26698-16
Free: 0
-Process= "VOIP_RTCP", ipl= 0, pid= 299

-Traceback= 0x25B1F0Cz 0x25AB6CBz 0x25B1029z 0x46C02Ez 0x46C89Bz 0x46BCC2z 0x471D12z
0x43EF59Ez 0x43DD559z 0x43DCF90z
%SYS-2-MALLOCFAIL: Memory allocation of 780 bytes failed from 0x46C02E, alignment 32

CSCty94210
payload based on the configuration (global for responder, IKEv2 profile for initiator).
Conditions: None.
CSCua78782
Symptom: Authentication of EzVPN fails.
CSCub06422
Symptom: Call flow: PSTN---pri---Voice Gateway---sip---SIP server After running fine for 6-7
days, then 100% of the calls through the voice gateway fail. On a call that comes in through the PRI,
INVITE is sent with m=audio 0. Then, on getting 200 OK from the other end, the gateway disconnects
the call.
Conditions: Router up and running for 6-7 days.
CSCub19185
Conditions: This symptom occurs when UUTs are running Cisco IOS Release 15.2(2)T1.5.
CSCub35268
Symptom: Call dropping issue was found while testing new network based features on AT&T's
FlexReach network. The features are network-based Simultaneous Ringing and Sequential Ringing.
Conditions: The following is the behavior for Simultaneous Ringing: 1. Hopon call from PSTN to
7323204351 2. Both Phone 2 (7323204351) and Phone 3 (7323204350) ring 3. Phone 3 is answered,
but immediately drops 4. Phone 2 stops ringing (I see CANCEL from AT&T for this call-id) 5. PSTN
caller continues to hear ringback tone Per the attached trace, CUBE fails to send a 200 OK with SDP
in response to AT&T's re-INVITE to open up the voice channel. For Sequential Ringing: 1.
HOPON from 4085271217 (Phone 1) to Phone 3 (7323204350) 2. Note the INVITE has media
attribute codec pref 18 0 100 ; INACTIVE 3. CUBE sends 100 Trying then 180 Ringing 4. Phone
rings ~3X then call is cancelled by AT&T side by sending SIP CANCEL message 5. CUBE
acknowledges by sending 200 ok followed by 487 Request Cancelled 6. AT&T sends INVITE to
Phone 2 (7323204351) with media attribute codec pref 18 0 100 ; INACTIVE 7. CUBE sends 100
Trying then 180 Ringing 8. Upon answer - CUBE sends 200 ok with no codec pref in media
attribute 9. AT&T sends re-INVITE - with no SDP 10. CUBE sends 100 Trying 11. AT&T sends
BYE even before CUBE can send 200 ok 12. Caller from AT&T side hear continuous RINGBACK
OL-26698-16
tone Again, per the attached trace on Sequential Ringing, CUBE fails to send a 200 OK with SDP
in response to AT&T's re-INVITE to open up the voice channel. Per AT&T, their side might be
sending the BYE because CUBE sends its initial 200 OK with SDP but no codec preference. (refer
to Sim. Ring Trace).
CSCub53856
%FNF-3-FNF_FIELD_LIST_TOO_LARGE: Field_list too large, max 32.
CSCub63208
Memory corruption detected in memory, when allocated for RTCP statistic
Symptom: An error occurs when CALL_CONTROL-3-STAT_MEMORY_CORRUPTED: Memory
corruption detected in memory=XYZ allocated for RTCP statistic.
Conditions: This condition is occurs when call involves trans-coding.
CSCub86827
Symptom: To enable CFA to 918079611, then press 'CFwdALL' softkey and enter any 4 digit
number, then enter 918179611 and press end. After this we will be able to see "Forwarded to
918179611" on Phone.
Conditions: This condition is observed when SRST mode is configured with after hours.
Workaround: Remove the after hours configuration .
CSCub98357
Symptom: A Cisco router running IOS-XE release 3.6.0S, IOS release 15.2(4)M or newer may
reload.
Conditions: This condition is observed during key exchange with OCSP disable nonce configured.
Workaround: Disable 'ocsp disable-nonce'.
CSCuc12685
CSCuc22348
Symptom: 3900e running 15.2(3)T1 crash at be_MediaOper_UpdateStats
Condition: 3900e running 15.2(3)T1 crash at be_MediaOper_UpdateStats
CSCuc27517
10
OL-26698-16

this fix again.
CSCuc39418
Symptom: When IKE sends KEY_MGR_CLEAR_ENDPT_SAS during initial contact, IPSec sends
KEY_ENG_DELETE_SAS.
Conditions: on performing SSO in spoke.
CSCuc40912
Symptom: Stale objects are seen on RP SWO.
Conditions: Delete IPv6 VRF tunnel that have FNF configured and then do rpswo.
CSCuc42518
Symptom: Cisco IOS Unified Border Element (CUBE) contains a vulnerability that could allow a
remote attacker to cause a limited Denial of Service (DoS). Cisco IOS CUBE may be vulnerable to
a limited Denial of Service (DoS) from the interface input queue wedge condition, while trying to
process certain RTCP packets during media negotiation using SIP.
Conditions: Cisco IOS CUBE may experience an input queue wedge condition on an interface
configured for media negotiation using SIP when certain sequence of RTCP packets is processed.
All the calls on the affected interface would be dropped.
Workaround: Increase the interface input queue size. Disable Video if not necessary.
CSCuc46087
CSCuc49319
Symptom: An INVITE that contains a Replaces: header and also a parameter in the Request URI
will be responded to with a SIP 481 Call Leg/Transaction Does Not Exist. The transfer that was the
trigger of the INVITE with the Replaces: header will fail to complete.
Conditions: This was seen on CUBE when handling a triggered INVITE during a REFER based
transfer.
OL-26698-16
11
CSCuc51076
Symptom: The Reason: header in a SIP BYE may not be consistently passed from the incoming
call-leg to the outgoing call-leg.
Conditions: This was seen on CUBE running 15.1(4)M through 15.2(4)M1.
CSCuc59979
Symptom: The ASR drops the original media stream before the mid call is acknowledged. After the
FAX negotiations fail, the ASR does not return/continue to the original media characteristics.
Conditions: Voice to Fax switchover and remote end point do not support fax, so it responds with
488. CUBE does not update call type to voice after 488.
CSCuc62078
Symptom: Call Flow: 9971 ---- SIP ---- CUCM ---- SIP ---- CUBE ---- SIP ---- Provider
Issue: Provider does not support video codecs, as soon as an INVITE with video codes in the SDP,
provider is disconnecting the call. The customer wants to use Video capability for internal calls and
when external call is made, is requesting if they can strip the Video attributes from SDP going in the
INVITE to provider.
Conditions: Created voice class sip-profiles 1000 and applied under the outgoing dial-peer to
provider. Voice class sip-profiles 1000 request INVITE sdp-header Video-Attribute remove request
INVITE sdp-header Video-Media modify "m=video(.*)" request INVITE sdp-header
Video-Bandwidth-Info remove Before applying the profile, below is the snippet of SDP rcv on
CUBE: After applying the profile, the SDP is like below:
v=0 o=CiscoSystemsSIP-GW-UserAgent 1127 4805 IN IP4 10.59.0.6 s=SIP Call c=IN IP4
10.59.0.6 t=0 0 m=audio 17800 RTP/AVP 8 101 c=IN IP4 10.59.0.6 a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=ptime:20 c=IN IP4 10.59.0.6.
To remove the third c= line, tried the below under sip-profiles: not working as expected: request
INVITE sdp-header Video-Session-Info REMOVE***Trying to add this line, to see if it will make
any difference, however show run, displays Video-Session-Name request INVITE sdp-header
Video-Connection-Info REMOVE***Trying to add this line, to see if it will make any difference,
however show run, displays request INVITE sdp-header remove.
Workaround: If the customer does not have a requirement to have video for external calls, then much
better option is to disable video at CUCM only for external calls. This can be done on CUCM by the
following ways:
1.
Create a new region on CUCM with video disabled.
2.
Keep the SIP trunk to CUBE in that new region.
3.
This way, internal calls can still have video, and there won't be any video coming to CUBE for
external calls.
CSCuc63246
Symptom: Call Flow: PSTN->PRI->Voice GW->SIP->CUCM->IP phone. During an active call
between PSTN and IP phone (non-secure), if the IP phone user presses the Hold key for second time
call gets disconnected. Hold and Resume for the first time works fine. MOH server is using SRTP.
Also, if the IP phone used is secure (SRTP), then call will not get disconnected; no matter, how many
times the user presses the Hold and Resume keys. Customer has mixed mode cluster.
Conditions: When audio session between IP phone and VG is RTP and then the Hold key is pressed
for the second time. The MOH uses Secure RTP.
12
OL-26698-16
CSCuc69342
again.
CSCuc71379
Symptom: An incoming INVITE that is received by CUBE with a Replaces: header will dropped
that Replaces if the outgoing INVITE must hunt through multiple outbound dial-peers.
Conditions: This was seen on CUBE in a SIP to SIP configuration running 15.2(4)M1.10
CSCuc71735
Symptom: A CUBE running the anti-trombone feature might fail to return SIP SDP contents in a
200 OK message on the original, incoming call leg if the outbound leg failed and was retried.
Conditions: This was seen on CUBE running 15.2(4)M1.10 when handling calls for a SIP proxy in
a "proxy-on-a-stick" type configuration (i.e. incoming / outgoing call legs all go through one
CUBE).
CSCuc76298
Symptoms: In ASR B2B HA setup, the new active router crashes at ccsip_send_ood_options_ping
immediately after switchover with OOD OPTIONS enabled.
Conditions: This crash is seen in the following scenarios:
Standby router has OOD OPTIONS enabled either because it is present in startup configuration
or enabled after boot-up.

Disable OOD OPTIONS.
When Switchover happens.
Workaround: Reload standby router once after OOD OPTIONS configuration changes from enabled
to disabled.
CSCuc85157
CSCuc85319
Symptom: RP is crashed.
Conditions: This symptom is observed after flapping the ATM sub-interface that is configured with
the ATM bundle 8192 times
OL-26698-16
13
CSCuc96631
Symptoms: Incoming calls through e1 r2 stop working in Cisco IOS Release 15.2(4)M1.
Conditions: This symptom is observed with incoming calls through e1 r2 in Cisco IOS Release
15.2(4)M1. Outgoing calls work fine.
Workaround: Use Cisco IOS Release 15.2(2)T.
CSCud08595
CSCud19536
configuration.
Workaround: Leave the configuration as-is, or do not broaden the media filters.
CSCud24483
Symptom: Dialling FAC (Feature Access Codes) in the On-Hook state and then going Off-hook
causes the phone to dial the last called number (Redial Operation).
Conditions: This symptom occurs when FAC (Feature Access Codes) Standard or Custom is
configured.
CSCud37099
Symptoms: When SIP KPML digits are being received by SIP-GW, they are not consumed even
though it is configured to consume those KPML digits. This does not cause the remote endpoint to
hear unwanted DTMF tones.
Platforms: All platforms supporting SIP-TDM GW functionality, which includes ISR-G2 series and
VGxx series routers.
Conditions: Whenever SIP-GW negotiates KPML and receives KPML digits from SIP side.
CSCud42595
Symptom: Hit a ipfrag traceback. Mar 12 20:18:34: IOSXE-3-PLATFORM F0: cpp_cp: QFP:0.0
Thread:116 TS:00000154141676112657 FRAG-3-REASSEMBLY_ERR Reassembly/VFR
encountered an error: Failed to restore packet persist state
-Traceback=1#414e7dc23f4098796bcf8e5a8b3063ad 804c085b 8051a7ae 80276582 80277b0d
80277b6f 80475481 800976d1 804b07e9 Mar 12 20:18:48: IOSXE-3-PLATFORM F0: cpp_cp:
QFP:0.0 Thread:082 TS:00000154156360067524 ATTN-3-SYNC_TIMEOUT msecs since last
timeout 154149821, missing packets 43
Conditions: Thiis symptom is observed when fragments received and fragments reassembly related
packets are dropped.
CSCud50029
14
OL-26698-16
reason for the TX drops (sticky):
Bad packet len
: 0
: 0
No skbuff
Bad buf len

: 0
Bad ifindex
: 0
No device
: 0
Device xmit fail : 663 <<<<< ......
Conditions: Counter increase due to large control packets.

CSCud50181
Symptom: ESP crashes when handling srtp-rtp interworking calls.
Conditions: srtp-rtp interworking enabled.
CSCud52658
trustpoints and trustpools.
Enhancement: This enhancement request was for limiting the size of the CERTREQ payload by not
sending trustpools. Benefits:
1. The maximum number of trustpoints that can be sent in a CERTREQ payload are 20. But if
the user configures more than 15 trustpoints, IKE would fail because of failure to build the
CERTREQ payload (16 trustpoints + inbuilt trustpools > 20).
2. There was a substantial risk for Non-SUDI-enabled devices when authenticating
SUDI-enabled devices. This would occur when the non SUDI device has the Cisco
Manufacturing Root CA certificate either built-in or downloaded to the device's trustpool.
Unless an IKE profile is used, the non SUDI device sends the Mfg CA cert to its peer in the
CERTREQ payload.
If the peer is a SUDI device it might send the SUDI chain in the CERT payload in response.
This would result in the device successfully authenticating the peer certificate even though no
other trust was configured.
CSCud60977
Symptom: CRL file is not deleted when CS server is unconfigured manually by no crypto pki
server <name>.
Conditions: CS server should be run before server is unconfigured: crypto pki server <name> no
shut.
Workaround: Delete CRL file manually.
CSCud61366
Symptom: fp20 & fp40 cards crashes if single bit parity error occurs on TCAM device#1.
Workaround: There is no workaround. May not run into this problem again after FP is rebooted.
CSCud65119
Symptoms: A crash might occur while using GETVPN with fragmented IPv6 traffic.
Conditions: This symptom occurs when IPv6 IPsec is used. This issue is triggered by fragmented
IPv6 packets.
OL-26698-16
15
CSCud66669
Symptom: On a 7200 router, the tunnel establishes fine. Encryption and Decryption happens just
fine too. However, after decryption, the packet is not punt to the ivrf in which the tunnel interface
resides, leading to a broken IPSec DataPath.
Conditions: 7200 with VSA - Tunnel (GRE/mGRE) in an iVRF with Tunnel protection
configuration where the iVRF should not be equal to fVRF.
Workaround: Since this issue is not found in 150-1.M9 124-24.T8, downgrading might be an option.
Otherwise, there is no known configuration related workaround yet, although software crypto will
work just fine.
CSCud67112
Symptom: In some cases, NBAR does not classify IPv6 HTTP traffic correctly.
Conditions: May occur with IPv6 HTTP traffic.
Workaround: In cases where IPv4 addressing is sufficient, use IPv4 as an alternative.
CSCud67653
(nonoperational) when CLI sensor reports no reading. No reading is seen from output of show
hw-module subslot all sensors.
Conditions: This bug is specific to 1RU (ASR1001) builtin spa 4X1GE.
Workaround: Possibly, filter entSensorStatus value within customer NMS application.
CSCud71253
Conditions: This symptom occurs when configuring the IPv4 VRF aware IPSec with crypto maps
with ivrf=ivrf1 and fvrf=global.
CSCud71606
Symptoms: The LSMPI Tracebacks errors are seen while clearing IP routes multiple times.
Configuring OSPF
More than 1000 OSPF neighbors, which fragments OSPF LSU packets.
Run clear ip ospf process *. OSPF sends an LSU packet, which triggers the LSMPI Tracebacks
error message.
CSCud72816
Symptom: Reload of standby QFP can (rarely) occur.
Conditions: This symptom is observed when IOS-XE NAT is configured and is used in HA mode
(either intrabox or box-to-box) and a clear ip nat trans or NAT configuration is changed while there
are translations.
Workaround: There is no workaround, but this is a very rare condition.
CSCud75554
Symptom: Previously, when PLAR call was implemented, you needed to disconnect it in order to
pickup a ringing call.
16
OL-26698-16
Enhancement: PLAR call disconnect is now supported.
CSCud75692
Conditions: This symptom is observed when the tunnel target interface is ATM sub-interface.
CSCud81011
Symptom: Sometimes the fman_aom_cce traceback is seen.
Conditions: This symptom is observed only with certain configurations
CSCud81272
Symptom: When receiving a huge DNS response, the DNS ALG might stop translating, with the
response tranparent to the final client.
Conditions: When one single huge response consumes all init DNS pool entry (1024) and greater.
1. Config the NAT.
2. Send dns query response > 12k (vtcp).
3. Check messages.
CSCud86039
Symptom: ASR1K router that is running the NAT with a keyword oer in the NAT overload mapping
can cause disruption to the NATted sessions when the PfR feature changes the exit link.
Conditions: ASR1K router that is running the NAT with PfR with a oer keyword in the NAT
configuration can result in this condition.
CSCud88359
Symptom: Rx traffic drop on the ESP seen by IN_RECV_UNKNOWN_OCT_ERR counter.
Conditions: When IP header checksum is "0" or "0xFFFF". This counter can be checked using the
following command - show platform hardware qfp ac fea ips data drops clear.
CSCud94313
Symptoms: PKI_INV_SPI messages are seen on the console.
Conditions: This symptom occurs in a FlexVPN setup where Virtual-template is configured and
IPsec drops are seen.
CSCud96075
Symptom: A router running Cisco IOS Release 15.2(4)M2 will reload with a bus error soon after the
DSP reloads when there is a live transcoding session.
Conditions: This symptom is observed with Cisco IOS Release 15.2(4)M2.
CSCue05844
OL-26698-16
17
Symptom: The Cisco 3925 router running Cisco IOS Release 15.0(2)SG reloads when connecting
to a call manager.
Conditions: This symptom is observed with the Cisco 3925 router running Cisco IOS Release
15.0(2)SG.
Workaround: Remove SNMP.
CSCue06116
Workaround: Use the no ccm-manager config command to stop the configuration download from
CUCM.
CSCue11507
Symptom: Transfer call not working via SIP-SIP call in cube IOS 15.3(1).
Conditions: IOS Version:15.3(1) T Router:3945e
CSCue17800
Symptom: 6RD and MPLSoGRE tunnel perf drop in x39 throttle more than 5% compared to 3.8
throttle
Conditions: Perform 6RD and MPLSoGRE tunnel decapsulation.
CSCue20394
Symptom: Retransmitted SIP request message is calculated for related SIP method counter,
however, the counter for other request counter also gets incremented.
Conditions: This symptom is observed during an ongoing transmission.
CSCue22084
Symptom: The Create Session Response message is dropped.
Conditions: This symptom is observed when the TEID in Create Session Response message is 0.
CSCue22731
Symptom: WCCP service cannot be enabled.
other is inactive. Then the inactive service cannot be enabled any more.
Workaround: Do not remove a service from the interface when another service is inactive.
CSCue22764
Symptom: ip wccp check acl outbound doesn't work on Ultra/Overlord.
Conditions: Ultra/Overlord platform
CSCue25321
18
OL-26698-16

Conditions: This symptom is seen upon ESP switchover.
CSCue32352
Symptom: Non-hdlc traffic (Non standard but customer defined traffic) coming through HDLC
interface got dropped by ASR1K.
CSCue33171
shows that there are memory leaks from "CPP STILE Server CTX Chunk". There are three cases of
this memory leak: Case 1: when NBAR is active there is a leak of 40 bytes every 10 seconds. Case
2: when NBAR is active there is a leak of 60 bytes every 10 seconds. Case 3: when NBAR is not
active there is a leak of 20 bytes every 10 seconds.
CSCue34694
Symptom: 2921 Router crashed after receiving 486 Busy.
Conditions: Observed when handling 486 Busy response.
CSCue39090
Symptom: A very small FM memory leak is observed.
Conditions: When attach, detach, or modify a classification policy, a small leak exists.
CSCue39206
Symptom: ES Crashes after second 401 Challenge.
Conditions: This symptom occurs when second 401 is received after SDP offer/answer with
CSCue44303
Symptom: Tracebacks or ESP reload is seen with INFRA-3-INVALID_GPM_ACCESS error msg
on standby.
Conditions: This symptom is seen under low memory conditions.
CSCue46537
Symptom: Whenever we clear the counters using clear counters only the interface counters are
getting cleared. Controllers counters never get cleared unless the router is rebooted. In this case,
controller is SPA-2XT3/E3.
Conditions: This symtom is observed only on ASR1K.
OL-26698-16
19
CSCue46664
deployment.
CSCue46852
Symptom: Local and remote UDP ports are not set correctly in the inbound IPSec Security
Association (SA).
Security (IPSec) termination and aggregation router, and when Tunnel-protection (TP) or Virtual
Tunnel Interface (VTI) is deployed, and when IPSec sessions are established behind the Network
Address Translation (NAT).
CSCue47484
Symptom: BFD neighbour is not up.
Conditions: This symptom is observed after ISSU upgrade of active RP.
CSCue47940
CSCue51792
Symptom: ASR 1002-X is causing VPN_HW-1-PACKET_ERROR on its IPSEC peer.
Conditions: This was observed only for ASR1002-X for crypto map based tunnels, with tunnel
keepalive enabled on the peer, and esp-3des as encryption mechanism. Only the GRE returning
keepalive seems to be affected; the rest of the traffic is unaffected.
Workaround: Use one of the following:
Disable gre keepalives on the peer.
Use AES instead of DES as encryption mechanism.
Move towards tunnel-protection-based design instead of cryptomap, and use IPSEC/IKE
keepalives instead of GRE keepalives.
CSCue51886
Symptoms: The SBC CUBE device rejects call connections.
Conditions: This symptom is observed when the Chunkmanager holds a lot of memory and calls do
not get processed.
Workaround: Reloading the box helps to make the box stable.
CSCue51967
20
OL-26698-16
Symptom: An ASR1K or ISR 4400 router may experience service interruptions and may encounter
a QFP microcode software exception. The log will indicate that the router processor has crashed and
restarted.
Conditions: The router is performing DMVPN tunneling or is operating as an AppNav controller
while collecting data for AVC.
CSCue52065
Symptom: With WCCP configured, when you replace the configuration, you get get continuous
traceback on the console at fman_wccp_aom_batch_begin.
Condition: Race condition when WCCP interface / WCCP ACL are configured in several
miliseconds.
CSCue59759
Workaround: No known workaround.
CSCue59891
Symptom: When Priority-queue 100% is configured on class-default, packets are not going on High
ESI.
Conditions: When Priority-queue 100% is configured on class-default, packets are not going on
High ESI.
CSCue61481
Symptom: After hard OIR, show inventory does not show inventory info.
Conditions: hard OIR
CSCue63181
Symptom: The Delete PDP Context Response message is dropped.
Conditions: This symptom is observed when Delete PDP Context Request is rejected.
CSCue68258
Symptom: In IOS-XE releases 15.3(1)S2 and 15.3(2)S, upon performing an RP switchover, the
following message might be displayed on the console of the newly active RP:
Modify not supported for FLOW-DEF:<> download to CPP failed
Furthermore, this might cause some of the features on the newly active RP to have stale objects,
which can be observed by issuing the following command:
show platform software object-manager FP active statistics
Conditions: The above message appears when Flexible NetFlow was configured on the previously
active RP.
OL-26698-16
21
Workaround: The only workaround available is to not do an RP switchover. However, if you do go

ahead with an RP switchover and end up in the inconsistent state noted above, you can perform one
of the following actions to bring the router back to a consistent state on the newly active RP.
Save the running configuration to NVRAM and reload the new RP.
Alternatively, if the system has dual FPs, then perform two FP switchovers successively:
1. Switch over from active FP to standby FP using redundancy force-switchover FP.

2. Switch back from standby to active using the same command.
CSCue69075
Symptom: BDI interface stops forwarding the traffic.
Conditions: This symptom is observed when there is a loop in data path.
Workaround: Recreate the BDI interface.
CSCue71410
Symptom: Console corruption is seen sometimes when the punt keepalive packet drop happens
during bootup of the router.
Conditions: This symptom is observed when punt keepalive packet is dropped and other console
Workaround: Punt keepalive messages can be disabled in the config, but it is not a recommended
CSCue72258
tunnel.
CSCue76134
on the standby.
the boxes.
1. clear ip nat trans *
CSCue82511
converge.
Workaround: The workaround is to use the same platform for all the PfR Border Routers.
CSCue83147
Symptoms: WCCP does not work properly with IPSEC/PBR/ZBF/NAT together or vice versa.
22
OL-26698-16
Conditions: Configured IPSEC/WCCP/PBR/ZBF/NAT in the same interface.

Further Problem Description: This defect is to track the rework of the WCCP feature so that it can
work together with IPSEC/PBR/ZBF/NAT.
CSCue87883
Symptom: NAT might not release some of its ALG-related memory.
Conditions: NAT having a large memory footprint after several hours of traffic failed FTP64 ALG
traffic.
Workaround: Reload and turn off FTP64 ALG: no nat64 service ftp.
CSCue88591
leads to crash:
by reloading
CSCue89006
Symptom: SIP ALG creates PAT translation before portlist.
Conditions: This is a SIP ALG cooperation for consistency with NAT modification on defect
CSCuc85157 for PAT. This resolves a problem since v. XE37.
CSCue90034
Symptom: The router cannot be booted up.
Conditions: onefw configuration.
Workaround: Remove the onefw configuration.
CSCue94610
%SPA_DSPRM-3-DSPALARMINFO: Checksum Failure:80000000,0000000e,d0156a80,d0156000
*Mar 14 17:56:05.851:
%SPA_DSPRM-3-DSPALARMINFO: 0042 0000 0080 0000 0000 0000 4368 6563 6B73 756D 2046
6169 6C75 7265 3A38 3030 3030 3030 302C 3030 3030 3030 3065 2C64 3031 3536 6138
302C 6430 3135 3630 3030 0000 0000 0000 0000 0000
come up.
OL-26698-16
23
CSCue97118
Symptom: Cube crashes when codenomicon test is run. This is basically a stress test that checks the
boundary condition for a large From header sent in invite.
Conditions: Very large From header in incoming SIP invite.
Workaround: Fix provided in stack, to handle these error scenarios properly.
CSCue97338
CSCue97986
platform).
CSCuf01088
Symptom: Memory leaks are observed in ASR with CVP call flows.
Conditions: Under load condition, memory leaks are seen in XE3.8.
CSCuf02990
Symptom: Users might experience high CPU utilization during AVC bringup. Bring-up process does
not converge correctly and introduces an unexplained high CPU utilization with traffic.
Conditions: AVC bringup after CPU regulation mechanism turns off service.
CSCuf04906
Symptom: ASR crashes when running VZ Inst image with VZ call flows.
Conditions: Crashes under load conditions.
Workaround: Fix given. While confId is valid, do a hash entry search.
CSCuf15260
Symptom: ASR box crashes while sending Notify with KPML Digit.
Conditions: ASR DTMF type is changing to SIP-KPML mid-call.
CSCuf25232
Symptom: Crashes are seen in CUCM code, which is applicable for IOS stack also.
Conditions: Not known. See also CSCtz08251 and CSCua92010.
CSCuf29121
24
OL-26698-16
Conditions: On ASR1002 system with ipsec is configured on both ingress and egress GRE tunnel
Workaround: configure "no nat64 service ftp" to disable FTP64 ALG, system does not crash with
FTP stateful traffic.
CSCuf36495
Symptom: This defect is a placeholder for adding MPLS awareness to FNF for Software Release
15.3(01)S2. The added code is only for QFP processor code and not for IOS support.
Conditions: FNF - Port MPLS aware ucode changes to XE38 throttle.
CSCuf51881
Symptom: Memory is holding up on CUBE if the KPML Subscription expiration timer is too big
and no unsubscribe is received.
Conditions: This is seen for KPML subscription duration too high under load, with no unsubscribe
received.
CSCuf56490
Symptom: This defect is a placeholder for adding MPLS awareness to FNF for Software Release
15.3(1)S1.
Conditions: FNF - Port MPLS aware PAL changes to XE38 throttle
CSCuf56693
Symptoms: Traceback might appear when configuring NBAR custom protocol on Border Router.
CSCuf60585
CSCug01256

Release 3.8.1S
OL-26698-16
25

3.8.1S
CSCtv93326
CSCua68587
Symptom: cvCallVolConnActiveConnection.sip MIB count does not match what is seen on the CLI.
Conditions: This symptom is observed with the Cisco ASR 1006 running Cisco IOS XE Release
3.6.0S or Cisco IOS Release 15.2(2)S with the asr1000rp2-adventerprisek9.03.06.00.S.152-2.S
image.
CSCub17971
Symptom: No re-registration after switching from hardware to software crypto engine.
Conditions: As per the plan, registration should happen after switching from hardware to software.
CSCub19185
Conditions: This symptom occurs when UUTs are running Cisco IOS Release 15.2(2)T1.5.
CSCub53856
%FNF-3-FNF_FIELD_LIST_TOO_LARGE: Field_list too large, max 32
CSCuc12685
Symptoms: A router has an unexpected reload in SIP code.
26
OL-26698-16

CSCuc27517
Symptom: The permanent license disappears after an IOS upgrade or downgrade.
Conditions: ASR1001 IOS upgrade from 03.05.02 or older to 03.06.00 or later IOS downgrade from
03.06.00 or later to 03.05.02 or older.
Workaround: Install permanent license again.
CSCuc42518
CSCuc58527
Symptom: Mac flush does not happen properly with events like Interface shut/noshut or BD
shut/noshut.
Conditions: This symptom is observed when the mst root priority on R-l2gp config is changed to
make the other PE to become root.
Workaround: Use the old CLI format.
CSCuc73993
Symptom: High packets per second (PPS) in single flow traffic may reduce overall system
performance by 90%.
Conditions: Occurs when there is a very high PPS value in single flow traffic, and when NBAR is
enabled.
CSCuc76298
Symptom: In the ASR B2B HA setup, a new active router crashes at ccsip_send_ood_options_ping
immediately after a switchover with OOD OPTIONS enabled.
Conditions: This crash is seen when a standby router has OOD OPTIONS enabled either because it
is present in the startup config or enabled after the bootup. When you disable the OOD OPTIONS,
the switchover happens.
Workaround: Reload standby router once after OOD OPTIONS config changes from enabled to
disabled.
CSCuc93739
Symptom: Phase 2 for EzVPN client with split network and VTI does not come up if IPSEC SA goes
down.
OL-26698-16
27
due to no traffic. This causes IPsec SA to not come UP in spite of the traffic, leading to packet drops
in client network. The same problem is not seen with 150-1.M7. This behavior is seen post-PAL
where virtual-interface creates a rule set where traffic cannot trigger IPsec SA again once IPsec SA
is deleted.
Workaround: 1. Configure ?ip sla? on EZVPN client for split networks, so IPsec SA will not go
down. 2. Remove ?virtual-interface? from EZVPN client profile if that is not needed. The problem
is not seen in 152-4.M1 without virtual-interface.
CSCud14945
Symptom: IPv4 IP Security (IPSec) tunnel bring up time is longer in the dynamic crypto-map
deployment.
Conditions: This symptom is observed on a Cisco ASR1000 series router that functions as an IPSec
termination and aggregation router.
CSCud19536
configuration.
Workaround: Leave the configuration as-is, or do not broaden the media filters.
CSCud50029
reason for the TX drops (sticky):
Bad packet len
: 0
: 0
No skbuff
Bad buf len

: 0
Bad ifindex
: 0
No device
: 0
Device xmit fail : 663 <<<<< ......
Conditions: Counter increase due to large control packets.

CSCud64870
are multiple CDPs, the hub router fetches the CRL in a parallel way, which leads to a crash under a
timing issue.
Workaround: Setting up one CDP instead of multiple CDPs will avoid the timing condition that leads
to the crash.
CSCud66669
Symptom: On a 7200 router, the tunnel establishes fine. Encryption and Decryption happens just
fine too. However, after decryption, the packet is not punt to the ivrf in which the tunnel interface
resides, leading to a broken IPSec DataPath.
Conditions: 7200 with VSA - Tunnel (GRE/mGRE) in an iVRF with Tunnel protection
configuration where the iVRF should not be equal to fVRF.
Workaround: Since this issue is not found in 150-1.M9 124-24.T8, downgrading might be an option.
Otherwise, there is no known configuration related workaround yet, although software crypto will
work just fine.
CSCue19713
28
OL-26698-16
Symptom: ASR1013 route processor (RP) reloads due to a watchdog reset.

Conditions: This issue is seen with a power supply which reports fan failure/recovery events
continuously.
Workaround: Replace the power supply.
CSCue21381
Symptom: CUBE ASR 1K crashes during the VOIP FPI process.
Conditions: As of now, the specific call flow leading to this crash is not narrowed down, but based
on the code analysis and trace back, it is suspected to happen during the call transfer flow.
CSCue25321
Conditions: This symptom is seen upon ESP switchover.
CSCue27533
Symptom: Multi-VRF Selection with PBR and return traffic is dropped.
Conditions: ASR1002-F/03.07.01.S.
Workaround: Static route in GRT.
CSCue39206
Symptom: ES Crashes after second 401 Challenge.
Conditions: This symptom occurs when second 401 is received after SDP offer/answer with
CSCue42193
Symptom: ASR1k with GetVPN and a large number of ACLs may see tracebacks and fman_fp
crashes on ESP.
Conditions: GetVPN setup and ACLs configured may see these symptoms if the ACL is being
modified.
Workaround: Do not modify the ACL.

Release 3.8.1S
Release 3.8.1S.
CSCtx59316
Symptom: A packet punt to RP due to incomplete adjacency gets processed by CoPP. This makes
the CoPP complex, as these punted packets are not directed to the system and requires the CoPP to
be opened up.
Conditions: This symptom is seen with 3.5.2S and similar releases and by current design.
Workaround: Change the CoPP to allow punted packets.
OL-26698-16
29
CSCua56879
Symptom: XE37 and XE38 images are running with PTP code.
Conditions: XE37 and XE38 are running with PTP code. This feature is not supported in these
releases.
CSCua90697
Symptom: Traffic-class cannot be learned with delay as learning type reports is incorrect in a
number of TCs.
Conditions: Configurate delay as learning type.
CSCub50350
Symptom: Remote loopback messages under show interface and show controller output are not
set correctly.
Conditions: Remote loopback configuration.
CSCub50695
Symptom: Netflow data may be fragmented when using IPv6 exporter.
Conditions: 1. IPv6 exporter is used. 2. A large amount of data are exported at once.
CSCub57913
Symptom: The memory of ESP is exhausted.
Conditions: This symptom is observed when you use the show platform hardware qfp active
feature pfr command a number of times.
CSCub74272
old SPIs are removed and then the VTI tunnel line protocol goes down.
CSCub78299
Symptom: Ping fails from host1 (192.168.1.2) to host2 (192.168.4.2).
Conditions: This symptom is observed when Suite-B is configured on IPsec sa.
CSCub83071
Symptom: Traceback is observed during RP switchover with mediatrace configuration, since SSO
is not supported by mediatrace.
Conditions: Configure mediatrace. Perform RP switchover twice.
Workaround: Remove mediatrace configuration before running RP-switchover. Add mediatrace
configuration on new active RP. Or, If traceback occured, remove mediatrace configuration and
reapply it.
30
OL-26698-16
CSCub86791
Symptom: The maximum active memory for NBAR flows will exceed the maximum allowed
memory.
Condition: This symptom is observed on the 1RU platform with XE3.8 installed. The maximum
flows are set to 750000, but the traffic contains flows higher than 750000.
CSCub89144
Symptom: The VTI tunnel is always in up/up state.
Conditions: This symptom is observed when HSRP failover is configured on the HSRP standby
router only. This issue was first seen on the Cisco ASR router, but it is platform-independent and is
seen on the latest Cisco IOS Release 15M&T and later releases as well.
Workaround: Use GRE or routing protocols for redundancy.
CSCub98177
Symptom: ASR1K as LAC running IOS XE RLS3.5.2 may disconnect PPP session by TermReq
without visible reason, each time in show pppoe stat incrementing SSM DISCONNECT.
Conditions: This symptom is observed in SSO mode, with RP switchover.
CSCuc00658
Symptom: Unable to ping direct connected peer ip address.
Conditions: 1. Configure IP reassembly on sub interface. 2. Configure IPv6 reassembly on the same
sub interface. 3. No sub interface.
CSCuc05174
Symptom: ESP Crashes.
Conditions: Configuration results in exhaustion of CPP external memory.
Workaround: Ensure that the scale does not exceed supported configurations.
CSCuc08061
Symptom: IPv6 DMVPN spoke fails to rebuild tunnels with hubs.
Conditions: This symptom occurs when the tunnel interface on the spoke is removed and reapplied
again.
Workaround: Reboot the spoke.
CSCuc25529
Symptom: Static routes created by RRI are created with the wrong mask for subnet ACLS.
Conditions: This symptom is observed on an ASR1k and 7200 platforms running IOS 15.2(4)S and
15.1(4)M.
CSCuc30500
Symptom: The features NBAR, FNF (AVC), Seawolf (FME), and Lhotse (AppNav) may appear to
be activate even when they are down.
Conditions: This symptom is observed when CFT infra is not initialized on these features.
OL-26698-16
31
CSCuc32543
Symptom: Changes in the configured ppp multilink fragment size or fragment delay are not pushed
down to the data path for Broadband MLPPP sessions. This issue does not apply to MLPPP over
Serial connections.
Conditions: If ppp multilink fragmentation is enabled on a Broadband MLPPP bundle before the
resulting fragment size changes are not pushed down to the data path (i.e. the original fragment size
configuration is retained). The IOS show ppp multilink command indicates that the new fragment
size was applied but in fact the new fragment size may not yet be active.
PPP session. This can be accomplished via the clear ppp interface
<Bundle-Virtual-Access-intf-name> command.
CSCuc36469
Symptom: A crash is observed when you remove the crypto call admission limit ike
in-negotiation-sa <value> configuration and clear crypto sessions, which triggers a connection
from all the clients burdening the server and forcing it to crash within seconds.
Conditions: This symptom is observed only when 150 connections simultaneously try to establish
connection with the Head-end Ezvpn server.
Workaround: Ensure you always configure crypto call admission limit ike
when scaling to 150 tunnels.
in-negotiation-sa 20
CSCuc39469
Symptom: Unable to monitor the newly inserted 2nd Power supply in ASR1001.
Conditions: Insert the 2nd Power Supply to the up and running ASR1001.
Workaround: Ensure that all power supplies are inserted before booting up the ASR1001.
CSCuc41243
Symptom: PfR border router might get reloaded when PfR session flap is under session condition.
Conditions: PfR BR session flap is under session condition. This condition cannot be reproduced in
the lab.
CSCuc44071
Symptom: GRE keepalives go out unencrypted if the Tunnel interface is in up / protocol down state.
Conditions: ASR1k platform (reproduced on 3.4S through 3.7S) - GRE/IPsec using tunnel
protection - keepalives configured on GRE/IPsec tunnel - Tunnel interface in protocol down state
because of previously missed GRE keepalives - PIM configured on Tunnel interface - ip
multicast-routing distributed configured globally.
Workaround: Disable ip multicast-routing distributed (possible performance impact) or remove
PIM configuration from Tunnel interface. The GRE keepalives will be encrypted as long as there is
no CEF adjacency on the Tunnel interface when in protocol down state (i.e. no output from show
adjacency tunnel <number> detail command).
CSCuc59991
Symptom: The traceback may appear in applying or removing Cisco Application Visibility and
Control configuration.
32
OL-26698-16
Conditions: The traceback may appear in a very rare condition of massive applying or removing
Cisco Application Visibility and Control configuration sequence.
Workaround: In case of traceback, remove the configuration and reapply it again.
CSCuc62212
Symptom: sh pla so ob fp active pending-ack-update output hw dirty-bit has error.
Conditions: There are no specific conditions.
CSCuc65424
Symptom: On dual RP configurations, a standby route processor might crash when establishing new
interfaces (could be PPP sessions).
Conditions: This symptom is observed when IDB reuse is turned on on a dual RP configuration, and
when some interfaces are deleted and created again.
CSCuc67116
Symptom: IPSec SA reset when sequence number rolls over back to 0 with anti-reply disable.
CSCuc70310
Symptom: RRI routes are not installed in DMAP. reverse-route is a configuration in the DMAP.
This prevents packets from being routed through the intended interface, and hence packet loss
occurs.
Conditions: This symptom is observed when a simple reverse-route is configured in DMAP without
any gateway options.
CSCuc70578
Symptom: While clearing the counters, the following error message is seen:
%IOSXE-3-PLATFORM: R0/0: kernel:
/scratch/mcpre/BLD-BLD_V153_1_S_XE38_THROTTLE_LATEST_20121015_080026/os/linux/drive
rs/binos/i2c/psmcu/psmcu_main.c:read_from_psmcu (line 185): i2c_smbus_read_byte()
returned -110
Other potential errors: %IOSXE-3-PLATFORM: R0/0: kernel:
/auto/mcpbuilds13/release/03.08.00.S/BLD-03.08.00.S/os/linux/drivers/binos/i2c/psmc
u/psmcu_main.c:read_from_psmcu (line 175): MCU set pointer command failed, -5.
Conditions: Error message seen while clearing the counters.

CSCuc72643
Symptom: Periodic memory leak occurs.
Conditions: This symptom is observed periodically.
CSCuc73993
Symptom: High PPS of single flow traffic may reduce the overall system performance by 90%.
OL-26698-16
33
Conditions: This symptom is observed when there is very large PPS of single flow traffic, and when
NBAR is enabled.
CSCuc74857
Conditions: Payload addresses in DNS PTR record natted without active NAT bindings. RFC 2694
processing DNS PTR queries, eventually contributing to NAT address pool exhaustion.
Workaround: 1. Add deny ACL to avoid NAT translation of unknown payload addresses in the DNS
PTR query. 2. Turn off dns alg service if possible.
CSCuc76130
Symptom: IPsec SAs are not getting deleted even after removing ACL.
Conditions: This symptom occurs when you use the IPsec feature with Cisco IOS Release
15.3(0.18)T0.1.
CSCuc76566
Symptom: The show platform hardware qfp active feature ess session command is supposed to
display a list of features enabled on each session. The status of the FFR feature is not displayed.
Conditions: It affects debuggability of mobility IP sessions on iWAG.
CSCuc77704
Symptom: The GETVPN/GDOI Secondary Cooperative Key Server (COOP-KS) does not download
the policy (that is, when the show crypto gdoi ks policy command is issued on the Secondary
COOP-KS and the command output shows that no policy is downloaded) and Group Members
(GMs) registering to the Secondary COOP-KS fail to register without any warning/error message.
has an IPsec profile configured with one of the following transforms in its transform-set: esp-sha256-hmac - esp-sha384-hmac - esp-sha512-hmac.
Workaround: Use esp-sha-hmac as the authentication transform instead.
CSCuc78499
CSCuc78702
Symptom: %NAT: VRF ID 2385 does not exist seen in the output of show run vrf .
Conditions: If a VRF is defined without configuring an address-family, then this message may be
displayed when the user issues a show running vrf command.
Workaround: The show command output is still valid. This has no impact on the functionality.
CSCuc79208
34
OL-26698-16
Symptom: Error %Port <> is being used by system. When configuring static nat with the same ports
for different IP addresses as shown below, you may see following error message: "%Port 1720 is
being used by system" :
ip nat inside source list IP_PBX_MP_NAT_ACL_PUB interface
Loopback12 overload
ip nat inside source list IP_PBX_MP_NAT_ACL_SUB interface
Loopback13 overload
ip nat inside source static tcp 161.92.7.42 1720 interface
Loopback12 1720 ip nat inside source static tcp 161.92.7.43 1720 interface Loopback13
1720. This issue occurs when you have NAT with overload statements configured before you
configure static NAT for ports.
Conditions: This symptom is observed when NAT with overload statements are configured first.
Workaround: Remove all NAT statements and configure static NAT before NAT overload. (You may
see the failure again at reload time since the commands are nvgenned with the overload command
first.)
CSCuc80725
Symptom: vfr subblock remains without displaying the ip virual-reassembly command.
Conditions: This symptom is observed when you enable NAT and no vfr, and re-enable vfr.
Workaround: Enable no vfr manually.
CSCuc81645
Symptom: Execute the show command and cpp crashes on overlord.
Conditions: None.
CSCuc81662
Symptom: ISR4451 Router doesn't boot properly. The slot F0 stays in init state.
Conditions: This symptom is observed just after a power cycle. This condition is rare and is seen
once every few hundred power cycles.
Workaround: Power cycle the router, a soft reload will not clear this issue.
CSCuc85002
Symptom: Unexpected logs printed in the console during configuration.
*Oct 17 06:54:50.711: %FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F1: fman_fp_image:
(tcp/50.1.1.1 port 4096 - 5119) download to CPP failed
PORTLIST:
*Oct 17 06:54:50.534:
PORTLIST: (tcp/50.1.1.1 port
4096 - 5119) download to CPP failed.
Conditions: This symptom is seen when the configuration includes dynamic PAT (port address
translation) with interface overload.
CSCuc85807
Symptom: In cases where MMON is activated on non-video UDP, traffic jitter values of certain
flows may have incorrect jitter values.
Conditions: Non video and/or UDP traffic is being injected to the MMON engine. It may also
happen to video traffic before it is classified as such (first few packets) - this is self corrective. This
is unlikely to happen since usually MMON is enabled on specific media flows.
CSCuc87847
Symptom: QFP crashes.
OL-26698-16
35
Conditions: Packets are replicated and field in_interface in pkt_state is invalid.

CSCuc88175
Symptom: When a dynamic cryptomap is used on the Virtual Template interface, SAs do not get
created and thus the testscripts fail. This issue occurs because the crypto map configurations are not
added to the NVGEN, and there is no security policy applied on the Virtual Template interface.
Conditions: This symptom is observed only when a dynamic map is used on the Virtual Template
interface. However, this issue is not seen when tunnel protection is used on the Virtual Template
Workaround: Use tunnel protection on the Virtual Template interface.
CSCuc89646
Symptom: When TCP SYN packet is sent with no MSS specified, the default value is set to 0, not
536, as on other platforms.
Conditions: TCP SYN packet is sent with no MSS specified.
CSCuc89800
Symptom: ESP crashes when it receives a for_us packet with multiple (thousands of) tunnel headers.
Conditions: This symptom is observed in a scenario where there are three routers, A, B, and C, and
there is a tunnel T1 between A and C. In router A, a PBR transmits the packets from B through T1.
In router B, a default route points to router A. Router A then transmits a packet through the T1
tunnel, encapsulated with a GRE header. When this packet arrives at router B, due to the flapping
of route between B and C, it is not sent to router C. Instead, it is sent to router A because router A
is the default route. When the packet arrives at router A, it is transmitted through the T1 tunnel again
encapsulated with another GRE header. This cycle continues and the packets are encapsulated with
thousands of GRE headers. Finally, when the route between B and C no longer flaps, it arrives at
router C, causing it to crash.
Workaround: Configure an ACL in router C's tunnel T1 interface, and deny the packet if it has an
inner header with the same src addr and dst addr with outer the header. But this workaround cannot
cover the scenario that has an attack packet encapsulated with multiple different tunnel headers.
CSCuc92567
Symptom: SIP may reload during MDR due to ESI reconciliation failure with active ESP.
Conditions: Extremely rare race condition.
CSCuc93053
Symptom: WCCP stops working after adding ZBF. We see a message of WCCP packets being
redirected but not leaving ASR.
Conditions: ASR with netflow anf ZBF enabled under the same interfaces.
CSCuc93807
Symptom: Metrics that require AOR are not accounted correctly. (for example: ART metrics,
packet/bytes counter and so on.)
36
OL-26698-16
Conditions: 1. Performance policy map is configured with parameter default account-on-resolution

property. 2. At least one NBAR filter is presented in one of the class-maps of the policy-map. 3.
Packets are matched by the class-map without any monitor.
Workaround: Add a flow monitor (even without an exporter) to the class-default.
CSCuc95192
Symptom: Ucode Crash Seen.
Conditions: Unconfigure/Configure static NAT in B2BHA setup.
CSCuc97477
Symptom: This is a new feature for dummy packet support.
Conditions: None.
CSCuc98107
Conditions: The downgrading is found on Release 15.3(01)S onwards.
CSCuc97789
Symptom: The hostname reporting is not supported.
Conditions: It is observed when the AVC URL tool is configured and the http traffic sends the
hostname that are not reported.
CSCud01905
Symptom: Match not apn is not working.
Conditions: Basic gtp message flow.
CSCud03863
Symptom: ESP crashes on CSR.
Conditions: Crash occurs when sending traffic through a non gig 0 interface.
CSCud04066
Symptom: CPP CVLA traceback appears.
Conditions: This may occur during monitor configuration rollback when configuration fails.
CSCud05368
Symptom: Traffic will be redirected to WCCP client even when it is defined as deny in wccp redirect
ACL.
Conditions: WCCP on ASR1k.
OL-26698-16
37
Workaround: There can be two workarounds: 1. Move the deny entries before the permits when
possible (especially for deny ... host ...), but it still may not work in some situations. 2. Use different
redirect ACLs for each service, and remove the unnecessary ones for specific services.
CSCud06852
Symptom: T1 Controller will not be marked as DOWN when there are alarms after the RP
Switchover.
Conditions: RP Switchover.
Workaround: SPA Soft OIR.
CSCud06887
Symptoms: IPsec Stateful failover is configured between two routers. router 1 is chosen as Active.
router 2 is chosen as Standby. router 3 acts as the VPN end peer. A VPN tunnel is created between
the VIP of routers 1 and 2 and router 3. SPIs are replicated from Active (router 1) to Standby (router
2). After switchover from Active to Standby (done by reload of Active router 1), router 2 becomes
Active and takes over the VPN connection. Router 1 comes up after manual reload and then reloads
again by itself. When router 1 comes up after the second reload, SPIs are not replicated from Active
router 2.
Conditions: This symptom occurs when IPsec Stateful failover is configured on Cisco IOS Release
15.2(4)M1. This issue is seen when the HW crypto engine is enabled.
CSCud79391
Symptom: Some AVC functions (performance monitor and media-net) are missing from the
advipservices image. They are included only on the adventerprise image.
Conditions: After loading an advipservices image, some AVC functionality could not be configured.
CSCud12022
Symptom: The over-subscription of a SPA buffer causes a message to be logged; indicating packet
drops in the SPA.
Conditions: This issue occurs during re-configuration, flow-control is not set correctly on the ESP
and results in a broken flow-control on the interface that is re-configured.
CSCud14033
Conditions: This issue occurs when the uRPF and ACL configurations are removed and added while
the traffic is running, copy remove_config running and copy add_config running.
CSCud16127
Symptom: The CPC request message is passed by AIC and sent to another side.
Conditions: The issue occurs because of an invalid IMSI.
CSCud16274
Symptom: The CPP is crashed with core dump file and traceback.
Conditions: The issue occurs when the session setup rate is 10.
38
OL-26698-16
CSCud21267
Symptom: Accesses to the midplane EERPOM or power supply may fail.
Conditions: The issue occurs when the systems have dual RPs.
CSCud21578
Symptom: The ASR 1000 router with iWAG feature running Cisco IOS Release 15.1(3)S may fail
to establish a GTPv1 tunnel with ASR 5000 platform if MSISDN is not provided in the required
format, that is with leading 19.
Conditions: This failure occurs when the MSISDN in cisco-msisdn attribute from AAA server does
not have 19 as Numbering Plan Indicator and Nature of Address for GTPv1.
Workaround: Provision at AAA server to send MSISDN with first two digits as 19.
CSCud22437
Symptom: An ASR 1K might experience a watchdog crash due to a kernel panic. After viewing the
plaintext contents of the resultant kernel core file that is generated, iosd generates a watchdog
because of a soft lockup that prevents it from responding within 60 seconds: <3>BUG: soft lockup
- CPU#0 stuck for 61s! [linux_iosd-imag:26869]
Conditions: There is no particular condition.

CSCud24321
Symptom: The interface hierarchy gets corrupted during OIR such that subsequent reconfiguration
events lead to a system crash.
Impacted Platforms: ESP-100 and VXE-2, also known as Yoda platforms.
Not Impacted Platforms: All CPP10 platforms, that is, ESP-10, ESP-20, ESP-40, etc. It also does
not impact overlord and ultra
Conditions: The issue occurs when:
The FRF.12 P3 queue is not removed from the interface during OIR
The code assumes all features have been removed from the interface before the default queue is
removed.
The default queue is re-added while the P3 is already active and its sub-hierarchy is built on top
of the leaf node for the P3 queue. This causes the hierarchy to grow exponentially to a point
where programming the hardware fails.
Workaround: Removing the FRF.12 before OIR and reapplying it after OIR should work whether
done manually or through a script. However, it is unreliable in the real world where OIR could occur
due to swapping out one SPA for another unless the user remembers to disable FRF.12 before
swapping the SPAs.
CSCud24885
Symptom: When some drops are seen: FirewallInvalidZoneable.
Conditions: The issue occurs when the ASR with WCCP, ZBF, and netflow are configured at the
same time.
Workaround: Ping the destination on Cisco ASR1000 series router before introducing the WCCP
traffic.
OL-26698-16
39
CSCud30024
Symptom: Packet drop may be observed during IP Security (IPSec) rekey.
Conditions: The issue occurs on a Cisco ASR1000 series router when it functions as an IPSec
termination and aggregation router, and when Internet Key Exchange version 2 (IKEv2) is used. The
packet drop, due to invalid SPI, may occur on responder router during rekey.
CSCud31542
Symptom: The DHCP reply message is dropped in the data plane after RPSO or clear IPv6 neighbor.
Setup of DHCPv6 binding.
Clear IPv6 neighbor or RPSO and without traffic before adjacency convergence, then DHCP
reply message will be dropped in the data plane.

Workaround: There are several workarounds:
Send downstream traffic to client which will relearn the neighbor.
Clear IPv6 route X::X/prefix <dhcp installing route> to relearn the neighbor.
Client can reconnect after the DHCP session is timeout.
Client can send RS or NS.
CSCud34131
Symptom: ERSPAN can only monitor ZBFW interface Rx packets.
Conditions: The issue occurs when ERSPAN packets are dropped if the ERSPAN output interface is
not in the same zone as that of monitor interface.
Workaround: Configure the ERSPAN output interface in the same zone as that of monitored
interface.
CSCud35550
Symptom: Many trace backs are printed in the console when GTPv2 messages are handled.
Conditions: Attached configuration is imported. It can also be triggered, if layer 7 drop is
configured.
CSCud35735
Symptom: ucode along with fman_fp core seen in UUT with
GTP_AIC_FUNC_POLICY_CHANGE.
Conditions: The issue occurs while sending traffic from SGSN.
CSCud37568
Conditions: The issue occurs when GTP AIC is configured.
CSCud37921
Symptom: Communication broken. Update PDP Context Requests are dropped, if GSN address is
not identical with the GSN address provided in Create PDP Context Request.
40
OL-26698-16
Conditions: The issue occurs during the 3GPP communication on GRX interface. Roaming mobile
users from GRX to inside can have different GSN address information.
CSCud38010
Symptom: Due to the change of CSCud35735: ASR1K: ucode crash at gtp_aic_match_policy. It is
a defense for smtp aic, as the function call re_multi_match_ascii can result in crash.
Conditions: The issue occurs when the function re_multi_match_ascii meet some invalid array
address, which will return 0xFFFFFFFF as the match length, here in smtp aic, it must be protected
from this exception.
CSCud38558
Symptom: The two causes are:
Might be no monitoring.
Trackback message appears in log: 1#7e4ed294e9cee774e6d357fbecf1228d errmsg:CB20000
2230 cpp_common_os:D1AD000 BBB0 cpp_common_os:D1AD000 B9C0

cpp_common_os:D1AD000 1903C cpp_fnf_svr_lib:FE68000 15D64
cpp_fnf_svr_lib:FE68000 1C2D0 cpp_fnf_svr_lib:FE68000 18E84
cpp_common_os:D1AD000 10A94 cpp_common_os:D1AD000 110CC evlib:CEF1000
E0DC evlib:CEF1000 104C4 cpp_common_os:D1AD000 127E8:10000000 4710 c:A526000
1E938 c:A526000 1EAE0.
Conditions: The issue occurs:
On 3.8 Ver: Happens randomly if HTTP tool is deployed several times.
On 3.7 Ver: Happens randomly if AVC1.5 tool is deployed several times.
Workaround: Reapply the configuration.
CSCud39324
Symptom: Due to the reloading of the ESP.
Conditions: The issue occurs when the ASCII ALG traffic requiring TCP seq or delta fixup on
payload length change due to address translation. This reload could occur rarely with very long lived
TCP connections.
Workaround: Turn off the ALG that is causing the issue.
CSCud39590
Symptom: This is a new feature for dummy packet support.
CSCud40015
Symptom: The client or server IPs are interchanged in command sh serv-in statis conn on Peer ACs.
Conditions: The issue occurs when the client or server IPs are interchanged in CLI sh serv-in statis
conn on Peer AC's. When there are 4 AC's in an ACG and the context is up and operational, some
traffic is sent and only one AC owns that flow. If the command sh service-inse statis conn is
executed on the AC which owns the flow, it shows the right output. But when the same command is
executed on the other AC's the client and server IPs are interchanged.
OL-26698-16
41
CSCud41480
Symptom: The QFP is reloaded.
Conditions: The known conditions for this are to have one Firewall and NAT configured on a
CSCud41501
Symptom: The first and last timestamps shown in the output of show flow monitor <name> cache
command shows incorrect values on an ASR1K with RP1 route processors.
Conditions: The following are the conditions for this symptom:
Attach a record that contains timestamp sys-uptime first and / or timestamp sys-uptime last
field(s) to a monitor. Predefined records such as netflow-original already have these fields
defined.
Under the interface config mode, configure the above defined monitor using [ip | ipv6 | mpls]
flow monitor <name> (sampler) [input | output].

Issue the following show command show flow monitor <name> cache to see the cached
records.
In the output of the above show command, the values displayed for the first and last timestamp
fields can be incorrect.

CSCud42919
Symptom: FP crash.
Conditions: The issue occurs when there is 70~80K translation sessions, SIP and H323 mixed
traffic.
CSCud44854
Symptom: The Hash table has not been memset for ALG during initialization.
start sip/h323/... traffic
Established NAT session over 60~70K
Send CLI combinations with below actions:
clear ip nat trans *
shutdown inside or outside traffic interfaces
remove nat/alg config
reconfig nat/alg and unshut interfaces
CSCud45750
Symptom: Extended data forwarding outage when MLPPPOLNS session is forwarded to a new link
due to a OSPF link.
42
OL-26698-16
Conditions: The issue occurs when the MLPPPOLNS session is defined using a member link session
with multiple paths to the destination LAC through OSPF, if the member link session interface
changes after the session is active, a extended data forwarding outage may occur due to the OSPF
link change. Possible MLPPP member link session flap may also occur.
Note
Currently, only per destination packet load balancing is supported.

CSCud47046
Symptom: No-way voice occurs after transferring external calls to an external recipient. The PBX
does a external transfer and uses a new transaction leg which indicates that media should be hair
pinned on the SBC, but no media is heard.
PBX(A)----SIP-----SBC(B)----SIP-----service-provider(C)
The following are the different Call Scenario:

PBX(A) user dials external party (towards C) the calls is answered.
PBX(A) user presses the conference/transfer key which places the call on hold. MOH is heard
by the external party.

PBX(A) user dials external party (towards c) and the call is answered.
PBX(A) user completes the call transfer.
The call transfer is completed, but no audio is heard, by either A or B.
Conditions: The issue occurs only when all of the below conditions happen together:
One side has nat enabled and rtp comes before sdp offer/answer is completed.
Four calls are modified to two hair pin call sets, that is two calls are hair pined.
Later call modification makes four calls hair pined together.
CSCud49494
Symptom: While receiving the udp fragmented packets, ESP is crashed with multicast service
reflect being configured.
Conditions: The issue occurs when the multicast service reflect is configured and udp fragments are
received in the VIF interface.
CSCud49777
Symptom: In a Flex scale setup, few of the framed routes do not get installed even though all the
sessions come up fine. As a result, traffic flow is affected.
Conditions: The issue occurs while clearing the crypto session on the headend. Sessions will be
triggered again from SVTI. For few of the sessions, framed route is not installed.
CSCud50827
Symptom: The protocol pack upgrade or loading fails, with the following error message: failed add
new signature to heuristic signature.
OL-26698-16
43
Conditions: The issue occurs during the simple protocol pack upgrade, path (starting PP 3.1).
CSCud51361
Symptom: The FNF monitor with application name key does not report HTTP host name.
Conditions: The issue occurs in the FNF monitor with match application name
account-on-resolution.
CSCud53401
Conditions: The issue occurs when the FRF.12 is configured on ESP100 or 1RUVE2, the recycle
queue cannot be changed on-the-fly because of the packets in-flight that is enqueued to this queue
by the hardware.
CSCud58038
setup sip/h323 traffic
shut and unshut clear ip nat tr *
remove ip nat, shut clear ip nat tr *
CSCud60014
Symptom: The control process crashes during reconfiguration on ESP100 or 1ruve2.
Conditions: The issue occurs during the reconfiguration such as adding a hierarchical policy to an
ATM, changing a class-of-service for an ATM VC, and so on, which results in a new scheduling
hierarchy.
CSCud61316
Symptom: The vTCP reset storm is observed in NAT/ALG back-to-back deployment.
A TCP NAT session is established between two ASR1K.
Abnormal ALG packets are received from both the sides.
An additional TCP segment is received by ASR 1K after ASR1K sends out the TCP RST.
Workaround: Manually clear the affected NAT session.
CSCud66316
Symptom: Log messages for REJECT Create Session Response is not printed in sys-log.
Conditions: The issue occurs when the GTP AIC is configured in the UUT.
CSCud67970
Symptom: Provisioned QoS service is not honored.
44
OL-26698-16
Conditions: The issue occurs when the fair-queue is removed from the class on-the-fly, the rates,
that is, bandwidth and shape, are no longer configured in the hardware.
Workaround: Remove the fair-queue class and re-add it without the fair-queue.
CSCud70243
Symptom: Some IPv6 subscribers fail to come up in a scenario in which there is a frequent session
churn.
Conditions: The issue occurs on an ASR 1K router, for IPv6 subscribers that have traffic classes
configured. It occurs when the sessions are torn down soon after coming up. It can also involve a
change to a session's complement of traffic classes shortly after coming up, but before being torn
down. A number of pending objects can register in the output of the show platform software
object-manager fp active statistics command.
Workaround: Remove the pending objects by performing an FP switchover on ASR 1K routers that
have two of them. Before performing an FP switchover, make sure that there are not any pending
objects on the standby FP. This can be determined by using the command show platform software
object-manager fp standby statistics. If the standby FP has pending object counts when the system
is in steady-state, it should be reloaded and checked for pending objects after it comes back. If the
new pending object counts reach is 0, then proceed with an FP switchover.
CSCud72509
Symptom: The ESP100 is crashed.
Conditions: The issue occurs when the NAT is configured, TCP segments size is larger then 26K,
ESP100, or 1002-X.
Workaround: Add no payload-option in the nat entry to disable all alg or disable a specific DNS
tcp alg by using the command no ip nat service dns tcp.
CSCud73594
Symptom: The MMA objects are not removed after policy detach. This is seen with the following
CLI command: show platform software object-manager fp active object-type-count | inc mma.
Eventually, this can lead to a failure in applying a Seawolf configuration.
Conditions: The issue occurs during the massive sequence of policy attach or detach operations.
CSCud73599
Symptom: No records are generated after several configurations.
Conditions: The issue occurs when there is a config replace or any other massive performance policy
configurations.
CSCud73600
Symptom: The FP is crashed.
Conditions: The issue occurs when the QoS is configured on physical interface which is bind to a
BDI interface. Stile is configured on the same BDI interface.
OL-26698-16
45
Note
Stile is not supported on BDI interfaces and must not be configured on it.
CSCud73652
Symptom: Incorrect MMON/ART metrics reported and/or crash.
Conditions: The issue occurs in some rare cases, when:
Packets of the same flow are processed by FME on more than one interfaces.
FME processes from the second interface and continues further, ends due to some error (rare
case).
CSCud75024
Symptom: The ESP cpp_cp_svr process crashes, with the trace back pointing to the
cpp_ess_ea_ffr_entry_free function.
Conditions: The issue occurs during the session teardown.
CSCud77695
Symptom: The security policy is not downloaded to the data path correctly.
Conditions: The issue occurs on a Cisco ASR1000 series router when it functions as an IP Security
(IPSec) termination and aggregation router, and when IPv6 static crypto map with large Access
Control list Elements (ACEs) are configured within a single Access Control list (ACL).
Workaround: The issue can be avoided by:
Applying the IPv6 static crypto map with initial ACL containing less than 10 ACEs.
Adding the ACEs, one-by-one, into the ACL configuration.
CSCud78618
Symptom: Crash.
Conditions: The issue occurs when the iVRF is configured on the ike profile.
CSCud78649
Symptom: An error message SBC: SBC ^TÛ^\V is not configured is printed when activating sbc.
Conditions: The issue occurs when the activate command is Run just after the command
media-address ipv4...
ASR-1001-CCN-7(config)#sbc test ASR-1001-CCN-7(config-sbc)#sbe
ASR-1001-CCN-7(config-sbc-media-address)#activate SBC: SBC Â^T not configured.
Workaround: exit sbc, and enter sbc again, then Run the activate command.
CSCud79391
Symptom: The AVC functionality (performance monitor and media-net) is missing from
advipservices image. It was only present in adventerprise.
Conditions: The issue occurs when loading an advipservices image, AVC functionality can not be
configured.
46
OL-26698-16
CSCud80832
Symptom: The ASR 1000 router can result in a ucode crash when the box is running NAT with oer
keyword and also running PfR.
Conditions: The issue occurs when the NAT is configured with the oer keyword on NAT mapping
and PfR is used for traffic optimization, doing a shut or no shut on a PfR external link also happens
to be the NAT outside interface, which can result in a crash if the traffic is flowing.
Workaround: Avoid doing a manual shut or no shut on the PfR external interfaces when running
with NAT. If you must do a shut or no shut, shut down the NAT inside the interface first, then do a
clean ip nat trans * and then shut the PfR interface.
CSCud86240
Symptom: The ASR1K ESP crashes (ucode core file created) when compressed packets are sent on
a Multilink PPP interface using IOS XE 3.5 and earlier ASR1K software images. On IOS XE3.6 and
later ASR1K software images a crash does not occur, but routed traffic on configured interfaces are
not forwarded. But, local traffic between the peer routers can be forwarded. In all releases, routed
traffic will be dropped on any other interfaces (for example, PPP, Multilink PPP, HDLC, and so on.)
configured for this mode of compression.
Conditions: The issue occurs if the legacy IOS compression feature compress [mppc | stac |
predictor] is configured on any interface (for example, PPP, Multilink PPP, HDLC, and so on.). If
using an IOS XE3.5 or earlier ASR1K software image.
interfaces as this functionality is not supported on the ASR1K. The software fix associated with this
bug report will be removing this configuration option from the ASR1K.
CSCud88366
CSCud88517
Symptom: The system is out-of-service.
Conditions: The issue is observed on a Cisco ASR1000 series router when it functions as an IP
Security (IPSec) termination and aggregation router, and when more than 30 IPSec sessions are up
and running traffic.
CSCud90021
Symptom: An ASR1K running 03.06.00.S.152-2.S can crash due to a NAT bind age timing.
Conditions: This issue is a rare timing condition which is triggered by the RG infra toggle.
CSCud90142
Symptom: The GTPv2 drop counter increments, when actually, no messages are dropped.
Conditions: The issue occurs when the cause value in Create Session Response is 78.
OL-26698-16
47
CSCud91102
Symptom: Router reload.
Conditions: The issue occurs during the heavy AVC traffics.
CSCud91877
Symptom: Cannot include "." in the variable name, used in header editor.
Conditions: The issue occurs always.
CSCud91920
Symptom: When configuring an ACL for both IPv4 and IPv6 in a policy-map, the policy-map does
not work properly.
Conditions: The issue occurs when an ACL is configured for both IPv4 and IPv6 in a policy-map
and when the policy-map is attached to an interface or control-plane.
CSCud92837
Symptom: The aggregation-type prefix-length of PfR cannot be configured to less than 16. If so,
the number of learned prefix will be much less than what it must be.
Conditions: The issue occurs when PfR is enabled.
Workaround: It is better to configure the aggregation-type prefix-length of PfR to greater than 24.
CSCud92879
Symptom: The current session for control plane is too small.
Conditions: The issue occurs during the basic GTPv1 configuration, and GTPv1 traffic.
CSCue15619
Conditions: The issue occurs while configuring the signaling-peer-port when the adj is attached,
the new vty terminal would be hung.
CSCue17371
Symptom: NTE cannot pass through.
Conditions: The issue occurs for a transcoding call.

Release 3.8S
This section describes the caveats in Cisco ASR 1000 Series Aggregation Services Routers Release 3.8S.
It contains the following topics:
Open CaveatsCisco ASR 1000 Series Aggregation Services Routers Release 3.8S, page 49
48
OL-26698-16
Resolved CaveatsCisco ASR 1000 Series Aggregation Services Routers Release 3.8S, page 50

3.8S
Aggregation Services Routers Release 3.8S.
CSCtr38540
Symptom: In the Cisco ASR 1001 Router, false temperature readings from the power supply similar
as the one displayed here, are reported:
June 18 03:36:37.700:%ENVIRONMENTAL-1-ALERT: Temp: Inlet, Location: P1, State:
Shutdown, Reading: 127 Celsius
Conditions: This is seen only on the Cisco ASR 1001 Router.

CSCua99781
Symptom: The ESP gets reloaded.
Conditions: This symptom is observed when you issue the clear crypto session command with the
4k IKEv2 IPv6 static crypto map tunnels and bidirectional traffic of 2Gbps 300B packets.
CSCuc74857
Symptom: NAT address pool exhaustion occurs with high DNS traffic.
Workaround:
Add deny ACL to avoid NAT translation of unknown payload addresses in the DNS PTR query.
Turn off DNS ALG service if possible.
CSCud00613
Symptom: The physical interface goes down in the shutdown state when you load the configuration
on a Cisco ASR 1000 Series Aggregation Services Router.
Conditions: The IP address of default gateway under GTP should not overlap with any of the existing
interface configurations. If it does, the Cisco IOS software will shut down the interfaces that have
overlapping IP addresses. The iWAG creates a virtual interface based on the IP address provided
under the GTP or the APN default gateway configuration as follows:
gtp
apn 1
default-gw 192.168.10.1 prefix-len 16 <virtual-interface will be created with ip
address 192.168.10.1>
Workaround: If you configure similar interfaces, you have to unconfigure the entire GTP
configuration using the no gtp command, go to either the physical interface or the loopback
interface, perform a no shut action, and reconfigure the interface using the gtp command.
CSCud15949
OL-26698-16
49
Symptom: The CPP traceback notifying monitor cannot be reserved.

Conditions: The issue was seen when the MMA policy, mediatrace policy, and one FNF monitor
were attached to an interface.
Workaround: If the FNF monitor is configured, only one policy may be attached on the interface and
direction. This should not exceed the following:
num_of_policies*5 + num_of_fnf_monitors > 10.

Release 3.8S
Release 3.8S.
CSCsd20055
Symptom: The DHCP client is not installing a default route if the physical interface is assigned to
a Virtual Routing and Forwarding (VRF) table.
Conditions: This symptom is not caused by any specific condition.
Workaround: Manually configure a static default route in VRF.
CSCso75347
Symptom: When the cable dhcp-giaddr policy strict command is configured on the Cisco CMTS,
the CPEs behind the CMs are expected to get the DHCPOFFER message with its source IP address
belonging to secondary IP Network Address range of the downstream cable interface in the CMTS.
Currently, the DHCPOFFER has the source IP address from the downstream's primary IP network
address range.
Conditions: The issue occurs when the cable dhcp-giaddr policy strict command is configured in
the CMTS cable downstream interface.
CSCsq83006
Symptom: When some port channels go down at the same time on a router, it can cause EIGRP SIA
errors.
Conditions: This symptom occurs with full mesh four routers that are connected via port channels.
Additionally, it occurs with over five routers that are connected via a partial mesh port channel.
Workaround: Use the following port-channel interface settings:
(config)# interface port-channel <port-channel-interface-number>
(config-if)# bandwidth <bandwidth-value>
(config-if)# delay <delay-value>
CSCsr03117
Symptom: The UDP direct-broadcast packets get dropped even if the ACL is configured to permit
this traffic.
Workaround: Configure the ACL statement as permit ip X.X.X.X X.X.X.X host 255.255.255.255.
CSCsv08144
50
OL-26698-16
Symptom: Even if the MLPPP LFI is correctly configured on a multilink interface, the show ppp
multilink command continues to show interleaving as disabled.
Conditions: This symptom occurs when a Cisco ASR 1000 Series Aggregate Services Router has
PPP multilink interleave configured on the multilink interface on the multilink virtual template (for
broadband MLPPP).
Workaround: The show plat hard qfp act feat mlp data bundle <full-bundle-interface name>
detail command shows the correct status of the interleaving on the interface.
CSCsz65576
Symptom: One or more linecards may fail to boot in a Cisco ASR 1000 Series Aggregate Services
Router with an RP2 may occur, or an error with the EOBC. %CMFP-3-STANDBY_EOBC_LINK_ERROR:
F0: cman_fp: Standby EOBC link error detected.
Conditions: This symptom is only seen with certain combinations of RP2 and ESP10.
Workaround: There is no workaround, but the issue is not seen with an ESP20.
CSCtd43540
Symptom: A memory leak occurs at cdp_handle_version_info.
Conditions: This symptom is triggered by misbehavior of peer switch running Cisco IOS Release
12.2(46)SE that has been fixed in CSCsm63025. The symptom is observed with link flapping.
Workaround: Disable CDP on the flapping interface.
CSCtd54694
Symptom: A crash is seen when the show cdp neighbor port-channel no and the show cdp
neighbor port-channel no de? commands are executed.
Conditions: It is a rare timing issue.
Workaround: Use the show cdp neighbor and show cdp neighbor detail command to view both the
brief and detailed CDP information respectively as a workaround. Also, the show cdp neighbor
<interface type> no command can be used except when the interface type is port-channel.
CSCtd58886
Symptom: The CMTS crashes when the SNMP client enquires ifRcvAddressEntry that contains a
non-zero address of a GE interface in the SPA.
Conditions: This symptom is observed on a Cisco uBR10000 Router with a 5GE SPA that runs Cisco
IOS Release 12.2SCB or 12.2SCC with the following SNMP command:
getnext -v2c <cmts address> [community] ifRcvAddressStatus/ ifRcvAddressType.<ifIndex of
GE in SPA.non-zero address>
Workaround: Do not query this entry of the table since it does not exist.
CSCtg39957
Symptom: Spurious memory access occurs during the tspts_handle_rsvp_pathtail_events
function.
Conditions: This issue occurs when a PATH message without any session attribute object is being
received from the TE head end. Note that the Cisco IOS and Cisco XR routers always send the
session attribute object.
CSCtg47129
Symptom: Memory leaks are observed on the Cisco CMTS router when NAT is configured.
OL-26698-16
51
Conditions: This issue is observed in the context of packets that need NAT in a VPN Routing and
Forwarding (VRF) environment.
CSCth15357
Symptom: You are allowed to configure a max-threshold value higher that is than the configured
queue-limit even when the max-threshold value cannot exceed the configured queue limit value.
Conditions: This symptom is seen in Cisco routers loaded with Cisco IOS version 15.1(2.1)T.
CSCth16914
Symptom: Allocated memory not accounted for in the MLP client.
Conditions: This issue occurs during power up.
CSCth71093
Symptom: Routers that are configured to dump core to flash: or flash0: fail to dump correctly to
the 4GB compact flash card.
Conditions: This is observed in the exception flash all flash configuration.When you issue a
wr core command, it fails to dump the core files.
Workaround: Dump cores to the TFTP.
CSCti31463
Symptom: The Cisco IOS route does not store more than two classless static routes learned through
DHCP option 121.
Conditions: Current implementation supports only two static routes.
Workaround: Statically configure the routes.
CSCti62247
Symptom: If an IPv4 or IPv6 packet is sent to a null interface, a Cisco ASR 1000 Aggregation
Services Router does not respond with an ICMP or ICMPv6 packet.
Conditions: This symptom occurs with a prefix routed to the Null0 interface.
CSCtk15666
Symptom: Cisco IOS password length is limited to 25 characters.
Conditions: Cisco IOS password length is limited to 25 characters on NG3K products.
CSCto43670
Symptom: The Cisco ASR 1000 Aggregation Services Router crashes while running the show
running-config command after configuring the replicate route with forward-referenced VRFs.
Conditions: This issue occurs only when route-replicate configurations include forward-referenced
VRFs, that is, VRFs are not defined at the time of route-replicate configuration, and the replicate
route is configured using the topology subcommand of the global-address-family ipv4 multicast
command.
Workaround: Run the show running-config command after defining the forward-referenced VRFs.
52
OL-26698-16
CSCto73799
Symptom: Standby RP bulk synchronization modifies certain multiline commands in the process of
loading the active RP running configuration.
Conditions: Banner and refuse message commands that have the opening ^C on the command line
followed by some characters before the first new line and further input, can result in the standby
inserting an extra new line into the standby configuration between the ^C and the content that is
supposed to appear on the first line. The shell map and macro auto commands that have multiple
unmatched closing braces in their multiline input will be misread, such that the resulting command
is interpreted by the standby as invalid. If the active is configured to reload the standby on invalid
commands, the standby RP will be reloaded as a result.
Workaround: Format the commands in such a way that these conditions are avoided. If the chosen
formatting produces visible symptoms on the standby, adjust the formatting, save the configuration,
reload the standby and verify that the symptoms have been cleared from the standby's
running-configuration.
CSCto75838
Symptom: Opening client sockets to IPv4 addresses fail with an invalid argument error message.
Conditions: This issue only occurs with IPv4 sockets. IPv6 sockets work properly.
Workaround: Use the IPv6 client connections.
CSCto87436
Symptom: Under certain conditions, Cisco IOS devices may crash, and the following error message
appears:
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = SSH Proc
Conditions: If an SSH connection to a Cisco IOS device is slow or idle, it may cause a box to crash
with an error message.
CSCtq24011
Symptom: Routers behave in a way similar to when a local-proxy-arp is configured on them and
perform a proxy-arp even for the systems in the same subnet.
Conditions: This issue occurs when the Cisco ASR 1000 Aggregation Services Router receives an
ARP request on an interface when the interface is not fully initialized, and the connected routes are
not added to the routing table yet. This causes the proxy-arp reply and wrong arp entry to freeze.
Workaround: Perform shut or no shut on victim and offender routers.
CSCtq64716
Symptom: The following warning message may be displayed during router boot even when the
server is defined: %RADIUS-4-NOSERVNAME
CSCtq94843
Symptom: An IP prefix list entry exists even after unconfiguring the prefix list.
Conditions: This issue is seen when a prefix list that is the last one being configured is deleted by
deleting individual entries. However, the prefix list can still be displayed with show commands.
Workaround: Configure a new prefix list or an existing prefix list.
CSCtr45030
OL-26698-16
53
Symptom: The SNMP timers causes the Cisco ASR 1000 Aggregation Services Router to exit the
global configuration mode or prevents the console from entering the global configuration mode.
Conditions: Occurs when you copy and paste large configurations, particularly a large number of
VLAN configurations. The issue occurs without any SNMP configurations present.
Workaround: Perform the following workarounds:
Disable RMON.
If the configuration is huge, paste in multiple blocks.
Enable SNMP timers. Paste the required configuration when the timer callbacks have finished
executing.
CSCtr45978
Symptom: The Cisco IOS WAAS contains FTP or HTTP connections that are hung in the
CONN_ABORT state.
Conditions: If the Cisco ASR 1000 Aggregation Services Router is configured with Cisco IOS
WAAS, the FTP packets or real HTTP user traffic to web sites is through the WAN link.
CSCtr74577
Symptom: A traceback is seen at the coa_ha_proc_qos_template with lawful intercept using SNMP
on L2TP sessions.
Conditions: This issue is seen in the Cisco ASR 1000 Aggregation Services Routers that have been
configured for lawful intercept on L2TP sessions.
CSCtr96024
Symptom: A user is not notified about an error scenario relating to larger-than-allowed flow record
of type performance-monitor being used in a performance monitor policy. This is misleading
because the user may believe that the performance monitor policy is correctly attached to the desired
interface, but will find that the task of monitoring traffic is not working as expected.
Conditions:
The symptom is observed under the following conditions:
The Performance Monitor feature is being used on the Cisco ASR platform.
A flow record of the performance-monitor type, which contains more than the maximum
allowed fields, has been configured.

The user is referencing the performance-monitor type flow record in a performance monitor
policy that has been attached to an interface. The maximum number of fields allowed in a flow
record is 32 in the timestamp sys-uptime first and field timestamp sys-uptime last fields. If
the timestamp fields are absent, they are automatically added to the record. However, the total
number of fields should still be less than or equal to 32.
Workaround: Use a flow record of type performance-monitor having 32 or less fields.
CSCts00341
Symptom: While executing a CLI that requires a domain name lookup such as ntp server
server.domain.name, the command fails, and the following error message appears:
DNS is not resolved with dual RPs on ASR1k Translating server.domain.com ...domain
server (10.1.1.1). Standby doesnt support this command. Invalid input detected at
^ marker.
54
OL-26698-16
Condition: This issue is observed when a redundant RP chassis is operating on the SSO mode.
Workaround: Instead of using hostname in the command, specify the IP address of the host. In some
scenarios, this could cause the standby SUP to crash without a crash file. Remove the host names
that require DNS lookup and use their IP addresses instead.
CSCts02777
Symptom: Command attributes are sent multiple times in AAA command authorization and
accounting requests.
Conditions: Seen in Release 15.0(1)S when TACACS command authorization or accounting or both
are configured.
CSCts44393
Symptom: A Cisco ASR 1000 Series Aggregation Services Router crashes during a BGP stress test.
Conditions: This issue is more likely to occur when a large number of VRFs are repeatedly
configured and deleted.
CSCts46825
Symptom: The execution of the mtu command within XConnect submode can, under certain
preconditions, match and run in the interface mode due to a parser cache entry existing and being
previously used from the XConnect submode's parent mode (service instance mode).
Conditions: The problem is generic to the parser cache, although we have no externally reported
cases, and the preconditions are rare.The preconditions for triggering this issue include having
identical commands in both a configuration submode and a grandchild submode of that submode as
well, and then executing a sequence of commands that allow the system to create a cache entry for
the submode instance of the command (this is normal), and subsequently (by repeating the subject
command while in the child submode) learn that the child submode is a valid user of this same cache
entry, and then finally attempt the identical command from the grandparent submode where the
system thinks it can use the cache entry.
Workaround: Since the bug causes the command to execute in a mode other than the target mode,
that command's change needs to be reversed, and then, after executing the clear parser cache
command, you can repeat the command from the desired submode. Another workaround is to add a
few spaces to the end of the grandchild submode command before execution, to avoid the above
cache entry due to mismatched input.
CSCts52120
Symptom: Traceback found for PLATFORM_INFRA-5-IOS_INTR_OVER_LIMIT.
Conditions: RPSO.
CSCts54641
Symptom: Various small, medium, or big VB chunk leaks are seen when polling the EIGRP MIB
and during an SSO.
Conditions: This issue is observed when MIBs are being polled or duing an SSO.
CSCts55778
OL-26698-16
55
Symptom: A problem involving two SAF forwarders occurs, with one running EIGRP
rel8/Service-Routing rel1 and the other running EIGRP dev9/Service-Routing dev2. The
capabilities manager, a client of the service-routing infrastructure, advertises two services. When
forwarders are peering with the same release image, the services propagate between the forwarders
without any problems. However, when you run rel8/rel1 on one forwarder and dev9/dev2 on the
other forwarder, a third service appears in the topology table along with the SR database that was
not advertised. The problem cannot be re-created if both the forwarders are running an Cisco IOS
XE Release 3.4S or and Cisco IOS XE Release 3.5S image.
Conditions: This issue occurs when two SAF forwarders peer with each other using different release
versions of the EIGRP SAF forwarder.
Workaround: Make sure that each EIGRP SAF forwarder is using the same image release.
CSCts64346
Symptom: The bgp nexthop route-map command does not work with many IPv6 and IPv4 next
hops under IPv6 AFs.
Conditions: When the IPv6 Next Hop track is enabled by default, we need a way to filter some next
hops for not being tracked. The bgp nexthop route-map command does not work with many IPv6
and IPv4 next hops under IPv6 AFs.
Workaround: Disable IPv6 NHAT.
CSCts68626
Symptom: PPPoE discovery packets cause packet drop.
Conditions: The symptom is observed when you bring up a PPPoE session and then clear the
session.
CSCtt14747
Symptom: When you issue the shut or no shut commands on the APS active box, it triggers a
switchover, and VCs are not getting provisioned on the new inactive box.
Conditions: IMA interface of Ceop SPA for port mode cell relay.
CSCtt15090
Symptom: In an MVPN environment, the VRF Route Import Extended Community (RFC 6514) is
not getting attached to VPN routes.
Conditions: The Router BGP is configured before the MDT is configured on the VRF.
Workaround: Perform a soft clear.
CSCtt15472
Symptom: The following error message is displayed while the SPA is booting up during OIR in the
IMA PVP mode: SPA_PLIM-3-ERRMSG
Conditions: This issue is seen on the IMA interface of the CEOP SPA for the PVP mode cell relay
during SPA or line card OIR.
CSCtt19856
56
OL-26698-16
Symptom: On the Cisco ASR 1000 Series Aggregation Routers, when making changes to the ppp
multilink fragmentation size command on the virtual template, the resulting change is reflected in
the active bundles of the Cisco IOS software. However, the QFP does not reflect this change. The
MLPPP fragment size remains at the previous setting, potentially impacting the performance and
operation of the network.
Conditions: This issue occurs when the MLPPPoBB subscribers will have the ppp multilink
fragmentation size command set on the virtual template and its size value is altered.
Workaround: MLPPPoBB subscribers using a virtual template that is changed should be flapped to
pick up the new value.
CSCtt21228
Symptom: The Cisco ASR 1000 Series Aggregation Router crashes while trying to configure the
TCL script the SSH connection.
Conditions: SSH to the router and then try to configure the TCL script.
CSCtt37115
Symptom: The RADIUS server does not come up during the TGN session.
CSCtt42922
Symptom: TCP half close fails on the server side.
Conditions: When you perform a TCP half-close session, it fails.
CSCtt45381
Symptom: Cisco IOS software contains a denial of service (DoS) vulnerability in the Wide Area
Application Services (WAAS) Express feature that could allow an unauthenticated, remote attacker
to cause the Cisco ASR 1000 Series Aggregation Router to leak memory or to reload. Cisco IOS
software also contains a DoS vulnerability in the Measurement, Aggregation, and Correlation
Engine (MACE) feature that could allow an unauthenticated, remote attacker to cause the router to
reload.
Conditions: An attacker could exploit these vulnerabilities by sending transit traffic through a router
configured with WAAS Express or MACE. Successful exploitation of these vulnerabilities could
allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Repeated
exploits could allow a sustained DoS condition.
Workaround: Cisco has released free software updates to address these vulnerabilities. This advisory
is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-mace
CSCtt95505
Symptom: The Cisco ASR 1000 Series Aggregation Router crashes after the OSPF routing protocol
is configured.
Conditions: The crash occurs after the OSPF with a summary prefix is configured with a summary
prefix, unconfigured, and configured again.
CSCtt95532
OL-26698-16
57
Symptom: The QL status changes to QL-INV0 the network clock is configured.

Conditions: The QL-Value changes to QL-INV0 after the POS interface for network clock input is
reconfigured
CSCtu07968
Symptom: A Cisco 890 router may provide incorrect performance monitor statistics and omit some
incoming packets from being handled by flexible netflow.
Conditions: This is observed when performance monitoring or Cisco IOS Flexible Netflow is
enabled with IPsec over a tunnel on an input interface.
CSCtu16862
Symptom: L4F tracebacks are observed with SMB stress test traffic. You may experience a couple
of retransmissions due to that along with some small performance degradation.
Conditions: The symptom is observed with stress testing.
CSCtu25952
Symptom: One multicast packet is forwarded on (*,G) even though (S,G) exist in the mroute table.
Condition: A PIM neighbor goes down between a CE and a PE in an mVPN environment or on any
link between routers on both the RPT and SPT for a given PIM SM source.
CSCtu28382
Symptoms: The SIP-200 line card crashes after a switchover with multilink configurations.
Conditions: This symptom occurs after switchover with multilink configurations.
CSCtu28696
Symptom: A Cisco ASR 1000 Series Aggregation Services Router crashes with clear ip route *.
Conditions: This issue is observed when you configure 500 6RD tunnels and RIP, start and stop the
traffic, and then clear the configuration.
CSCtu36446
Symptom: The following error messages are displayed during a performance test with greater than
20 CPS using the Cisco Radclient callsPerSecond Tool:
Nov 10 12:56:32.953 EDT:
%FMANRP_ESS-4-SESSCNT: ESS Provision Lterm Session: Unsupported peer_segtype= (0x15)
Nov 10 12:56:32.955 EDT: %FMANRP_ESS-4-WRNPARAM_U: Get Lterm Peer ESS Segtype:
Unsupported Peer SEGTYPE= (21) Nov 10 12:56:32.956 EDT: %FMANRP_ESS-4-WRNEVENT2:
Ignoring Invalid ESS Segment: ESS segment/signature (0x0 / 0x0) Nov 10 12:56:32.957
EDT: %SW_MGR-3-CM_ERROR_CLASS: Connection Manager Error: Class ADJ: - unable to unbind
segment 2. Nov 10 12:56:32.958 EDT: %SW_MGR-3-CM_ERROR: Connection Manager Error unprovision segment failed [ADJ:Lterm:43232] - hardware platform error.
Conditions: This symptom is observed in high-scale and iEdge sessions.

58
OL-26698-16
CSCtu60206
Symptom: The upstream multicast hop (RFC 6513) installed in the muRIB is not correct.
Conditions: The PIM is not enabled on any VRF interface. This is also a timing issue, and is more
likely to occur when the router first boots up.
Workaround: Perform a hard clear of the BGP session. Further Problem Description: At this time,
the upstream multicast hop that should be installed is the one with the highest router ID.
CSCtu83138
Symptom: Tracebacks %AAA-3-BADLIST: invalid list AAA ID at stby-RP during session churns
Conditions: This issue occurs when tracebacks are logged at a standby RP when flapping 8000 PTA
sessions with 3 QoS services and ISG TCs (both v4 and v6) with accounting enabled and subscriber
accounting acccuracy disabled.
CSCtu85474
Symptom: If the router is booted with no configuration, the ldp_api_discovery_request_async() and
lcon_api_lib_path_label_notify_register() APIs return error code 2 even though the API
ldp_api_app_global_is_enabled(LDP_CLIENT_ID_LCON, &is_enabled); sets "is_enabled" to
TRUE.
CSCtv01521
Symptom: Logs: %LSMPI-4-INJECT_FEATURE_ESCAPE: Egress IP packet delivered through
legacy inject path
Conditions: This issue occurs when Ethernet/QinQ/LCP/IP frames are received on a QinQ
subinterface with PPPoE.
Further information: Use the debug platform software infrastructure inject err_packet command
to get the first 32 bytes of the packets causing this. Alternatively, use the debug ip cef packet all
input rate 10 dump command to dump the full packets.
CSCtw52819
Symptom: OQD in the mGRE tunnel.
Conditions: This symptom is observed in mGRE tunnel.
CSCtw53516
Symptom: L-bit is not set in the SATOP E3 unframed mode.
Conditions: Do shut on the interface on CE1.
CSCtw62695
Symptom: Packets sent by the Cisco IOS NTP server will have the IP Identification field set to zero,
a behavior that may be flagged as a vulnerability by some security scanners.
Conditions: This issue occurs when NTP server is configured on Cisco IOS software.
OL-26698-16
59
CSCtw76127
Symptom: During the shutdown of a TCP connection, an erroneous bad seg error message may be
displayed, and a TCP reset (RST) sent.
Conditions: The issue occurs when a TCP connection is closed.
CSCtw80336
Symptom: Simultaneous PE reloads causes the standby pseudowire to go down.
Conditions: This issue occurs when the CRoMPLS port mode with backup peer and cell packing is
configured.
CSCtw87132
Symptom: A Cisco 2921 Router may crash when clearing a TCP session.
Conditions: The issue has been experienced on the Cisco 2921 Router that is running Cisco IOS
Release 15.1(4)M through to Release 15.1(4)M3.
CSCtw88090
Symptom: On the ASR1004 dual software redundancy setup, with 3k vrf, 3k eBGP session and
0.75M vpnv4 prefix on ASR1001, there are 40 GRE tunnels configured between local PE and
remote PE router, no mpls enabled on P router. the PE router connect to ixia directly, when reload
the PE router under traffic and prefix injecting, after a couple of show commands show ip interface
brief and show platform, the system crash at BGP I/O.
Condition: The issue occurs randomly with large-scale configuration on a Cisco ASR 1004 RP2
ESP20 dual software redundancy system with a Release 15.2(02)S image.
CSCtw88689
Symptom: A crash occurs while applying a policy map with more than 16 classes with the Cisco
3900e platform.
Conditions: This symptom occurs when applying the policy map with more than 16 classes.
CSCtw93140
Symptom: Typing wr mem while using an IP base or LAN base boot level of Cisco IOS-XE causes
the following message to appear on the console:
Switch#wr mem
Building configuration...
% VRF table-id 0 not activeCompressed configuration from 6714 bytes to 2004 bytes[OK]
Switch#
Switch#
Conditions: This issue is seen only if the configuration contains an ip vrf or an vrf definition
section.
CSCtw98200
60
OL-26698-16
Symptom: Sessions do not come up while configuring RIP commands that affect the virtual template
interface.
Conditions: This symptom is observed if the Cisco ASR1000 Series Aggregation Services Routers
are configured as LNS. RIP is configured with the timers basic 5 20 20 25 command. Also, every
interface matching the network statements is automatically configured using the ip rip advertise 5
command. These interfaces include the loopback and virtual template interfaces too. On the Cisco
ASR1000 Series Aggregation Services Routers, this configuration causes the creation of full VAIs
that are not supported. Hence, the sessions do not come up. On the Cisco ASR 7200 Routers, VA
subinterfaces can be created.
Workaround: Unconfigure the timers rip command.
CSCtx02442
Symptom: An attempt to set uninitialized watched boolean and corresponding traceback are
observed when the standby PRE crash in ISSU runversion stage.
Conditions:
Note
1. Single step ISSU;

2. Whenthe issu runversion command issued the performedis PREA reloaded and changed to
stby-PRE.
3. After the PREA is reloaded successfully, the PREA crashes with an exception.
4. After the PREA reloaded successfully, a traceback is reported on PREB (Active PRE).
CSCtx05726
Symptom: While creating a bulk number of traffic engineering tunnel interfaces on the router with
the tunnel mpls traffic-eng exp-bundle master option, the standby route processor crashes.
Conditions: This symptom is seen with a specific set of configurations that have a large number of
tunnel interfaces (scale number 1000) followed by the creation of a large number of master tunnels
(scale number 1000). Copying such a configuration to the router causes this crash to occur on the
standby processor. The tunnel interfaces that are created at the beginning of the configuration are
added as members to the master tunnels in the later part of the configuration. During this phase of
creation of master tunnels and adding member tunnels, these tunnel interfaces go through a cycle of
create-delete-create. When such a configuration is being synchronized to the standby route
processor along with the resulting create-delete events, the standby processor crashes. This point at
which the crash occurs is random and occur during the configuration of any of the master tunnels.
CSCtx06018
Symptom: The interface queue wedge is seen when performing the WAAS performance test.
Conditions: This symptom is observed when performing the WAAS performance test.
Workaround: Increase the interface input queue hold size.
CSCtx06801
Symptom: Certain websites may not load or load very slowly when content scan is enabled. Delays
of up to 30 seconds or more may be seen.
Conditions: This symptom is observed when content scan is enabled.
Workaround: Refreshing the helps sometimes, though not always.
CSCtx06813
OL-26698-16
61
Symptom: The installation fails with the rwid type l2ckt error message. Also the VC may fail to
come up on the Quad-Sup router. This bug is specific to the Cisco Catalyst 6000 Quad-Sup SSO.
Conditions: This symptom is observed in a scaled scenario, doing second switchover on Quad-Sup
router.
CSCtx14467
Symptom: The ..... device crashes if kronis used to copy the configuration through the SCP and
archive commands.
Conditions: This issue occurs when the server is down or the link to server is down.
Workaround: Manually upload the file to the server.
CSCtx20517
Symptom: Customers see Cisco IOS-XE fragment errors in their logs repeatedly every 30 seconds
after upgrading to the asr1000rp1-adventerprisek9.03.03.00.S.151-2.S.
Conditions: WCCP has to be enabled.
CSCtx23593
Symptom: Some virtual circuit information is missing from the cAal5VccEntry SNMP MIB object
in the output of the snmpwal command, but not in the router configuration command.
Conditions: This symptom is observed on a Cisco 7204VXR NPE-G2 Router that is running the
12.2(33)SRE5 (c7200p-advipservicesk9-mz.122-33.SRE5.bin) image in the customer network. This
issue may also occur in other releases. This issue typically occurs over a period of time because of
creation or deletion of subinterfaces. It also occurs if a customer uses the snmp ifmib ifIndex
Persist command, which retains the ifIndicies assigned to the @~@subinterfaces across router
reload.
Enter the show atm vc privileged EXEC command on the same device to obtain a complete list
of all the VCs or perform the SNMPWALK, suffixing the ifIndex of the interface to get the
value.
Enter the following configurations:
no snmp ifmib ifIndex Persist
no snmp ifindex persist
copy running start
reload
snmp ifmib ifIndex Persist
snmp ifindex persist
CSCtx34823
Symptom: The OSPF keeps bringing up the dialer interface even after the expiry of idle timeout.
Conditions: This symptom occurs whenthe on-demand OSPF is configured under the dialer
interface.
CSCtx38121
Symptom: IPv6 traffic does not pass through the interface attached to a service policy matching IPv6
the traffic using IPv6 ACL.
62
OL-26698-16
Conditions: This symptom is observed when attaching a service policy that matches the IPv6 traffic
that is configured using ipv6 access-list on the EFP of an interface, which leads to a traffic drop.
CSCtx38338
Symptom: When a VFI is attached to a VLAN interface, it does not overwrite any of the existing
VFIs.
Conditions: This occurs when a different VFI is attached to a VLAN interface.
Workaround: Avoid overwriting VFIs on a VLAN interface.
CSCtx40818
Symptom: Traffic drops in a Cisco and the following error message is displayed:
%IP-3- LOOPPAK: Looping packet detected and dropped - src=122.0.0.11, dst=121.0.0.11,
hl=20, tl=40, prot=6, sport=80, dport=57894
Conditions: This symptom is observed if the WAAS, NAT, and firewall are enabled.
Workaround: Disable the WAAS.
CSCtx40959
Symptom: The CPUHOG occurs.
Conditions: This issue occurs when the configuration comprising a mesh of 17 BGP routers, with
all the routers having network statements covering the IP prefixes on the 16 VLAN subinterfaces
that interconnect them. When the main interface on a given router is shut, all the subinterfaces also
go down, causing all the connected routes to be removed. This leads to the CPUHOG.
CSCtx42223
Symptom: The connection with an FRR client that is registered for a BFD session is lost after an
SSO. FRR cut-cover time is much more than 50 ms, which is not expected.
Conditions: This is observed after an SSO, when the FRR client is registered for a BFD session.
Workaround: Bring down the BFD session and configure it again.
CSCtx48753
Symptom: Higher memory usage with PPP sessions than seen in Cisco IOS XE Release 3.4 and
Release 3.5.
Conditions: This issue is observed with configurations containing PPP sessions. Such configurations
see up to 10 percent higher Cisco IOS memory usage than in previous images.
CSCtx49270
Symptom: A memory leak is observed when the Fast UDLD feature is configured on a router.
Conditions: The router must support UDLD, and the feature must also be enabled on the router using
the udld aggressive command. The UDLD can be enabled either on individual interfaces or
globally.
Workaround: The workaround is to not enable the Fast UDLD feature on the router.
CSCtx53391
Symptom: when the ... router is reloaded or when some interface flap events are executed.
OL-26698-16
63
Conditions: When a VC bundle is configured under the same interface that has PVCS with IPv6
addresses, the Ucode crashes due to adjacency-related issues. Note that this issue is seen only
intermittently.
Workaround: Avoid configuring PVCS with IPv6 addresses and bundles under the same main
interface.
CSCtx57146
Symptoms: SIP SPA goes out of service state in scaled sub=interface config (more than 2000
subinterface on single GigE port).
Conditions: While performing an ISSU between the iso1-rp2 and iso2-rp2 xe3.6 throttle images
after ISSU run-version, the SIP SPA goes out of service and needs a heavily scaled configuration.
This issue is observed when there are 2000 to 3000 subinterfaces on a single SPA and the following
limits are exceeded: overall dual stack VRFs per box; 2800 dual stack limit on interface: 1000.
Workaround: The issue is not seen in the following scenario:
1. Before performing a load version from RP0 (initial active), execute the show ipv6 route table |
inc IPv6 command.
2. Note down the number of IPv6 route tables in the system.
3. Perform a load version.
4. Wait for the standby to come up to Standby hot.
5. Enable the standby console from RP0 (active) asr1000#configure terminal. Enter the
configuration commands, one per line. End with CNTL/Z. asr1000(config)#,
asr1000(config)#redundancy, asr1000(config-red)#main-cpu, and
asr1000(config-r-mc)#standby console enable.
6. Log in to the standby console and execute the asr1000-stby# show ipv6 route table | inc IPv6
command.
7. Note down the number of IPv6 route tables in the standby... If it is less than the number noted in
Step 2, wait for a few minutes and reverify until it reaches the number noted in Step 2.
8. Issue ISSU run version from RP0 (active).
CSCtx67028
Symptom: Tracebacks are seen during a traffic condition when DMVPN and WAAS Express are
configured.
Conditions: This symptom is observed while initiating an FTP session from the GW, where GW
DMVPN and WAAS Express are configured.
CSCtx68155
Symptom: Event is triggered as soon as configured and the show event manager policy registered
event-type timer-absolute commad shows the wrong time value.
Conditions: Epoch-to-UNIX time conversion overflows after GMT: Thu, 07 Feb 2036 06:28:14.
Also the timer_spec value passed to the timer is incorrect.
Workaround: Input of epoch value is limited to 2085978494(GMT: Thu, 07 Feb 2036 06:28:14)
value assigned to timer_spec value is corrected.
CSCtx74051
Symptom: While performing an ISSU downgrade, IPv6 flexible netflow monitors may be displayed.
Also, the running configuration is shown with incorrect subtraffic types.
64
OL-26698-16
Conditions: This issue occurs during a downgrade to Cisco IOS Release 15.2(1)S (Cisco IOS XE
Release 3.5). The monitors that are affected are those applied to IPv6.
Workaround: The Netflow code should capture packets, as expected, on Cisco IOS Release
15.2(1)S. However, a reboot of the device should be performed before saving the running
configuration because the affected configuration that is saved will be incorrect and will therefore
fail to work at startup.
CSCtx75190
Symptom: In a multihomed setup, set up the traffic as explained in the DDTS. When the end-to-end
traffic starts to flow smoothly, perform an RP switchover on ED1. Traffic from Ixia 3 to Ixia 1 and
Ixia 3 to Ixia 2 on odd VLANs (ED1 is the AED for odd VLANs) is dropped with
UnconfiguredMplsFia counters incrementing.
Conditions: This symptom is observed when you perform an RP switchover with a scaled OTV
configuration in a multihomed setup.
CSCtx80535
Symptom: The DHCP pool that is configured for ODAP assigns the same IP address to multiple
sessions.
Conditions: PPP users receive pool via Radius server. The pool is defined on the Cisco 10000 Series
Routers to use the ODAP. The ODAP receives the subnets from the Radius server correctly, and
assigns IPs to PPP sessions. However, sometimes, two users end up having the same IP address.
Workaround: Clear the two sessions sharing the same IP address.
CSCtx81562
Symptom: LBM gets dropped when validated the replied data activated on ASR1000
Conditions: This is seen when LBM is initiated with the validation flag.
Workaround: The issue has been fixed in CSCtx81562. However, even without the fix, the CFM
loopback can work without turning on the validation option as the workaround.
CSCtx81748
Symptoms: The occurance of a small amount of packet drops due to antireplay failure may be seen
when IPSec is configured.
Conditions: The packet drops may be seen either when the IPsec session brought-up or when the
lifetime of IPSec SA expires and a new SA is established
CSCtx82538
Symptom: This DDTS has been raised to remove platform-specific macros.
Conditions: Platform specific macros are observed with CPU-specific checks. CPU-specific checks
should not be in PI code. Use of shims is required.
Workaround: Remove CPU-specific checks.
CSCtx86160
Symptom: The following message appears when the show interfaces command is used when a SPA
is being installed: Hardware is N/A.
OL-26698-16
65
Conditions: This is seen on Cisco ASR1006 routers with12.2(33)XNF2c.

In some scenarios of SPA hardware insert or removal combined with RP switchover, the hardware
type string of interface stays at N/A. In some scenarios this is observed on both the standby RP and
the active RP.
Workaround: If only the active RP shows this message, single switchover is enough to recover. If
both the active RP and the standby RP show this message, a double switchover must be performed.
CSCtx88467
Symptom: Configuring CEM PW on T1 controller and unconfiguring them once they are up.
Memory leak is observed.
Conditions: If a CEM PW is up, only incremental memory leak will be observed @
dsensor_subblock_get_or_create.
CSCtx90571
Symptom: The following Traceback message is logged when you unconfgure a packet tracing:
%CPPOSLIB-3-ERROR_NOTIFY: F0: cpp_cp:
cpp_cp encountered an error.
Conditions: Configure and unconfigure packet tracing.

CSCtx92598
Symptom: The router crashes due to a low-memory condition caused by memory fragmentation. The
following error message appears:
Feb 10 05:59:21.874: %SYS-2-MALLOCFAIL: Memory allocation of 2372 bytes failed from
0x5E77FC9, alignment 8 Pool: Processor Free: 33888144 Cause: Memory fragmentation
Conditions: The router (seen on ASR 1000 RP2) that crashes will be an ingress PE for MVPN V6
with highly scaled configuration. PIM signaling, PIM SSM and data MDTS must be used in the core.
Example scaling numbers are 600 mvrfs and 16 data mdts, 100 routers per mvrf;
Note
This issue will not occur if c-router signaling is used instead of PIM. The crash may occur
in about 12 hours of running with the above configurations in a Cisco ASR1000 RP2 with
typical memory size of 2 GB or 4 GB.
Workaround: Perform one of these tasks:

Use smaller scaling numbers (much less than 600 movers, or 100 routes per mfr. or 16 data
mdse. per mfr. in core)

Use c-route signaling in the core. A large amount of PIM control frames in the core can be
avoided by using c-route signaling instead of PIM signaling.

Do not use data MDT; rely only on default. This also reduces the amount of PIM control frames
that arrive at the ingress PE having a larger memory (say 4GB) will not help avoid the issue; the
crash may happen after a longer duration.
CSCtx94353
Symptom: The following error message is displayed:
%TUN-3-TUN_HA: Tunnel HA: Tunnel creation on standby: mismatching
%COMMON_FIB-3-FIBHWIDBINCONS: An internal software error occurred. Tunnel0 linked to
wrong hwidb Tunnel0
66
OL-26698-16
Conditions: Create auto-tunnel number range with overlap with dynamic tunnels by other features
such as multicast-routing.
Workaround: Avoid usingan overlapping auto-tunnel number range with the other features.
CSCtx97131
Symptom: To send a VSA in an authentication and accounting request, the following commands
have to be enabled:
Router(config)#radius-server vsa send authentication
Router(config)#radius-server vsa send accounting
With the DDTS, these commands are enabled by default. The VSA will then send the corresponding
authentication and accounting request.
Conditions: Router#sh run ? aaa Show AAA configurations l l Configuration with defaults
---- Router#sh run all | i radius-server
........ radius-server vsa send accounting
radius-server vsa send authentication.
CSCtx97298
Symptom: The unsupported command show ip accounting is still available.
Workaround: Explicitly include or exclude command chains.
CSCty01237
Symptom: The following error message appears:
%OER_BR-5-NOTICE: Prefix Learning STARTED CMD: 'show run' <timestamp>
Conditions: This issue is seen under the following conditions:

If you configure PfR with a learn list, using a prefix list as a filter and enable learn.
If you use a configuration tool, script, or NMS that periodically executes the show
run<noCmdBold> on the MC over HTTP or through some other means.

If you use the PFR Learn List feature, do not execute the show run command periodically.
If you use a monitoring tool that executes the show run command periodically, avoid using a
learn list configuration in PfR.
CSCty03745
Symptom: The BGP sends an update using an incorrect next hop for the L2VPN VPLS address
family, when the IPv4 default route is used or an IPv4 route to a certain destination exists specifically, a route to 0.x.x.x. For this condition to a occur, the next hop of that default route or a
certain IGP or static route is used to send a BGP update for the L2VPN VPLS address family.
Conditions: This symptom occurs when the IPv4 default route exists, for example, ip route
0.0.253.0 255.255.255.0 <next-hop>.
Configure the next-hop-self for the BGP neighbors under the L2VPN VPLS address family, for
example, router bgp 65000 address-family l2vpn vpls neighbor 10.10.10.10 next-hop-self
Remove the default route or the static or IGP route from the IPv4 routing table.
CSCty05282
OL-26698-16
67
Symptom: The last reload reason in the show version command output is seen as LocalSoft after
some reloads.
Conditions: The conditions under which these symptoms are observed is unknown.
CSCty05092
Symptom: The EIGRP advertises the connected route of an interface that is shut down.
Conditions: This is observed under the following conditions:
When you configure the EIGRP on an interface.
Configure an IP address with a supernet mask on the above interface.
Shut the interface. You will find that EIGRP still advertises the connected route of the above
interface that is shut down.

Remove and add the INTERFACE VLAN xx.
Clear ip eigrp topology x.x.x.x/y.
CSCty10285
Symptom: WCCP redirection does not take place on a Cisco ASR 1000 Series Aggregation Services
Router running Cisco IOS XE Release 3.5 RP1.
Conditions: This symptom occurs when GetVPN is used.
CSCty10635
Symptom: The primary pseudowire is initially down in a PPP over L2TPv3 xConnect configuration
with one or more backup pseudowires configured (pseudowire redundancy) and one of the backup
pseudowires is up. The primary pseudowire eventually comes up after a delay of about 30 seconds.
Conditions: This symptom is observed in PPP over L2TPv3 xConnect configurations with one or
more backup pseudowires configured.
Workaround: Configure a backup delay of 30 seconds or more to give the primary pseudowire a
chance to come up before the backup pseudowire.
CSCty12312
Symptom: Multilink member links move to an Up or Down state and remain in this condition.
Conditions: This symptom occurs after multilink traffic stops flowing.
Workaround: Remove and restore the multilink configuration.
CSCty12524
Symptom: The BRI packet from the LMA is not handled properly on the MAG. Also the MAG is
not sending the APN and SSMO option in PBRA.
Conditions: This symptom is observed on the originating or old MAG while clearing sessions in
LMA in response to the mobile node roaming to a new MAG.
CSCty15471
Symptom: Sometimes, the primary pseudowire comes as standby while secondary becomes up.
68
OL-26698-16
Conditions: This occurs only with 'backup never' in the redundancy configuration. Also, it is a
timing issue and does not occur always and depends on when the primary and secondary PWs are
coming up.
Workaround: Perform a manual switchover to primary.
CSCty19713
Symptoms: The ESP or CPP of a Cisco ASR 1000 Series Aggregation Services Router crashes.
Conditions: This symptom is observed in the NAT Application Layer Gateway for DNS packets.
CSCty21156
Symptom: Incorrect states are displayed in the MRIB/MFIB tables when the IGP and the BGP are
removed from the setup.
Conditions: On removing the IGP and BGP configurations on a PE router, the MRIB states in the
core get messed up.
Workaround: Unconfigure the VRF before removing the IGP andBGP or clear the mroute states.
CSCty25093
Symptom: The BDI option is missing under the show standby command.
Workaround: Collect BDI-specific data using the show standby command.
CSCty28813
Symptom: When VRFa's mdt_default address is configured to VRFb's mdt_data group address, the
router will end up crashing or CPU hog.
Conditions: When VRFa's mdt_default address is configured of address of other MVRF, this
condition occurs.
Workaround: Have to manually check whether the address of mdt_default has already been used
before.
CSCty29122
Symptom: TCP TLS handshake fails for secure RTP calls.
Conditions: The symptom is observed with Cisco IOS interim Release 15.2(03.1)T.
CSCty31373
Symptom: The fman_fp logs get filled with messages that are not helpful.
Conditions: The DVTI hub on ASR1000 router
CSCty34896
Symptom: Synchronization fails while setting entPhysicalAlias through the SNMP for the
following MIB entities: RP A Internal Bootflash RP A flash card 0 SFP 7/1/0/0 module 1/1",
DESCR: "2 port DTI UC" -> 2 DTI cards
Conditions: This issue occurs on a Cisco uBR10012 Router.
Workaround: Do not set entPhysicalAlias for these MIB entries.
OL-26698-16
69
CSCty37233
Symptom: A Layer 3 (routed) interface can be converted to a Layer 2 (switched) interface by
applying the switchport configuration command. If the interface was configured as a VNET trunk,
the VNET subinterfaces are deleted. Subsequently, if the switchport command is removed, the
VNET trunk configuration will reappear, but the VNET trunk will no longer be functional. When a
switchover is performed following the sequence above, the new active takes over as expected, but
when the old active reboots as the standby, configuration synchronization fails because the standby
attempts to create the VNET subinterfaces that no longer exist on the active. This results in an
ifindex-sync failure and a PRC error that causes the RP to go into a continuous reboot loop.
Conditions: The reboot problem will occur only on switch platforms with a redundant RP.
Workaround: Remove the VNET trunk configuration from an interface before converting it from
Layer 3 to Layer 2.
CSCty37836
Symptom: The ceqfpMemoryResourceTable does not include DRAM values.
Conditions: This issue occurs when the ceqfpMemoryResourceTable is queried.
CSCty41336
Symptom: Forward-alarm AIS does not work on the CESoPSN circuits.
Conditions: This symptom occurs when you create SAToP and CESoPSN circuits and configure
forward-alarm AIS.
CSCty41692
Symptom: The standby PRE crashes while the IPV4 VRF AF is added on the active PRE. No issues
are seen with the active PRE.
Conditions: This occurs only when unconfiguration and reconfiguration is done when the BGP is in
read-only mode.
Workaround: After the BGP exits the read-only mode, this issue does not occur.
CSCty42453
Symptom: All pending acknowledgmentare seen on the ATM interface.
Conditions: This issue is seen during OIR reloads.
CSCty44654
Symptom: Router Crashes when trying to test the MVPN6 functionality.
Conditions: The following are the conditions:
Configure the router to test the MVPN6 functionality.
Delete the VRF associated with the interface in the MVPN6 test configuration.
The router crashes.
CSCty47491
70
OL-26698-16
Symptom: Differences are observed in show mpls ldp igp sync all command output. This behavior
is seen across all the platform while testing the mcp_dev build.
Conditions: This symptom is observed during both manual and automated testing of mcp_dev build.
CSCty48870
Symptom: Router crash due to a bus error.
Conditions: This has been observed in a router that is running Cisco IOS Release 15.2(2)T and
Release 15.2(3)T with the NBAR enabled on a crypto-enabled interface. The NBAR can be enabled
through NAT, QoS, or NBAR protocol discovery.
Workaround: Using the no ip nat service nbar command will help where NBAR is enabled through
NAT.
CSCty51082
Symptom: The LPD Group Trap is not sent on a connection loss.
Conditions: On connection loss, LDP Group Trap should be sent.
Workaround: If you have auto ip sla mpls-lsp-monitor reaction-configuration 100 react lpd
lpd-group retry 3 configured in addition to the auto ip sla mpls-lsp-monitor
reaction-configuration 57 react lpd tree-trace action-type trapOnly command.
CSCty55408
Symptom: All pending issues and acknowledgments are observed after unconfiguring and then
reconfiguring the same-scale configurations while traffic is running.
Conditions: configure 4 overlays with 500 EFPs per overlay set up the traffic as described in the
DDTS start traffic. Remove the overlay and EFP config copy the same config back on one of the otv
routers.
CSCty55449
Symptom: The device crashes after registering an Embedded Event Manager TCL policy.
Conditions: If the policy uses the Multiple Event feature and the trigger portion is registered without
curly braces ({}), the device will crash.
Workaround: Make sure that the trigger portion that is the correlate statement, is enclosed within
curly braces.
CSCty56850
Symptom: Routers are not updating the cnpdAllStatsTable with traffic from all the expected
protocols.
Conditions: This symptom is observed with routers that are running Cisco IOS 15.x (tested in
Release 15.0, 15.1 and Release 15.2(2)T).
Workaround: Perform one of these tasks:
Usethe show IP NBAR protocol-discovery command to get the statistics for all the protocols.
Perform a snmpget against the objects inthe cnpdAllStats table.
CSCty64255
Symptom: BGP L3VPN dynamic route leaking feature from the VRF to global export feature, the
prefix limit is incorrect upon soft clear, or new prefix added, or prefix deleted.
OL-26698-16
71
Conditions: This symptom is observed when VRF to global export is enabled, and prefix limit is
configured.
Workaround: BGP hard clear.
CSCty65226
Symptom: Memory leak is observed in Cisco ASR1000 Series Aggregated Services Routers.
Conditions: This issue is seen when multiple service instances are configured and unconfigured.
CSCty66799
Symptom: The standby RP reloads and the BOOT parameter in the boot loader is lost.
Conditions: When we have a candidate default static route that is learned from a DHCP server on an
active router and while issuing the no ip route* command.
Workaround: There is no workaround other than not issuing the no ip route* command.
CSCty68402
Symptom: NTT model 4 configurations are not taking effect.
Conditions: None
CSCty69946
Symptom: When the port channel with many subinterfaces is deleted and the show run command is
run on the member links, the member links are still associated with the port channel. After the port
channel is reconfigured, it does not come up.
Conditions: This issue is seen when a port channel with many subinterfaces is deleted.
Workaround: Reconfigure the channel-group x command on the member link.
CSCty71843
Symptom: Tracebacks are observed in the lfd_sm_start and lfd_sm_handle_event_state_stopped
APIs during router bootup.
Conditions: This symptom is observed with the L2VPN (xConnect with MPLS encapsulation)
functionality on a Cisco 1941 Integrated Services Router (acting as edge) running Cisco IOS interim
Release 15.2(3.3)T. This is observed when a router is reloaded with the L2VPN configurations.
CSCty73817
Symptom: In large-scale PPPoE sessions with QoS, the Standby RP might reboot continuously (until
the workaround is applied) after switchover. This issue is seen when the QoS Policy Accounting
feature is used. When this issue occurs, the Active RP remains operational and the Standby RP
reboots with the following error message:
%PLATFORM-6-EVENT_LOG: 43 3145575308: *Mar 16 13:47:23.482: %QOS-6-RELOAD: Index
addition failed, reloading self
Conditions: This symptom occurs when all the following conditions are met:
There are a large amount of sessions.
The QoS Policy Accounting feature is used.
Switchover is performed.
72
OL-26698-16
Workaround: Bring down the sessions before switchover. For example, shut down the physical
interfaces that the sessions go through, or issue the Cisco IOS command clear pppoe all.
CSCty74859
Symptom: Memory leaks occur on the active RP and while the standby RP is coming up.
Conditions: This symptom is observed when ISG sessions are coming up on an HA setup.
CSCty76106
Symptom: Crash occurs after two days of soaking with traffic.
Conditions: This symptom occurs with the node acting as ConPE with multiple services such as
REP, MST, L3VPN, L2VPN, frequent polling of SNMP, RCMD, full scale of routes and
bidirectional traffic.
CSCty76180
Symptom: The XConnect entries get deleted and stay down.
Conditions: This issue occurs while configuring CEM groups and performing a switchover.
CSCty77441
Symptom: Memory leak is seen while unconfiguring BFD sessions.
Conditions: This issue is seen while unconfiguring BFD sessions.
CSCty78435
Symptom: L3VPN prefixes that have to recurse to a GRE tunnel using an inbound route map cannot
be selectively recursed using route map policies. All NH prefixes recurse to a GRE tunnel
configured in an encapsulation profile.
Conditions: This symptom occurs when an inbound route map is used to recurse L3VPN NH to a
GRE tunnel. Prefixes are received as part of the same update message and no other inbound policy
change is performed.
Workaround: Configure additional inbound policy changes such as a community change, and
remove them prior to sending it out.
CSCty80691
Symptom: Traceback is seen from the DFC linecard.
Conditions: Reload the router with the scale of the configuration.
CSCty83996
Symptoms: Prior to a switchover, CoA a service logon session is present in both the active RP and
the standby RP. After the switchover, CoA service logon is executed and then the session is
positoned on the standby RP.
Conditions: The issue occurs after the switchover, when CoA service logon is executed.
CSCty85918
OL-26698-16
73
Symptom: WRED on PPPoE session does not match on DSCP/PREC with MPLS traffic.
Conditions: PPPoE get terminated on a Cisco ASR1000 Series Aggregation Services Router acting
as LNS. The L2TP circuit is actually MPLS switched out of the router. The policy map correctly
matches packets into the corresponding class, but WRED always has the packets matching the
WRED default class. The packets should match a DSCP or PREC value because the policy map is
on the session and not on the egress physical interface.
Workaround: If MPLS is removed from the egress L2TP tunnel interface, the packets are classified
correctly by WRED.
CSCty85926
Symptom: VC (VPLS/EoMPLS) will stay down with the following message when the show mpls l2
vc detail command is used:
Signaling protocol: LDP, peer unknown
Conditions: This symptom will occur if you have LDP GR configured. Perform an SSO switchover
and try configuring the VC after the switchover is complete.
Workaround: There is no workaround. Reload the switch.
CSCty86039
Symptom: Shut down the physical interface of the tunnel source interface. The router crashes with
traffic going through some of the tunnels.
Conditions: This symptom is seen in the tunnel interface with the QoS policy installed.
CSCty86146
Symptom: Sometimes, the ISIS attached bit is not updated when the area address is changed.
Conditions: When the area address is changed, if there is no adjacency, the state is changed.
Workaround: Run the clear isis * command.
CSCty86543
Symptom: The following error message must be displayed under heavy IPv6 traffic load on the
IPSec SVTI router :
%IOSXE-3-PLATFORM: SIP0: cpp_cp: QFP:0.0 Thread:006 TS:00000002120506574235
%IPSEC-3-REPLAY_ERROR: IPSec SA receives anti-replay error, DP Handle 37
*Mar 23
16:06:11.329: %IOSXE-3-PLATFORM: SIP0: cpp_cp: QFP:0.0 Thread:108
TS:00000002194684194075 %IPSEC-3-REPLAY_ERROR: IPSec SA receives anti-replay error,
DP Handle 11 *
Conditions: Send the IPv6 traffic to the Kingpin router from the peer router side at 10G port line rate
with a frame size of 64 bytes.
CSCty88146
Symptom: This is a development bug to improve the efficiency of the RIB.
CSCty89224
Symptom: A Cisco IOS router crashes under certain circumstances while receiving an MVPN v6
update.
74
OL-26698-16
CSCty89777
Symptom: The committed Memory value of 96 percent exceeds the critical level of 95 percent
messages on the router console with a 4G CCN image.
Conditions: On a 16G router, IOSD gets 11G, leaving 5G to virtual instance and other Linux
processes. 16G is enough for real physical memory usage but smand is pretty conservative and it
counts virtual memory or allocated memory, which is different from the actually committed physical
memory. 3PA is added, that is, QEMU/CCN and 4G memory is preallocated and passed into the
guest regardless of whether the guest actually uses all of that memory. In such a situation, in this
situation where the virtual memory is large, but the real memory that is in use could actually be way
smaller.
CSCty91465
Symptom: The VRF interface does not work even if the policy maps are configured correctly to
receive the packets from the VRF interface.
Conditions: The symptom is observed when CEF is enabled.
Workaround: Disable CEF.
CSCty96049
Symptom: Cisco IOS software contains a vulnerability that could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition.
Condition: An attacker could exploit this vulnerability by sending a single DHCP packet or through
an affected device, causing the device to reload.
Workaround: Cisco has released free software updates that address this vulnerability. The advisory
is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-dhcp.
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html.
CSCty96052
Symptom: A Cisco router may unexpectedly reload due to a bus error or SegV exception when the
BGP scanner process runs. The BGP scanner process walks the BGP table to update data structures,
if any, and walks the routing table for route redistribution purposes.
Conditions: This is an extreme corner case or timing issue. It has been observed only once on the
release image.
Workaround: Disabling NHT will prevent the issue, but it is not recommended.
CSCty97784
Symptom: The router crashes.
Conditions: This symptom is observed when NBAR is enabled, that is, match protocol actions in the
QoS configuration or IP NBAR protocol discovery on an interface or NAT is enabled, and IP NAT
service NBAR has not been disabled.
CSCtz00431
Symptom: The device crashes and tracebacks are seen in the syslog process.
Conditions: This symptom is observed with the following procedure:
OL-26698-16
75
1. Configure a capture point and start it.

2. Remove the policy map associated with the capture point. It throws an error the first time but
accepts it the second time.
3. Stop the capture point.
4. Restart the capture point.
Workaround: Do not remove the policy map associated with the capture point while the capture is
active.
CSCtz02097
Symptom: When configuring HSRP on a port channel, the following warning message is displayed
if you try to configure over 28 HSRP groups on the port-channel:
% Warning: Interface MAC address filter only supports 28 additional addresses % and
28 HSRP groups are already configured. The HSRP MAC address may not be % added to
the MAC address filter if the group becomes active.
Condition: This issue occurs when configuring HSRP on a port channel

CSCtz03779
Symptom: The standby RSP crashes during ISSU.
Conditions: This issue occurs Occurs when you perform an ISSU downgrade from Release 3.6 to
Release 3.5.
CSCtz04223
Symptom: The interface virtual template <x> type tunnel can be configured from the CLI. This
command should be removed from the CLI because it is unsupported.
Conditions: Cisco Catalyst 7600 series running 15.2S
CSCtz11265
Symptom: The fman_rp type memory leak was seen during longevity testing for about 10 days
Conditions: 16k bhca ppp flap and MLD Zap 3-play traffic 7 MIB macros Cmd_load macro
ASR_So macro
CSCtz12525
Symptom: An accounting stop is sent without Acct-Input-Packets Acct-Output-Packets
Acct-Input-Octets Acct-Output-Octets when service stop is performed.
Conditions: This symptom is observed when service stop is performed for the prepaid service.
CSCtz13465
Symptom: High CPU is seen on the Enhanced FlexWAN module due to interrupts with traffic.
Conditions: This symptom is observed with an interface with a policy installed.
CSCtz13818
76
OL-26698-16
Symptom: In a rare situation whena route map (export map) is updated, IOS is not sending refreshed
updates to the peer.
Conditions: This symptom is observed when a route map (export map) is configured under VRF and
the route map is updated with a new route target. In this scenario, Cisco IOS software does not send
refreshed updates with modified route targets.
Refresh the updated route target to use the clear ip route vrf <vrf-name net mask> command.
Clear the BGP session with the peer.
CSCtz18966
Symptom: The MDT tunnel does not come up in a particular sequence of events.
Conditions: If BGP update source interface is deleted, added again, and the peer group is configured
with the update source, the MDT tunnel does not come up.
Workaround: It is uncommon to delete the update source loopback and add it back again. It is found
through internal negative testing.
CSCtz18992
Symptom: The ... Router sends the EIGRP query even in the ... Router split horizon interface.
Conditions: This problem is noticed when a router gets a query message immediately after sending
an initial update to another router.
Workaround: The issue does not have a visible impact. Hence, no workaround is required.
CSCtz19080
Symptom: The sending of "rttMonCtrlOperTimeoutOccurred" on Release 12.2(33)XNF and
Release 12.4(15)T. results in "rttMonCtrlOperOverThresholdOccurred" getting sent in the latest
Release 15.1. Also, the RTT falling threshold "rttMonCtrlOperOverThresholdOccurred" that is
sent on Release 12.2(33)XNF results in "rttMonCtrlOperVerifyErrorOccurred" getting sent in
the Release 15.1.
CSCtz21299
Symptom: PfR MC may show some traffic classes are uncontrolled due to an exit mismatch.
Conditions: This symptom is observed when PfR optimizes traffic class with PBR in a scale
DMVPN setup, and when there is a brownout in one of the links.
CSCtz21718
Symptom: One-way latency measurements display spikes.
Conditions: Enable "precision timestamp" and "optimize timestamp".
Workaround: Use normal timestamping instead of the "optimize timestamp" option.
CSCtz22062
Symptom: The extranet MVPN multicast receivers get intermittent duplicate and missing packets.
The operations of one day showed about 10 duplicates/misses.
OL-26698-16
77
Conditions: The issue is observed when the receivers are on remote PE routers and receive streams
by means of the MDT tunnel. Local receivers on the same PE router are unaffected. In which setup,
customers have a source VRF, a transport VRF, and receiver a VRF. The source is connected to
C10K in the source VRF, and it was observed that this (ingress) C10K is responsible for the drops
and duplicates.
CSCtz22400
Symptom: CPP timestamp with NAT, that has enabled "optimize timestamp" ip sla fails.
Conditions: Config "optimize timestamp" for ip sla.
CSCtz23433
Symptom: ISG shell maps with a policer on the egress child default-class fail.
Conditions: This symptom is seen in shell maps with a policer or a shaper on the child default-class.
CSCtz23514
Symptom: An FMAN-FP crash is caused by memory corruption.
Conditions: This issue occurs whenthe BBA session login and logout is in high scaling, and the LI
tap is enabled on some sessions.
CSCtz23638
Symptom: The following error message is displayed on the console:
PLIM driver informational error txnpTooLittleData
Conditions: The issue occurs when the SIP40 carrier card is present in the router along with any of
the following SPAs: SPA-1CHOC3-CE-ATM SPA-1XCHOC12/DS0 SPA-1XCHSTM1/OC3
SPA-1XCHSTM1/OC3W (This is the same SPA as SPA-1XCHSTM1/OC3 that is included in "SB"
bundles - special pricing) SPA-24CHT1-CE-ATM * SPA-2CHT3-CE-ATM SPA-2X1GE-SYNCE
SPA-2XCT3/DS0 SPA-2XT3/E3 SPA-4XCT3/DS0 SPA-4XCT3/DS0-WE (This is the same SPA as
SPA-4XCT3/DS0 that is inccluded in the SB bundles - special pricing) SPA-4XT3/E3
SPA-8XCHT1/E1 SPA-DSP SPA-WMA-K9.
CSCtz24454
Symptoms: POS interfaces are stuck in the down state.
Conditions: This symptom is observed on the router reload/ SPA reload.
Workaround: Perform an FP reload to bring the interfaces back up.
CSCtz25825
Sympton: Null0 route for summary remains even if aggregate-address is removed from all the VRFs.
Conditions: The issue occured when a connected route is imported from a different VRF, and the
same aggregate-address command is configured in each VRF.
CSCtz25953
Symptom: The following error message is displayed, and certain length packets get dropped:
78
OL-26698-16
LFD CORRUPT PKT
Conditions: This symptom is observed with a one-hop TE tunnel on a TE headend. IP packets of 256
bytes or multiples of 512-byte length get dropped with the above error message.
CSCtz26188
Symptom: Packet loss is observed on platforms in certain deployments having a large number of
prefixes routing traffic onto a TE tunnel.
Conditions: This symptom occurs if the configured value of the cleanup timer is 60 seconds. then
Packets may be lost on platforms in which the forwarding updates take longer.
Workaround: Configure the value of the cleanup timer to 300 seconds.
CSCtz26580
Symptom: After enabling the "debug platform hardware qfp active feature ipsec datapath trace"
command on a Cisco ASR1000 Series Aggregation Server Routers acting as GET VPN GM, if a
fragmented UDP packet comes through the IPsec tunnel, and the last IP fragment is 36 bytes or less
(20 header 1 to 16 payload), the packet is dropped with the message
PacketProcessingExcept[ions], and %INFRA-3-INVALID_GPM_ACCESS is logged.
Workaround: Disable the debug.
CSCtz26683
Symptom: An unsupported IP verify unicast ... configuration applied to an interface may still be
shown in show running-config after being rejected. Output similar to the following will appear
when applying the configuration:
% ip verify configuration not supported on interface Tu100
- verification not
supported by hardware % ip verify configuration not supported on interface Tu100
verification not supported by hardware %Restoring the original configuration failed

on Tunnel100 - Interface Support Failure
Conditions: This symptom occurs when there is no prior IP verify unicast ... configuration on the
interface and when the interface or platform or both do not support the given RPF configuration.
Workaround: In some cases, it may be possible to get back to the previous configuration by using
the no form of the command. In other cases, reload the device without saving the configuration, or
edit the configuration manually if already saved.
CSCtz26658
Symptom: A Cisco ASR 1000 Series Seggregation Services Router acts as GET VPN GM. Small
UDP fragments (21 to 25 bytes, including IP header) that come in through IPsec are dropped.
Conditions: This symptom occurs when a Cisco ASR 1000 Series Aggregation Services Router acts
as GET VPN GM and TBAR is enabled for the group.
CSCtz28544
Symptom: The Cisco ASR 1000 Series Aggregation Services Routers that are configured for
Multicast Listener Discovery (MLD) tracking for IPv6 may reload after receiving certain MLD
packets. The following traceback will be shown in the logs:
Exception to IOS Thread: Frame pointer 4081B7D8, PC = 1446A878 ASR1000-EXT-SIGNAL:
U_SIGSEGV(11), Process = MLD
OL-26698-16
79
Conditions:This issue occurs in the Cisco ASR 1000 Series Aggregation Services Routers that are
configured for MLD tracking for IPv6.
Workaround: The only workaround is to disable MLD tracking. PSIRT Evaluation: The Cisco PSIRT
has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores at
of the time of evaluation were 6.1/5.8:
ctor=AV:A/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:U/RC:C CVE ID CVE-2012-1366 has been assigned
to document this issue.
CSCtz31217
Symptom: The DNS portion of the HTTP command does not use the configured source IP.
Conditions: This symptom occures when the HTTP operation is configured with source IP and host
name instead of the IP address of HTTP server (which will require a DNS lookup).
CSCtz31420
Symptom: EIGRP delay calculation is broken and an unknown delay is shown.
Condition: The issue can be shown on 15.1(3)S2 (3.4.2S).
CSCtz31972
Symptom: The Rcvd in Used as bestpath does not count up in show ip bgp neighbor as follows:
R511#sh ip bgp nei 10.1.1.2
BGP neighbor is 10.1.1.2, remote AS 200, external link
(snip)
Sent
Rcvd
Prefix activity:
------Prefixes Current:
1
1
Prefixes Total:
1
1
Implicit Withdraw:
0
0
Explicit Withdraw:
0
0
Used as bestpath:
n/a
0 <--no count-up
R511#sh ip bgp nei 10.1.1.2 route (snip)
*> 20.2.2.0/24
10.1.1.2
0
0 200 i
Conditions: This symptom is observed in 15.2(3)T.

CSCtz32360
Symptom: After bootup or initial interface configuration, a Cisco ASR1002 Router with Sync-E
SPA may indicate an interface and a QL-PRC network clock state although no cable is connected
and no valid clock is received on that interface. In addition, when there is a valid clock, the LED
may continue to display amber.
Conditions: This issue is observed primarily after booting a Cisco ASR 1002 Router , or when the
interface is initially configured.
Workaround: A possible workaround is to unplug and replug the cable of the affected port.
Alternatively, the affected port can be locked out with the network-clock set lockout <port>
2048k command when the clock is not fed to the port. After the clock is fed, the lockout can be
cleared using the network-clock clear lockout <port> 2048k command.
CSCtz35465
Symptom: Banner and refuse message are similar implementations.
Conditions: While nvgening, the refuse message should handle the \r character.
80
OL-26698-16
Workaround: Handle the '\r ' character while nvgening.
CSCtz37164
Symptom: The requests to the RADIUS server are retransmitted even though the session no longer
exists, causing unnecessary traffic to the RADIUS, and the RADIUS receiving requests for an
invalid session.
Conditions: This symptom occurs when the RADIUS server is unreachable and the CPE times out
the session.
Workaround: This is currently being worked upon. This issue can be avoided by making sure that
the RADIUS server is always reachable.
CSCtz37863
Symptom: IPCP is not in an open state and does not call the This-Layer-Down (TLD) vector.
Conditions: This symptom is observed if IPv4 saving is enabled and IPCP negotiation failed because
of a TermReq received from peer.
CSCtz38010
Symptom: The platform maximum numbers for Cisco ASR1000 NAT44 and NAT64 are not set for
KP and FP80.
Conditions: This issue occurs when the scalability numbers are incorrect.
CSCtz38558
Symptom: A traceback may be seen on a Cisco ASR1000 Series Aggregation Router when
processing some of the IPv6 malformed packets.
Conditions: The issue occurs when an IPv6 packet is malformed.
CSCtz38812
Symptom: The show ssh ? command does not produce the complete output.
Conditions: The issue occurs when the rekey is disabled.
CSCtz40559
Symptom: The incorrect flags in the IP Address duplicate check that prevents VRRP3 does not
impact any usage currently. It is only applicable for future VRRP v3.
CSCtz40705
Symptom: A configuration change that results in a serial interface being unconfigured may cause
the router to reload if the serial interface is a XConnect member.
Conditions: This symptom has been observed when the xconnect command is configured on a
channelized T1 serial interface with HDLC encapsulation, andthe no t1 channel channel-group
channel-group-number command is configured to remove the channel group.
Workaround: Remove the serial interface from the XConnect using the no xconnect command.
CSCtz41046
OL-26698-16
81
Symptom: Cisco devices that run Cisco IOS may experience a minor memory leak when malformed
CDP packets are received. This could result in stability issues after extended periods of time under
certain circumstances.
Conditions: Cisco devices running an affected version of Cisco IOS.
Workaround: Disable CDP packets on the affected device. In global configuration mode: no cdp run
Further Problem Description: This issue was identified during an internal security audit of Cisco
devices.
Base and Temporal CVSS scores at the time of evaluation were 3.3/3.
ctor=AV:A/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:U/RC:C
No CVE ID has been assigned to this issue.
CSCtz41048
Symptom: The trace mpls ipv4 command is unsuccessful.
Conditions: This symptom is observed when the trace mpls ipv4 command is issued.
CSCtz42336
Symptom: Compilation error on upgrading compiler.
Conditions: Upgrading ICC compiler 10.2 to 11.2.
Workaround: Use ICC 10.2.
CSCtz44141
Symptom: An unexpected error message is seen when configuring the WCCP redirect-list ACL. For
example:
Router(config)#ip access-list extended wccp-acl Router(config-ext-nacl)#permit tcp
any any gt 20 Router(config-ext-nacl)#exit Router(config)#ip wccp 100 redirect-list
wccp-acl %warning, complex WCCP access-list: "port operator", sequence: 10
Conditions: The issue occurs when the WCCP is configured with a redirect-list ACL.
Workaround: There is no workaround. Ignore the error message.
CSCtz44363
Symptom: The following Emitting error message is displayed multiple times for each class when the
show policy-map int command is executed:
Port-channel2 has more than one active member link.
Conditions: This issue occurs under any of the following conditions:

1. The lac max-bundle 1 command is not configured on Port-Channel interface.
2. This case is applicable to uut as LNS in QoS PPPoGEC.
Workaround: Ensure that the lac max-bundle 1 command is configured for the port channel
interface.
CSCtz44625
82
OL-26698-16
Symptom: Deconfigure import ipv4 unicast map incorrectly removes the import ipv4 multicast map
under VRF, and vice versa. The same holds for the export ipv4|ipv6 unicast|multicast map command.
Workaround: Reconfigure the incorrectly deleted command.
CSCtz44989
Symptom: A EIGRP IPv6 route redistributed to BGP VRF green is not exported to VRF RED.
Extranet case is broken for IPv6 redistributed routes.
Conditions: This issue is seen in IPv6 link-local nexthop. When the EIGRP route is redistributed to
BGP VRF, it clears the nexthop information (it becomes 0.0.0.0). Subsequently, Now this route
becomes invalid and BGP cannot export to another VRF.
CSCtz45901
Symptom: The output of the show run or the format xml command for an ATM interface is not
displayed in the correct order.
Conditions: This symptom is observed if there are multiple subinterfaces for an ATM interface and
PVC is configured under these.
CSCtz46305
Symptom: Unable to poll eigrp mib.
Conditions: On ASR 1000 - 3.6.0 15.2(2)S
CSCtz48338
Symptom: A router may crash with setup with configuration of BGP L3VPN VRF to global export,
NSR, and large scale, hard clear or link flap.
Conditions: This symptom is seen under the following conditions:
BGP L3VPN VRF to global import
NSR
Large scale
CSCtz49471
Symptom: The LSP trace route does not indicate midpoint labels.
Conditions: This issue is seen over static MSPW segments.
CSCtz49578
Symptom: MPLS TP link-management admission failures are seen on the midpoint node, causing
LSP programming failure.
Conditions: This issue is seen intermittently during Cisco ASR903 on reload.
Workaround: Remove and reattaching the configuration.
CSCtz50683
OL-26698-16
83
Symptom: When 10 x MDLP sessions are removed, one or more hardware adj remains. This occurs
due to incorrect removal of LSPs.
Conditions: This symptom is observed when more than eight sub-LSPs occur.
Workaround: Do not use more than eight sub-LSPs.
CSCtz51081
Symptom: Attempts to configure the SNMP-SERVER HOST for EIGRP results in the EIGRP line
changes to VDSL2LINE. C2921(config)#snmp-server enable traps eigrp
C2921(config)#exit C2921#show
console by co C2921#
RW
C2921#
Apr 24 23:03:54.031: %SYS-5-CONFIG_I: Configured from
C2921#show run | i snmp
snmp-server enable traps eigrp
per line.
End with CNTL/Z.
NETMANAGER eigrp
cisco RW
C2921#conf t
C2921(config)#snmp-server host 10.0.0.1 traps version 2c
C2921(config)#exit
C2921#show run | i snmp snmp-server community
snmp-server enable traps eigrp
NETMANAGER
snmp-server community cisco
Enter configuration commands, one
snmp-server host 10.0.0.1 version 2c
vdsl2line
Conditions: Cisco2921 with 15.1.4(M4). Other versions may be affected.

CSCtz51719
Symptom: SA warnings in ipmulticast component code.
Conditions: SA warnings in ipmulticast component code in rc_texel.
Workaround: Fixed.
Further Problem Description: SA warnings.
CSCtz51846
Symptom: Packets are not routed through the expected interface.
Conditions: This issue occurs when you configure access lists and create PBR to route packets by
means of different DVTIs to match different access group.
CSCtz52025
Symptom: Tracebacks are seen with 30K ACE HA.
Conditions: This occurs during FP reload and RP reload.
CSCtz53335
Symptom: In show-run, sequence interval is displayed next to policy map instead of in the next line.
Conditions: When applying sequence-interval command on a policy-map, show run should display
sequence interval at the next line after policy-map name, but it incorrectly displays the commands
next to policy-map.
CSCtz53398
Symptom: A ping sweep from ASR1000 with size 11871 - 18024 fails.
Conditions: ASR#ping Protocol [ip]:
[5]:
Datagram size [100]:
Source address or interface:

Validate reply data? [no]:
Target IP address: 10.222.202.49
Timeout in seconds [2]:

Type of service [0]:
Data pattern [0xABCD]:
Repeat count
Extended commands [n]: y
Set DF bit in IP header? [no]:

Loose, Strict, Record, Timestamp,
84
OL-26698-16
Verbose[none]:
Sweep range of sizes [n]: y
size [18024]:
Sweep interval [1]:
Sweep min size [36]: 11871
Sweep max
Type escape sequence to abort. Sending 30770,
[11871..18024]-byte ICMP Echos to 10.222.202.49, timeout is 2 seconds:

!!.........................!...........!.....!............!...........
......................................................................
...................................... Success rate is 3 percent (6/178), round-trip
min/avg/max = 1/1/2 ms
statistics:
Rcvd:
asr1002-x#sh ip traffic
0 checksum errors, 0 bad hop count

security, 0 loose source route
Opts:
0 end, 0 nop, 0 basic
0 timestamp, 0 extended security, 0 record
0 stream ID, 0 strict source route, 0 alert, 0 cipso, 0 ump
other, 0 ignored
14 received, 29 sent
drop, 0 unsupported-addr
was no issue seen
0 no route, 0 unicast RPF, 0 forced
if the same ping test was issued from the GSR router.
IP-Address
-----------------------OK? Method Status
YES manual up
size 11873 repeat 10
Mcast:
Drop: 0 encapsulation
0 options denied, 0 source IP address zero
to the ASR1k itself also fails:

10.222.202.50
61
Bcast: 198 received, 0 sent
Sent: 52 generated, 44723000 forwarded
failed, 0 unresolved, 0 no adjacency
Interface
Frags: 61 reassembled, 42 timeouts, 0 couldn't reassemble
fragmented, 122 fragments, 0 couldn't fragment
There
The ping
ASR#sh ip int br
Protocol Te0/0/0
up
Type escape sequence to abort.
Echos to 10.222.202.50, timeout is 2 seconds:

(0/10)
0 format errors,
0 unknown protocol, 0 not a gateway
0 security failures, 0 bad options, 0 with options

route
IP
186570321 total, 222 local destination
ASR#ping 10.222.202.50
Sending 10, 11873-byte ICMP
..........
Success rate is 0 percent
ASR#
CSCtz54207
Symptom: After the master stack is down, net hop address is duplicated on "ip next-hop".
---------------- 3750X#sh rout route-map TEST, permit, sequence 10
Match clauses:
ip address (access-lists): PBR
192.168.1.254
<<<
Set clauses:
ip next-hop 192.168.1.254
Policy routing matches: 0 packets, 0 bytes
----------------
Conditions: configure route-map. 3750X(config)#no route-map TEST

3750X(config)#route-map TEST
3750X(config-route-map)#ma ip add PBR
3750X(config-route-map)#set ip next
3750X(config-route-map)#set ip next-hop
192.168.1.254
CSCtz54338
Symptom: The Valgrind tool reports a memory issue in fman_acl_bind_ack_cb().
Conditions: This issue is seen after run valgrind tool is run.
CSCtz54535
Symptom: OTV packets are dropped for 1 minute when the ED gets back to AED from the No ISIS
neighbor at Join-interface status.
Conditions: The issue occurs under normal conditions
CSCtz55138
OL-26698-16
85
Symptom: The "snmp-server enable traps ISG-MIB" commnd is not shown in the running
configuration.
Conditions: This issue does not occur under a specific conditions.
Further Problem Description: The "snmp-server enable traps ISG-MIB" command is not getting
nvgen. Therefore, a trap can neither be enabled or disabled from CLI.
CSCtz55297
Symptom: Credit allocation is not changed when sessions are changed from unauthenticated to
authenticated.
Conditions: The existing nonauthenticated session needs to be modified to authenticated session.
CSCtz55363
Symptom: In the Cisco ASR Series Aggregation Routers, changing the speed on the main interface
does not change the Delay (DLY) value for the earlier configured subinterfaces.
Conditions: This issue occurs when the subinterfaces configured.
Workaround: 1.)Reload the router. 2.)Reconfigure the subinterface.
CSCtz55923
Symptom: The TTL field of the IPv4 header is reset after routing through ASR1000 after reloading
the router.
Conditions: NAT configuration along with 'no ip nat service dns-reset-ttl'.
Workaround: Remove and readd the no ip nat service dns-reset-ttl command configuration after
reloading the Cisco ASR1000 Series Aggregation Services Router after all the cards are in an 'OK'
state.
CSCtz55969
Symptom: Changes to a custom profile are reflected in the actual packet transmission rates.
Conditions: Video with a custom profile
Workaround: Remove the corresponding profile, and create a new one with the required changes.
CSCtz56671
Symptom: An ACL is applied for filtering within a classmap for shaping traffic. When you try to
resequence the ACL, the class map DB is not populated with new sequencing, and that causes a
crash.
Conditions: ACL resequence that should be used within class-map
Workaround: Do not use resequencing, or remove and re-add the same after resequencing.
Further Problem Description: ip access-list resequence <ACL #/name> followed by either a no
<ACE #> or a no <ACL #/name>. The crash occurs inside the MDB and the root cause of this
crash is that the sequence numbers stored in the MDB are out of sync with the sequence numbers
stored in ACL. Therefore, when the no ACE # command is issued, the MDB tries to delete that ACE
from its tree, but never finds it and gets stuck in a loop.
CSCtz58037
Symptom: The router crashes after Shut no shut and OIR commands.
Conditions: The issue occurs when the router is configured with the cfm one up mep command and
the cfm down mep command with trunk EFP.
86
OL-26698-16
CSCtz58941
Symptom: The router crashes when users execute the show ip route XXXX<noCmdBold>
command.
Conditions: This symptom is seen during the display of the show ip route XXXX output, when the
next hops of networks are removed.
Workaround: Use the show ip route command without x.x.x.x.
CSCtz59615
Symptom: The IPv6 route does not get installed in the IPv6 VRF routing table.
Conditions: This symptom is seen in a RADIUS Framed-IPv6-Route.
CSCtz61556
Symptom: ATM local switching segments do not come up after changing the encapsulation on both
interfaces.
Conditions: This symptom is seen in ATM VC local switching. If the encapsulation on both the ATM
VC segments are changed, the segments remain in DOWN state.
CSCtz61599
Symptom: After adding the performance-monitor policy map under the port channel interface, it
continuously displays the information that Port-channel1 has more than one active member link:
it-wan-agg5-14(config)#int port-channel 1
it-wan-agg5-14(config-if)#$performance-monitor input PERF-MON-port-channel
it-wan-agg5-14(config-if)#$performance-monitor output PERF-MON-port-channel
it-wan-agg5-14(config-if)# Port-channel1 has more than one active member link
Port-channel1 has more than one active member link
Conditions: This symptom is observed after the performance-monitor policy map is added under the
port channel interface.
CSCtz63421
Symptom: Dynamic update of the encapsulation tag to Single Vlan on Trunk EFP Configured
interface must not be allowed.
Conditions: 1. Configure range of VLANS in Encap tag on trunk efp interface. 2. Change
Encapsulation dynamically from range of Vlans to single Vlan encap tag. 3. Check running Configs
of Trunk interface.
CSCtz63699
Symptom: In some scenarios, the VRRP "owned" address state is not correctly represented within
the "default" VRRS pathway. Additionally, there are various scenarios in which "owned" address
conflict checking is not correctly carried out.
Conditions: These symptoms are only exhibited when a user is using an "owned" address within the
VRRP group. An "owned" address is a VRRP virtual address that is equal to one of the addresses
configured on the interface.
OL-26698-16
87
Workaround: Use a unique VRRP group address that does not conflict with any of the interface
addresses or another address within the same VRF.
CSCtz63968
Symptom: The dialer pool is removed from the Ethernet interface.
Conditions: Crashes occur after the timer expires for PADI. It seems the session was not cleared
properly.
CSCtz64836
Symptom: The debug redundancy idb-sync-history command does not work.
Conditions: The "debug redundancy idb-sync-history" command does not work.
CSCtz65370
Symptom: When performing an RP switchover with a large number of DMVPN sessions (> 3K),
ESP40 may reload.
Conditions: The issue occurs during an RP switchover with many DMVPN sessions.
Workaround: Clear the IPSec sessions before performing an RP switchover.
CSCtz67151
Symptom: The IP SLA responder process causes high CPU utilization.
Conditions: Configuring a permanent address in the IP SLA responder before enabling the responder
can cause High CPU utilisation. To recreate, perform the following configs: in responder ip sla
responder no ip sla responder ip sla responder udp-echo ipaddress A.B.C.D port XXXX
To recover from high cpu, ip sla responder no ip sla responder udp-echo ipaddress
A.B.C.D port XXXX
Workaround: Ensurethat you enable the responder before programming the permanent addresses, or
do not use the permanent addresses.
CSCtz67726
Symptom: Single probe ID is not permitted on the ip sla group schedule command. Entering the
same as probe ID under the ip sla group schedule command in the format of the ID is acceptable
but this will be displayed as a single probe ID on the running configuration.
Conditions: This issue is seen while using a single probe ID under the ip sla group schedule
command.
Workaround: Use the ip sla schedule command for the single probe ID.
CSCtz67785
Symptom: The Cisco ASR 1000 Series Aggregation Routers may experience a CPP crash.
Conditions: This symptom occurs when the router is configured for the Session Border Controller
(SBC). During periods of high traffic, FP reports a lot of media up events to the RP, which can cause
the RP to crash.
Workaround: If the ip nbar protocol-discovery command is enabled, it may exacerbate the crashes.
Removing it may help provide some stability.
CSCtz69913
88
OL-26698-16
Symptom: NHRP packets received from a DMVPN tunnel using tunnel protection are dropped on a
Cisco ASR 1000 Series Aggregation Routers when the VRF-Aware Service Infrastructure (VASI)
interface is configured and the IPSec traffic is traversing the VASI interface. This only happens
when using VASI in combination with tunnel protection on the tunnel interface. The NHRP packets
are decrypted correctly, but are dropped at the tunnel interface, and the drop counter shows the
show platform hardware qfp active statistics drop | e _0_.*_0_
------------------------------------------------------------------------- Global
Drop Stats
Packets
Octets
------------------------------------------------------------------------UnconfiguredIpv4Fia 6734
Conditions: The issue occurs when the VASI interface configuration is used for Tunnel protection.
Workaround: 1) Use a dynamic crypto map on the physical interface. However note that this may
cause issues with the spoke behind NAT. 2) Disable VASI, if possible.
CSCtz69986
Symptom: The ESP free memory of the ASR 1000 Series Aggregate Services Routers slowly
decreases over time (~ 7MB per day).
Conditions: This symptom occurs when the WCCP is configured on the interfaces.
Workaround: There is no workaround, unless the WCCP interface configuration is removed.
CSCtz70973
Symptom: The Cisco ASR1002-X Router or ESP100 may reload unexpectedly.
Conditions: The issue is typically observed when a large number of interfaces are present.
CSCtz71084
Symptom: When the prefix from the CE is lost, the related route that is advertised as best-external
to RR by the PE does not get withdrawn. Even though the BGP table gets updated correctly at the
PE, the RIB continues to have a stale route.
Conditions: This symptom is observed in a topology where CE0 and CE1 advertise the same
prefixes:
CE0------------------PE0---------------------RR
|
|
CE1------------------PE1----------------------|
|
|
Workaround: Hard clear.
CSCtz71087
Symptom: Multiple outside global addresses are assigned the same outside local address.
Conditions: This issue occurs in a outside dynamic mapping configuration, when running ALG
traffic hitting the dynamic mapping, multiple outside global addresses are assigned the same outside
local address.
Workaround: Clear the ip nat translation * command.
CSCtz71208
Symptom: On a Cisco ASR1000 Series Aggregation Services Router, once the error
CPP_FM-3-CPP_FM_TCAM_ERROR is seen, the only way to recover TCAM is to reload the router.
Removing the configuration leading to TCAM exhaustion is not enough.
OL-26698-16
89
Conditions: This is seen after the TCAM is exhausted. This bug pertains only to recovery from
exhaustion, not the exhaustion itself. For information about the latter, that, please see CSCtz33305.
Deny Statements could exhaust the TCAM entries.
CSCtz73450
Symptom: Multiple <CR> options for the snmp-server enable traps mac-notification change
move threshold" command results in the following error message:
Ambiguous command.
Conditions: When trying to configure the snmp-server enable traps mac-notification change
move threshold command, the parser fails to process the command properly and results in an
Ambiguous command message.
Workaround: The user may turn on the snmp-server enable traps mac-notification change move
threshold command along with other traps by configuring snmp-server enable traps and then
removing the other unwanted commands. But the user will be unable to remove the commands from
the configuration for the same reason that prevents it from being configured.
CSCtz74060
Symptom: The show platform hardware qfp active feature ess state command does not display
output.
Conditions: The output is displayed in XML format during ISSU sub-package downgrade from
XE3.7.0 to lower releases on 4RU. The output is displayed normally after the upgrade. This
condition does not have an impact on the functionality.
CSCtz74310
Symptom: Although there are no visible symptoms, if someone tries to configure Netsync on a
Maverick or CEOP_24xT1E1, it will not work. Netsync is not a supported on Maverick and
CEOP_24xT1E1.
CSCtz74315
Symptom: The Metronome SPA is not supported on Kingpin.
Conditions: The Metronome SPA fails to come up on Kingpin chassis.
Further Problem Description: The Metronome SPA is not supported on Kingpin. The Netsync
feature is supported on hybrid SPA.
CSCtz74685
Symptom: A router crash is observed on Y1731 DM.
Conditions: This symptom is seen when the 1DM session is started.
CSCtz75230
Symptom: When the remote VLAN interface is unshut, with IPv4 data traffic being sent
continuously to the remote VLAN interface, the corresponding ARP entry is not created.
90
OL-26698-16
Conditions: When using static FRR configuration and disabling the backup route, shut down the
remote vlan interface of the primary path, and then wait for the ARP entry to be removed from
ASR1000 Series Aggregation Router after the ARP timeout.
Workaround:
Method 1: Configure the static ARP entry.
Method 2: Provide a valid backup route. Method 3: Do not use static FRR.
CSCtz75371
Symptom: When the router is configured with script, the BFD sessions remain inactive. If the same
configuration is run manually, the BFD sessions come into the UP state.
Conditions: This issue occurs only when the bug is reproduced with the script.
Further Problem Descriptions:
1. The inactive sessions come into the active state when the test client is registered or deregistered
with BFD manually.
2. This issue appears to be a timing-related issue.
3. Further investigation depends on the availability of the test bed.
CSCtz75380
Symptom: A Cisco ASR 1000 Series Aggregation Services Router sends malformed RADIUS
packets during retransmission or failover to a secondary RADIUS server, for example, Cisco CAR.
Conditions: This issue occurs during retransmission of RADIUS access requests or if RADIUS
packets are sent to a secondary RADIUS server.
CSCtz75433
Symptom: When the Open Garden ACL on a Cisco ASR 1000 Series Aggregation Router with ISG
functionality is modified, the ACL allows all traffic instead of only Open Garden permit entries.
Conditions: This issue occurs when at least one unauthorized session is open when the ACL is
modified.
Workaround: Clear all the sessions.
CSCtz75816
Symptom: NBAR Field Extraction (AKA collect through IPFIX) does not work for flows over IPv6
tunnels.
Conditions: This is relevant when configuring NBAR to classify inside the tunneled IPv6 flows. This
is anyway not fully supported in the AVC eco-system in XE3.7.
CSCtz77171
Symptom: Subscriber drops are not reported in Mod4 Accounting.
Conditions: This symptom is seen on the checking policy map interface for account QoS statistics
on a port channel subinterface.
CSCtz80643
OL-26698-16
91
Symptom: A PPPoE client's host address is installed in the LNS' VRF routing table with the ip vrf
receive vrf name command supplied either via RADIUS or in a virtual-template, but is not installed
by CEF as attached. It is instead installed by CEF as receive, which is incorrect.
Conditions: This symptom is observed only when the virtual-access interface is configured with the
ip vrf receive vrf name command through the virtual-template or RADIUS profile.
CSCtz82591
Symptom: IPv6 multicast internal tunnel numbers conflict with user-configured tunnel numbers.
Conditions: When user-configured tunnel numbers are in a low range, and the number of internal
tunnels being created by IPv6 multicast overlaps with user-configured tunnel numbers on reload, the
nvgen commands fail.
Workaround: User-configured tunnel numbers should start at a high value range to avoid conflicting
with internal tunnels.
CSCtz82711
Symptom: Datapath session crashes.
Conditions: This symptom is observed when SGSN sends echo req before PDP_CREATE_REQ.
CSCtz83062
Symptom: Removing and attaching bandwidth percent configurations under a policy-map results in
an error message.
Conditions: This issue occurs when you peform the following procedure:
1. Create a policy that has bandwidth percent for both user-defined classes and a class default that
adds up to 100 percent.
2. Attach to the interface.
3. Remove one of the user-defined classes and attempt to reattach the same class with the same
bandwidth percent value again.
CSCtz83221
Symptom: Either the active RP or the standby RP route processor crashes.
Conditions: This symptom is seen during the configuration or removal of ATM virtual circuits.
CSCtz85102
Symptom: Packets with the L2 multicast address and L3 unicast address combination cannot be
forwarded by the L2TPv3 tunnel on the Cisco ASR 1000 Series Aggregation Router.
Conditions: This symptom is observed with packets having the L2 multicast address and L3 unicast
address combination. This issue is seen in all Cisco ASR 1000 Series Aggregation Services Routers.
CSCtz86747
Symptoms: The xxx router crashes.
92
OL-26698-16
Conditions: This symptom is seen when all the user-defined class maps with live traffic are being
removed.
Workaround: Close the interface first before removing the class map.
CSCtz87676
Symptom: The ARP request to the same ip address in different VRFs is incorrectly rate limited. For
example: ping vrf 2001 172.16.0.2 repeat 100 timeout 0 ping vrf 2002 172.16.0.2 repeat
100 timeout 0 ping vrf 2003 172.16.0.2 repeat 100 timeout 0 ping vrf 2004 172.16.0.2
From the debug arp output, you can see ASR1000 generates only 1 arp
request in 2 seconds (0.5 pps) *Apr 29 03:10:44.932: IP ARP: sent req src 172.16.0.1 *Apr
repeat 100 timeout 0.
29 03:10:46.901: IP ARP: sent req src 172.16.0.1

req src 172.16.0.1
*Apr 29 03:10:48.879: IP ARP: sent
*Apr 29 03:10:51.004: IP ARP: sent req src 172.16.0.1
03:10:53.078: IP ARP: sent req src 172.16.0.1
*Apr 29
*Apr 29 03:10:55.105: IP ARP: sent req
src 172.16.0.1 <snip> Per the design, the arp request to the same ip address in the same VRF is
0.5pps. But when the ip address appears in different VRFs, the ARP request rate should be 0.5 PPS
in each VRF.
Conditions: Day 1 issue.

Workaround: static arp.
CSCtz89337
Symptom: Two paths with the same nexthop are marked and advertised when the all option is set.
All paths advertised should have a unique NH.
Conditions: The issue occurs when there are two paths with the same nexthop.
CSCtz89485
Symptom: NAT traffic passes through the new standby router following HSRP switchover.
Conditions: This symptom is observed in HA NAT (NAT with HSRP) mappings with inside global
addresses that overlap a subnet owned by a router interface.
Workaround:
1. Force a HSRP switchover so that the initial standby router takes activity.
2. Remove and readd HSRP NAT mappings on the newly active router.
3. Force an HSRP switchover back to the initial active router.
CSCtz89608
Symptom: A router that is operating in an ISG environment experiences a crash due to memory
corruption.
Conditions: This symptom occurs within the SSS context.
CSCtz89697
Symptom: The SIP-400 crashed.
Conditions: This issue occurs because of accessing the NULL pointer in a timer wheel. However,
the trigger that contributes to the NULL pointer has not yet been determined. I have added the
Eng-notes which has the code analysis for this crash.
Workaround: You can prevent the crash by adding the NULL check condition before calling
tw_timer_stop API.
CSCtz90000
OL-26698-16
93
Symptom: "service-policy type performance-monitor inline input" is applied to a range of

interfaces.
Conditions: Range interface mode may reload a switch if perf-mon inline is applied.
Workaround: Do not use teh range command option. Apply inline command one at one interface at
a time.
CSCtz90909
Symptoms: A router crashes when the no l2 vfi vfi-name point-to-point command is run.
Conditions: This symptom occurs while unconfiguring l2 vfi.
CSCtz92606
Symptom: The MFR memberlinks-T1 serial interfaces created under a CHOC12 controller do not
get decoupled from MFR even after the MFR bundle interface is deleted. After the MFR bundle
interface is reconfigured, the memberlinks do not appear under it.
Conditions: This symptom is seen in MFR with memberlinks as T1 serials from CHOC12 sonet
controller.
Workaround: Unconfigure and reconfigure the encapsulation frame-relay MFRx under each
memberlink after reconfiguring the MFR bundle interface.
CSCtz93922
Symptom: An XConnect virtual circuit may be down on one peer while it is up on the remote peer.
The output of the show mpls l2 transport vc detailed command indicates that it is in the LruRrd
state and that the last status it received from the remote peer is pw-tx-fault.
Conditions: This symptom has been observed when both the attachment circuit and core-facing
interfaces are on the same module and that module is reset using the hw-module module module
reset command, and the remote peer is running Cisco IOS Release 15.2(02)S or later.
Workaround: Run the shutdown command followed bythe no shutdown command on the
attachment circuit.
CSCtz94902
Symptom: Memory allocation failure occurs when attaching to SIP-40 using a web browser.
Conditions: This symptom occurs on the line card.
Workaround: Reset the line card.
CSCtz95698
Symptom: The standby router by the BGP design remains in the read/write mode after it gets out of
the read only mode both in the Active RP and the Standby RP. The read/write mode might, in some
timing situation, become the startup state of the new Active RP after SSO. Whereas a fresh reload
starts with the read only mode. This read/write startup state is not a desirable state by BGP code
design. Hence, this DDTS introduces a new read/scan state for the Standby RP. With this fix the
Standby RP stays in the read/scan state and does not change to the read/write state.
Conditions: This is a timing situation when the BGP standby RP after switchover might start
best-path or update activity with stale RW mode, then get into RO before finally getting back to the
operational RW mode again. This may at times cause unnecessary path updates to go out
immediately after switchover (in the stale RW mode, carried forward from its Standby state) only to
be replaced with the fully operational best-path updates, once the new Active RP gets to the fully
operational RW mode.
94
OL-26698-16
CSCtz95995
Symptom: If the router receives the same prefix or masks with the same AD, the code of route origin
in the show ip route command is overwritten.
Conditions: This issue occurs at L2TP situation, and can be shown on 12.4(25f) or 15.1(4)M4.
Workaround: Use the clear ip route command.
CSCtz96167
Symptom: The QoS DSCP cases fail.
Conditions: This symptom is observed in a QoS profile (with 31 as the DSCP value configured under
the SBE) but DSCP bit is still sent as 0.
CSCtz96504
Symptom: Some of the backup VCs go down after SSO.
Conditions: This symptom occurs only on a scale scenario, for example, by creating 500 primary
VCs and 500 backup VCs.
Workaround: The backup VCs can be brought to the SB state by issuing the clear xconnect peerid
peerid of the PW vcid vcid command, although it is not usually recommended.
CSCtz97093
Symptom: The multilink input counters are not increasing.
Conditions: The issue occurs when .... it is used as the IPv6 DmVPN tunnel source.
CSCtz97244
Symptom: IPSLA video operation with VRF support does not receive any packets.
Conditions: This symptom occurs whenthe no emulate command is specified with the input
interface.
Workaround: Use the emulate command to specify the input interface that has access to the VRF.
CSCtz98255
Symptom: The BGP incorrectly accepts the route-reflector-client configuration under neighbor
CLI if the neighbor is configured to be eBGP. There is no functionality loss, but the command should
not be accepted.
Workaround: Remove the incorrect configuration.
CSCtz98347
Symptom: When ISI-S is configured to run Level 2, the IS-IS LFA does not create repair path if the
total metric to a prefix is 1024.
Conditions: This issue was found with 15.2(2)S, and when the ISIS metric is more than 1024 and
configured to run Level 2.
Workaround: Ensure that the total metric to a prefix is less than 1024, or use a narrow metric setting.
CSCtz99914
Symptom: Traffic drops on MLP interfaces with QoS after a system reload.
OL-26698-16
95
Conditions: Reload.
Workaround: Use the Shut and no shut commands in the multilink bundle after reload if the tail
drops on the interface are displayed.
CSCua01375
Symptom: Certificate validation fails when CRL is not retrieved.
Conditions: This impacts ASR when configured to use a VRF.
Workaround: Use a certificate map to revoke certificates or publish CRL to an HTTP server and
configure CDP override to fetch the CRL.
CSCub01576
Symptom: The ESP reloads on the Cisco ASR 1000 router due to ucode crash.
Conditions: This symptom is observed on the Cisco ASR 1000 Series Aggregation Routers where
the Layer 4 Redirect feature is configured. This problem was firs seen in Cisco Release 15.2(01)S.
This issue may not be seen at all in some customer environments, but may be seen about once a week
in medium-sized high CPS ISG production networks.
CSCua01641
Symptom: The NAS-IP address in the RADIUS accounting-on packet is 0.0.0.0:
RADIUS: Acct-Session-Id
[44] 10 00000001 RADIUS:
Accounting-On
[7] RADIUS: NAS-IP-Address
RADIUS: Acct-Delay-Time
[41] 6
0
Acct-Status-Type
[4]
6
0.0.0.0
[40]
Conditions: This occurs when you restart the router.

CSCua02783
Symptom: Get/Walk on PROCESS-MIB fails.
Conditions: This issue occurs when you upgrade the device from 3.5 to 3.6.
Workaround: Reload the device.
CSCua03201
Symptom: If the VPN ID of an existing Virtual Forwarding Interface (VFI) is changed on a dual RP
system, and then a stateful switchover (SSO) is performed, the new standby router may repeatedly
reload.
Conditions: This symptom is observed in Cisco IOS Release 15.2(2)S and Cisco IOS XE Release
3.6.0S and later.
Workaround: In order to configure a new VPN ID for a VFI, completely remove the existing VFI
and reconfigure it.
CSCua03452
Symptom: The CLI displays the wrong queue_depth and qlimit values.
Conditions: The issue occurs when you issue the show platform hardware qfp active interface bqs
queue output default interface GigabitEthernet0/1/0 linkdown command.
CSCua03521
96
OL-26698-16
Symptom: Router reloaded.

Conditions: This issue occurs in some situations where IPV6 address compression fails, and Cisco
IOS attempts to restore the previous ACL, but fails.
Workaround: Rearrange the ACLs.
CSCua04049
Symptom: If a capture is stopped because of the limits reached, and the capture is started
immediately, the capture fails to stop.
Conditions: This symptom occurs after the immediate reactivation of a capture.
Workaround: Clear the buffer before reactivating the capture or wait for a minimum of 5 seconds
before reactivating a capture point.
CSCua04277
Symptom: IPv6 multicast routes do not get installed correctly.
Conditions: This issue occurs when you perform the following procedure:
1. Enable IPv6 multicast.
2. Configure the IPv6 addresses on the interface.
3. Configure RIP on these interfaces. Sometimes, the IPv6 route learned from RIP could be missing
in the IPv6 multicast routing table.
CSCua04991
Symptom: The parser chain for the show application ip route command is broken for topology.
Conditions: This issue is visible when topology is enabled in the router.
CSCua06023
Symptom: Some of WBX image builds are failing.
Conditions: The issue does not occur in a specific condition.
CSCua06026
Symptom: The EIGRP routes are not getting redistributed in OSPF.
Conditions: Stops working intermittently.
Workaround: Redistribute the connected networks in OSPF.
CSCua06598
Symptom: Router may crash with breakpoint exception.
Conditions: This symptom is observed whenthe SNMP polls the IPv6 MIB inetCidrRouteEntry and
a locally sourced BGP route is installed in IPv6 RIB.
Workaround: Disable SNMP IPv6 polling.
CSCua06804
Symptom: IPv6 trace route shows incorrect 2nd hop IP address.
Conditions: Over the interAS network.
CSCua06874
OL-26698-16
97
Symptom: Certain connected routes within a VRF are not installed into the EIGRP topology table
(and advertised) although they are in the VRF routing table and are shown as connected.
Conditions: This issue is seen when you use the ip vrf receive <vrf-name> command under the
connected interface that is to be advertised by the EIGRP.
CSCua07184
Symptom: On a Cisco ASR1000 Series Aggregation Router with stateful NAT configuration and
using inter-chassis redundancy, removing VRF causes the mapping ID to be locked when trying to
apply the NAT rules again: %Snat mapping ID 1 in use %Snat mapping ID 2 in use. The NAT rules
that were automatically deleted and that customer want to re-apply : ip nat inside source list <ACL
name> pool <pool name> redundancy 1 mapping-id 1 vrf <vrf name> overload.
Conditions: This issue occurs when the following tasks are performed:
- Remove the VRF using the no ip vrf vrf name command. All the NAT configurations related to
this VRF are deleted.
- Restore the VRF configuration, and add IP VRF definition.
- When you try to add the NAT VRF-related configuration, the mapping ID gets locked.
Workaround: Unconfigure the ip nat inside source command before deleting the IP VRF, as
described here:
1. Remove the NAT configurations from the Inside and Outside interfaces.
2. lear ip nat trans.
3. Remove NAT rules (no ip nat inside source xxxx xxxx xxx)
4. Remove and readd the VRF configuration.
5. Readd the NAT rules and the NAT configurations on the interfaces.
CSCua07228
Symptom: Locally generated traffic is not encrypted when a crypto map is applied to the LISP
interface.
Conditions: The issue occurs when GET VPN or the static crypto map is configured on the LISP
interface to encrypt traffic between the LISP EIDs.
CSCua07367
Symptom: When retrieving session information from the VPDN management MIB, some sessions
are missing. In addition, the SNMP walk fails to get terminated, instead returning the same sessions
repeatedly.
Conditions: This issue is found in Cisco IOS versions 15.2(01)S01 and later, 15.2(02)T1 and later,
15.1(04)M4 and later, and 15.0(01)M and later.
CSCua07502
Symptom: The throughput on a multiple member-link MLPPP bundles with links of differing
bandwidth may be slightly less than expected due to a complication inthe load balancing algorithm
due to mixed bandwidth links. Note that throughput degradation is minimal. The issue was first seen
in 15.2(02)S01, but was addressed in Release 15.2(02)S02. Therefore, Release 15.2(02)S01 is the
only release with this symptom.
98
OL-26698-16
Conditions: The issue occurs if the MLPPP bundle has multiple member-link MLPPP bundles with
links of differing bandwidth.
CSCua08206
Symptom: VCs (configured with VPLS) on the standby RP in down state.
Conditions: core link flap.
Workaround: clear xcon all
CSCua08027
Symptom: Tracebacks appear on Cisco ASR 1000 Series Aggregation Services Routers when LI is
used with SNMP-based TAP. This occurs from Cisco IOS XE35 Release
Conditions: This issue occurs when SNMP-based LI is used and the routers are running versions
XE35 or later.
CSCua09443
Symptom: The MLPPPoLNS (L2TP) packet transmit action does not handle the packet transmit
operation correctly when the MLPPPoLNS packet is being sent via MPLS VRF (that is, the L2TP
tunnel is in a VRF). In the Cisco ASR1000 Series Routers 15.1(3)S and 15.2(1)S release trains, the
packet is transmitted as expected, but the MLP Tx ESS Packet Drop statistics may be seen
incrementing and the MLP Tx Unfragmented Packet statistics for the bundle indicate that no packets
have been transmitted (even though they are likely to have been transmitted). Problem would in most
cases be transparent in this release train but MLPPP statistics would be incorrect. In the Cisco ASR
1000 Routers 15.2(2)S release trains, if multilink fragmentation, interleave, or both are DISABLED,
the behavior will be the same as in the release trains described earlier. If multilink fragmentation,
interleave, or both are ENABLED, the first MLPPP fragment will be sent, but not the remaining
fragments. The peer router is also likely to detect lost MLPPP fragments.
Conditions: This issue occurs when the MLPPPoLNS packet is sent via MPLS VRF (that is, L2TP
tunnel is in a VRF).
CSCua09653
Symptom: Snmp-server host x.x.x.x public bgp.
Conditions: Functionality is not broken but CLI is not NVGened. However, when router is reloaded
functionality would not work.
CSCua10815
Symptom: A leak is seen in CPP memory, and the FP crashes.
Conditions: This symptom is observed when the IPSec WCCP is configured. Due to a large number
of debug log messages in the cpp_cp_F0-0.log file, there is a memory leak in the CPP, and the FP
crashes.
CSCua11924
OL-26698-16
99
Symptom: Under certain conditions, a Cisco ASR1000 Series Aggregation Router may send ICMP
type 3 code 4 (unreachable, fragmentation needed, but with the DF bit set) packets with a wrong
source IP address, that is, the IP address configured on the ingress interface of the original packet
(which is too big and cannot be fragmented) instead of an IP address belonging to an interface in the
VRF the packet is destined for.
Conditions: This issue occurs when MPLS VPN is used and the big packet enters the router through
an MPLS interface, and when the egress interface has a lower MTU and belongs to a (nonglobal)
VRF.
Workaround: If possible, do not filter ICMP unreachables based on the source IP address in the
network between the Cisco ASR1000 Series Agregation Router and the sender. Apply a route map
to ignore the DF bit, allowing the big packets to be fragmented, or in the contect of TCP traffic,
apply the ip tcp adjust-mss <value> command to lower the TCP MSS of the sending host.
CSCua12396
Symptom: IPV6 multicast routing is broken in master switchover scenarios with a large number of
members in the stack. The issue is seen on platforms such as Cisco Catalyst 3750-E Series
Switches and the Cisco Catalyst 3750-X Series Switches that support IPV6 multicast routing.
Conditions: The issue occurs when IPV6 multicast routing is configured, multicast routes are
populated, and traffic is being forwarded. In master switchover, synchronization between the master
and members is disrupted. This is seen only in IPv6 multicast routing; it is seen in a 9-member stack
and either during the first or the second master switchover. No issues are seen in IPv4 multicast
routing.
Workaround: Enable IPv6 multicast routing when you have a deployment with less members in the
stack.
CSCua12467
Symptom: Multicast operation and sub-opers return OK even though errors occurred.
Conditions: OK return code even though stats are not populated (for various error conditions)
Workaround: Display problem only. Fix underlying error and results will be OK.
CSCua13082
Symptom: A PPPoE client's host address is installed in the LNS' VRF routing table with the ip vrf
receive VRF NAME command supplied either via RADIUS or in a virtual template, but is not
installed by CEF as attached. It is instead installed by CEF as receive, which is incorrect.
Conditions: This issue does not occur under a specific condition. The only condition that exists is
the virtual access interface with ip vrf receive VRF NAME configured via the virtual template or the
RADIUS profile.
CSCua13273
Symptoms: The Cisco ASR 1000 Series Aggregation Services Routers may experience an RP crash
when the show crypto ipsec security command is used.
Conditions: This issue occurs when the Cisco ASR 1000 Series Aggregation Routers run an affected
version of Cisco IOS-XE, and an administrator issues the show crypto ipsec security command.
Workaround: There is no workaround. This issue requires that an authenticated Level 15
administrator or a configured AAA user with access to the show crypto ipsec security command to
issue the command. This is being treated as a functional issue by PSIRT and the BU, and will be
resolved in a future version of Cisco IOS-XE. PSIRT Evaluation. Cisco PSIRT has evaluated this
issue. This issue does not meet the criteria for PSIRT ownership or involvement, and will be
100
OL-26698-16
addressed via normal resolution channels. If you believe that there is new information that will cause
a change in the severity of this issue, contact psirt@cisco.com for another evaluation. Additional
information on Cisco's security vulnerability policy can be found at the following URL:
CSCua13322
Symptom: Routes for the converted dedicated P sessions are missing after an RP switchover.
Conditions: Converted dedicated IP sessions are not HA awared. Therefore, after an RP switchover,
these sessions will be re-established at the new active RP. Routes are not installed for some of these
sessions. As a result, downstream traffic is dropped.
CSCua13418
Symptom: RP-Announce packets are being replicated across all the tunnel interfaces and the count
of replication is equal to the number of tunnel interfaces. For example, if there are three tunnel
interfaces, then each tunnel should forward one RP-Announce packet each minute (with the default
timer configured). However, in this case, each tunnel is forwarding three RP-Announce packets
across each tunnel interface. This issue is not specific to the number of interfaces. It can happen with
any number of tunnel interfaces.
Conditions: This symptom is observed when filter-autorp is configured with the ip multicast
boundary command. This issue is seen on the Cisco 3725 Router too, where the incoming packets
are being replicated because of the filter-autorp command.
Workaround: Removing filter-autorp resolves the issue. However, you should remove the pim and
boundary commands first and then reapply the PIM and boundary list without the filter-autorp
keyword. Also, doing this might lead to the redesigning of the topology to meet specific
requirements. For example, execute int Tun X no ip pim sparse-dense mode no ip multicast
boundary XXXXXX filter-autorp and then int TuX ip pim sparse-dense mode ip multicast
boundary XXXXXX.
CSCua13551
Symptom: CAT 6K and ASR 1000 learning candidate default routes from nexus due to which the
default route is not being learnt properly and caused an outage.
Conditions: Nexus is running into a bug CSCtz79151 because of which it is advertising the
candidate defaults to its downstream neighbors.
Workaround: workaround is to configure ?default-information in xxxx? on the 6500's, where xxx is
an acl denying all default candidates from being learned except 0.0.0.0/0. On 6500 access-list 30
remark Workaround for Nexus_Bug access-list 30 remark Deny all default candidates except DR
access-list 30 permit 0.0.0.0 access-list 30 remark Deny all other routes access-list 30 deny any
router eigrp 109 default-information in 30.
CSCua13561
Symptom: After upgrading to Cisco IOS XE 15.2(2)S, users cannot get the IP address via PPP IPCP
from the DHCP pool on the Cisco ASR 1000 Series Aggregation Routers. There is no configuration
change.
Conditions: This issue occurs when you upgrade to Cisco IOS XE 15.2(2)S.
Workaround: Remove the vpdn authen-before-forward command.
CSCua14569
Symptom: The ip vrf receive command is not cloned to VAI from VT.
Conditions: This issue occurs when the ip vrf receive command is configured before PPPoE session.
OL-26698-16
101
Workaround: Configure once after the session is up.
CSCua14594
Symptom: A memory leak is seen when polling for the following PW MIBs:
1.3.6.1.4.1.9.10.106.1.5.1.1 (cpwVcPerfTotalInHCPackets)
1.3.6.1.4.1.9.10.106.1.5.1.2 (cpwVcPerfTotalInHCBytes) 1.3.6.1.4.1.9.10.106.1.5.1.3
(cpwVcPerfTotalOutHCPackets) 1.3.6.1.4.1.9.10.106.1.5.1.4 (cpwVcPerfTotalOutHCBytes)
Address
Size
SNMP ENGINE
Alloc_pc
PID
Alloc-Proc
Name 34417B84
308 13774B30
473
AToM VC event trace
Conditions: This symptom is observed with Cisco IOS Release 3.6S when the SNMP VC statistics
query is polled.
CSCua14640
Symptom: The configuration order changes after router reload.
CSCua14821
Symptom: Traffic loss and see ack-pend when the show platform software object-manager fp
active statistics command is executed. For example:
Router#show platform software object-manager fp active statistics
Forwarding Manager Asynchronous Object Manager Statistics
Object update:
Batch begin:
Batch end:
Command:
Command:
Pending-issue: 0, Pending-acknowledgement: 8
Pending-acknowledgement: 0
Stale-objects: 0
Conditions: UUT is using FP80 and also traffic is Jumbo frame pkt
CSCua14919
Symptom: IPv6 ISG session in attempting state on STANDBY-rp
Conditions: Just create one IPv6 ISG session.
CSCua16899
Symptom: The SFP and SPA modules only may appear to be missing from show inventory.
Conditions: This issue is observed after system bootup.
Workaround: Reload the SIP. This should reinitialize the SPA and SFP modules.
CSCua16958
Symptom: The ha_mgr does not recognize the PEER_PRESENCE/PEER_COMM events between
the active and standby servers, leading to the standby server crashing.
Conditions: Standby router crashes.
CSCua18542
102
OL-26698-16
Symptom: When a service change occurs as ISG, SCE is not ready to accept the CoA. In such a
scenario, the ISG resends an update session on the ISG-SCE Bus. The update session is sent, but it
does not have the attributes for SCE.
Conditions: This issue does not occur under a specific condition,
CSCua18679
Symptom: The Framed IP Address is not included in the accounting start requests for dual stack
(IPv4 and IPv6) users and when the IPv4 is coming from a local IP pool. Accounting interims and
accounting stop messages always include the Framed-IP-Address attribute (attr(8)). Following
commands were configured and were of no help in: aaa accounting delay-start [all] aaa
accounting include auth-profile framed-ip-address
Conditions: Dual Stack users and IP address is given from a Local IP pool.
Workaround: Break any of the condition above: IPv4 users are not affected, even if the IP is coming
from a local pool. If the IP address is coming from the radius, with the Framed-IP-Address attribute,
it is OK.
CSCua19207
Symptom: From Cisco IOS XE Release 3.1, a Cisco ASR 1000 Series Aggregation Router is unable
to support class-default shaping on a subinterface used with tunnel QoS.
Conditions: This issue occurs on a Cisco ASR 1000 Series Aggregation Router when you try to
configure class-default shaping on a subinterface used with tunnel QoS.
CSCua19016
Symptoms: A duplicate XConnect instance (VCID, Peer ID) is accepted when configured on a
different interface.
Conditions: This issue occurs when you use the basic xconnect config command.
Workaround: Do not use the same VCID and Peer ID on two distinct interfaces.
CSCua19425
Symptom: The RP crashes at the far end of xx, pointing to a Watchdog Process BGP.
Conditions: This issue occurs when you perform an FP reload at the near end. EBGP sessions with
BFD configured between near end and far end routers.
CSCua20021
Symptom: The clear ethernet cfm ais command with the EVC option does not work.
Conditions: This issue occurs when you specify the EVC name with the clear ethernet cfm ais
command.
Workaround: Use service option instead.
CSCua21049
Symptom: The recursive IPv6 route is not installed in the multicast RPF table.
Conditions: This issue occurs in a multicast RPF table.
CSCua21171
OL-26698-16
103
Symptoms: The ping does not pass between a few Distributed LFI over ATM (dLFIoATM) bundles.
Conditions: This symptom is observed after a few dLFIoATM bundles are configured. Check the
ping between bundles and perform a shut/no shut of the interface.
CSCua21238
Symptoms: Cisco IOS crashes @_ipv6_address_set_tentative.
Conditions: This symptom occurs while unconfiguring the IPv6 subinterfaces during the loading
phase of a box with NetFlow configuration.
CSCua22166
Symptom: The IPv6 reassembly percentage functionality does not work, for example, percentage
100% for EF, EF IPv6 traffic should not be dropped, however it is drops some percentage.
Conditions: IPv6 neighbor adjacency works abnormal.
Workaround: Add the ipv6 neighbor ipv6_address GigabitEthernetx/x/x.vlan_id
ipv6_peer_mac command to the subinterface. The issue does not occur in the latest MCP_DEV
release.
CSCua22825
Symptom: Routes with interface gateway are not deleted.
Conditions: Gateway should not fall in the subnet configured on the interface.
Workaround: Run the clear ip route command to delete the routes after the application is
deregistered.
CSCua23262
Symptom: A BFD crash and major network outage is seen.
Conditions: Configuring the no ip route-cache command on the main interface or subinterface
configures the same on all the subinterfaces of that interface, causing the BFD to go down and a
major network outage to occur due to slow convergence.
CSCua23997
Symptom: Continuous ESP crash is seen after packets are dropped because of unsupported OCE.
Conditions: This issue is observed when the OCE is unsupported.
CSCua24689
Symptom: Fragments are sent without labels resulting in packet drops on the other side.
MPLS-enabled DMVPN tunnel on egress
VFR on ingress
Workaround: Disable VFR, if possible.
CSCua25041
Symptom: The entPhysicalIsFRU of the 6-port built-in GE SPA in the Cisco ASR1002-X Router is
false. As a result, the built-in SPA is shown in the cefcModuleTable.
104
OL-26698-16
Conditions: This issue occurs when the SNMP is queried on entPhysicalIsFRU or cefcModuleTable
on the ASR1002-X chassis.
CSCua26487
Symptom: SNMP loops at OID 1.3.6.1.4.1.9.9.645.1.2.1.1.1, and as a result, the SNMP walk fails.
Conditions: This symptom is observed only on the SNMP getbulk request onOID
1.3.6.1.4.1.9.9.645.1.2.1.1.1.
Workaround: Exclude the MIB table from the SNMP walk using the SNMP view.
See the below configurations.
snmp-server
snmp-server
snmp-server
snmp-server
view iso included

view ceeSubInterfaceTable excluded
community view nterfaceTable excluded
community view Symptom.
CSCua27842
Symptom: A Cisco ASR 1000 Series Aggregation Service Router crashes in firewall code due to
NULL l4_info pointer.
Conditions: This symptom occurs when a Cisco ASR 1000 Series Aggregation Router acts as the
MPLS L3VPN UHP. It crashes because FW/NAT requires l4_info to be set. This issue is triggered
when the following features are configured:
MPLS L3VPN (PE)
Zone-based FW/NAT
MPLS and MP-BGP load balance configured towards the upstream router.
CSCua27852
Symptom: Traffic loss is seen in the pure BGP NSR peering environment.
Conditions: This symptom is seen on a Cisco router that is running Cisco IOS Release 15.2(2)S, and
the BGP peerings to CEs and RR are all NSR enabled.
Workaround: Enable the bgp graceful-restart command for RR peering.
CSCua28910
Symptom: A VRF flap with IPv6 MTU configuration causes IPv6 table ID to be disabled and
packets to be dropped.
Conditions: This issue occurs when you configure IPv6 MTU 1280 under interface change interface
vrf.
Workaround: Remove IPv6 MTU 1280 or change MTU to another value.
CSCua29001
Symptoms: The ANCP truncated line rate is not seen on the standby router. Also, the policy
application differs from that of the active router.
Conditions: This symptom occurs whenthe ancp truncate value CLI is enabled, and port ups are
received on BRAS.
CSCua29095
Symptom: Spurious memory access is seen when booting the image on a Cisco 7600 router.
OL-26698-16
105
Conditions: This symptom occurs while booting the image.

CSCua30053
Symptom: Authentication fails for clients due to radius_send_pkt fails, because of low IOMEM
condition.
Conditions: In AAA, minimum IO memory must be 512KB to process a new request. If the memory
is less than this, AAA does not process the new Authentication request. This is AAA application
threshold. The application barriers are not valid in case of dynamic memory. As such conditions are
removed for NG3K platform.
CSCua32893
Symptom: Ucode and cpp_cp_svr crash is seen on the Cisco ASR 1002 Routers (standby) while
scaling to 0.5 million NAT64 translation.
Conditions: This symptom is observed with high scaling.
CSCua33788
Symptom: The router does not pass multicast traffic consistently; only some traffic is passed.
Conditions: This symptom occurs when you configure 255 EVCs spanning across different slots on
the router.
CSCua34428
Symptom: When a routed port is configured, the CC messages are not generated because the local
MEP is in I state instead of Y state for these messages. Hence RMEP is not learnt.
Conditions: Apply routed port and you will hit the issue.
Workaround: Perform a shut/no shut operation.
CSCua34638
Symptom: A crash is seen on RP2.
Conditions: This symptom is observed when the show platform software shell command package
command is executed. It impacts only the RP2 (x86_64_*) image.
CSCua35446
Symptom: Gigabit 0/5/0 interface is displayed in PRIME software.
Conditions: System being up.
CSCua36463
Symptom: IPv6 ACL Extensions for dest-option filtered IPv6 traffic that contain hop-by-hop
extension.
Conditions:
Tester---ASR1001---Tester
Platform: ASR1001
106
OL-26698-16
Software: IOS-XE3.4.3S.
CSCua36540
Symptom: It is possible for two or more FHRPs (HSRP, VRRP, or GLBP) to use the same IP address
as the virtual address for their group.
Conditions: This issue occurs when two or more FHRPs are configured on an interface and uses the
same IP address.
Workaround: Do not configure different FHRPs on the same interface.
CSCua37614
Symptom: The tunnel client endpoint and tunnel server endpoint (66/67) are missing from the
RADIUS Access-Accept messages.
Conditions: This issue is specific to LNS.
Workaround: There is no workaround other than changing the solution, which is not easy for
customer migrations.
CSCua38237
Symptom: Router generates PSNP packets with MD5 hash 0x0.
Conditions: This does not affect less than full size SNPs.
CSCua38597
Symptom: Private ASN is not removed from AS-PATH.
Conditions: BGP neighbor must be configured with remove-private-as. The outbound route map
must have the continue clause.
Workaround: Configure the route map without the continue clause.
CSCua38820
Symptom: Adding the match protocol attribute p2p-technology p2p-tech-no to a class map causes
the service policy to not work:
ASR1004(config)#class-map match-all http_attributes_class
ASR1004(config-cmap)#match protocol attribute p2p-technology p2p-tech-no.
Conditions: Do not use the p2p-tech attribute in class map.

CSCua40273
Symptom: A Cisco ASR 1000 Series Aggregation Services Router crashes when displaying MPLS
VPN MIB information.
Conditions: This issue occurs on the routers running software release 15.1(02)S software.
Workaround: Avoid changing the VRF while querying for MIB information.
CSCua40790
Symptom: Memory leaks are observed when SNMP polls the cbgpPeer2Entry MIB.
Conditions: This issue occurs when the BGP v4 neighbors are configured.
CSCua41398
OL-26698-16
107
Symptom: The SUP720 crashes.

Conditions: Occurs while issuing the sh clns interface.
CSCua41519
Symptom: The following error message is displayed after the write mem command is applied on
the active supervisor:
HA_CONFIG_SYNC-3-GENERAL
PFREDUN-3-STANDBY_OUT_OF_SYNC
Active and Standby are out of sync.
-Traceback= 42AE1044z 42F05BE0z 4083C860z 40842DA0z 42F11CA4z 40853BD0z 420DAFD4z
41C080C0z 41C080A4z.
After this the standby xx reloads.

Conditions: This occurs in a Cisco 7609 Router running Release 15.2(1)S of
CSCua41828
Symptom: The show ipv6 traffic counter command displays a larger number of sent neighbor
unreachables than those actually sent.
Conditions: This issue occurs when a packet has a link-local source address and whose destination
address is in a remote network is received by a Cisco ASR 1000 Series Aggregation Services Router.
CSCua43930
Symptom: The checksum value parsed from the GRE header is not getting populated causing the
GRE tunnel checksum test case to fail.
Conditions: The issue is seen on a Cisco ISR G2 Router.
CSCua44188
Symptom: The wildcard source IP address within the ISG control class map is not shown in the
running configuration although the actual class map works correctly in the configuration. If the
router is reloaded, the source address is not parsed from the startup configuration into the running
configuration.
Conditions: This issue occurs when the wildcard address "0.0.0.0 0.0.0.0" is used in configuration
as shown in the following configuration sample:
class-map type control match-any IP-Address-Ranges
match source-ip-address 0.0.0.0 0.0.0.0
This is parsed correctly but shows up in the running configuration as:

class-map type control match-any IP-Address-Ranges
match source-ip-address.
CSCua44483
Symptom: Mcast stops sending for all groups after all the flows have ceased due to timeout.
Conditions: This issue occurs during a normal operation, after the senders have stopped sending
and/or flows have timed out as normal.
108
OL-26698-16
Workaround: Disable and re-enable MCAST routing.
CSCua45114
Symptom: Default sessions will not get established when you apply VRF as a service to the default
policy. VRF can be applied to a default session only by assigning a VRF on the access interface.
However, in dedicated sessions, one cannot apply a VRF on the access interface and perform a VRF
transfer at the same time.
Conditions: This symptom is seen when the access side interface is in the default VRF. The VRF is
applied as a service to the default policy.
CSCua45278
Symptom: Routing table entries are displayed as static instead of connected on a Cisco 7600 Router
acting as a DHCP relay agent when ip dhcp route connected is configured.
Conditions: This is observed after a Supervisor failover occurs with DHCP clients.
CSCua45303
Symptom: Bogus cloned sessions after QFP memory is exhausted.
Conditions: In 128K lite sessions, clearing the default session may lead to QFP memory exhaustion.
When this happens, bogus cloned sessions are seen.
CSCua45690
Symptom: When OSPF NSR is configured, bulk synchronization fails with the following error
message:
%OSPFv3-STDBY-3-CHKPT_STBY_LSDB_INVALID CONDITION OSPF.
Workaround: Perform the following procedure:

a. Copy the <CmdBold>nsr<NoCmdBold> command into the original configuration
b. wait to configure <CmdBold>nsr<NoCmdBold> until the adjacencies have reached FULL state.
CSCua45122
Symptoms: Multicast even log preallocated memory space needs to be conserved on the low-end
platform.
Conditions: This symptom is observed in the multicast even log.
CSCua45548
Symptoms: The Cisco 2900 Series Integrated Services Routers, Cisco 1900 Series Integrated
Services Routers, and the Cisco 3945 Integrated Services Routers crash with show ip sla summary
on longevity testing.
Conditions: This symptom is observed in the Cisco 2900 Series Integrated Services Routers, Cisco
1900 Series Integrated Services Routers, and the Cisco 3945 Integrated Services Routers configured
with IPSLA operations. Routers that are idle for a day crash when the show ip sla summary
commandis issued.
CSCua47980
OL-26698-16
109
Symptom: The show run vrf command does not display any OSPFv3 configuration associated with
the specified VRF.
Conditions: This issue occurs when VRF and the OSPFv3 configuration are present in the running
configuration.
Workaround: Use the show run command to view the full configuration.
CSCua48243
Symptom: The Cisco ASR 1000 Series Aggregation Services Routers logs truncate the IPv6
addresses if the log keyword is used in a security ACL.
Conditions: This issue occurs when a security ACL having the log keyword is applied on an
interface.
Workaround: There is no workaround. ACL's functionality is not affected.
CSCua49389
Symptom: The IP SLA fails and the log displays the following message:
"IPSLA-OPER_TRACE:OPER:10 slaSize less, slaSize = 64, sizeof(slaJitterProbePakV3) =
92" .
Conditions: This issue occurs when the timestamp is enabled and the configured request size is
small.
Workaround: Configure the request data size to a large number and ensure that the minimum request
data size is 96.
CSCua49474
Symptom: Some TCP segments of a particular length may be forwarded with the wrong packet
payload if NAT configured.
Conditions: NAT configured packets are TCP segments of particular length.
Workaround: Configure the ip tcp adjust-mss to a value that is smaller than the current TCP flow.
CSCua50961
Symptom: Pseudowire redundancy cannot bring up the secondary pseudowire that is also configured
as the backup on the other side.
Conditions: No issues in activating pseudowires that are primary on the other side.
Workaround: Terminate the pseudowires on a different AC and make them as primary. There is no
workaround if you want to terminate the pseudowires on the same AC.
CSCua51775
Symptom: Adding the flow-based fair-queue command to the QoS policy map might cause
conditional priority fail to police the traffic when congestion condition happens.
Conditions: If the service policy has already been attached to the interface, adding the fair-queue
command to the policy map disables the congestion detection flag setting that is used by the
conditional priority traffic class, causing the traffic class to behave like a strict priority traffic class.
Workaround: Detach and reattach the same service policy to the interface when you add the
fair-queue command to the policy map attached to the interface.
CSCua52064
Symptom: LSMPI-4-INJECT_FEATURE_ESCAPE: Egress IPV6 packet delivered inject path.
Conditions: Traceback is seen when you disable ipv6 unicast-routing from the device that is
forwarding IPv6 unicast packets.
110
OL-26698-16
CSCua53381
Symptom: %CPPOSLIB-3-ERROR_NOTIFY: F1: cpp_cp and
%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F0: fman_fp_image: ess-lite-session TBs are
intermittently seen when the clear subscriber session all command is issued.
Conditions: The issue occurs when the EAPSIM, L3 Web Authentication, and Walkby sessions are
being established concurrently. The issue is reproducible in only one in a thousand sessions.
CSCua53742
Symptom: LCP echo requests are dropped during severe and constant congestion of an ATM PVC
configured as a PPPoE client.
Conditions: This has been observed on an 887 series router with the ATM interface configured as a
PPPoE client when causing constant, severe congestion with a traffic generator.
CSCua53917
Symptom: On a DualSup Cat4k system, the show redundancy config-sync failures prc command
consistently reports the following errors:
Router#show redundancy config-sync failures prc
PRC Failed Command List
-----------------------ip vrf Liin-vrf
! <submode> "vrf"
ip vrf mgmtVrf
! </submode> "vrf"
Conditions: This issue occurs when Cat4k is running Cisco IOS XE with dual supervisors.
CSCua54407
Symptom: ANCP line rate to some value 'X' for that PPP sub-interface. Then change it to 'Y'. 'X' is
not released.
Conditions: This issue occurs whenever ACNP rate changes.
CSCua54514
Symptom: Bqs queue output is different for FP10 and FP80.
Conditions: Output difference is seen while checking the show platform hard qfp ac fe qos queue
out all command output.
CSCua54689
Symptom: Router sends IP SLA path-jitter packets with a different source IP that is different from
the configured one.
CSCua55691
OL-26698-16
111
Symptom: A Cisco IOS memory leak is observed.

Conditions: This issue is observed when unconfiguring or reconfiguring BGP AD VFIs.
CSCua55752
Symptom: Unexpected set ip next-hop is applied on packets subjected to PBR. This happens only if
a similar next hop is tracked with multiple tracking objects.
Conditions: This issue occurs when PBR is applied on the incoming interface and verify-availability
is configured.
Workaround: Avoid configuring same next hop with multiple tracking objects.
CSCua55797
Symptom: When the show running or copy running-config startup-config commands are
executed, the privilege exec level 0 show glbp brief command causes the memory of ... to be
depleted. The configurations display the following message:
privilege exec level 0 show glbp GigabitEthernet0/0 brief brief brief brief brief
brief brief
privilege exec level 0 show glbp GigabitEthernet0/0 brief brief brief
brief brief brief
privilege exec level 0 show glbp GigabitEthernet0/0 brief brief
brief brief brief
brief brief
privilege exec level 0 show glbp GigabitEthernet0/0 brief brief brief
privilege exec
level 0 show glbp GigabitEthernet0/0 brief
privilege exec level 0 show glbp
privilege exec level 0 show.
Removing the configurations display the following message over and over until the Telnet session
is terminated:
priv_push : no memory available
If the configurations are saved and the device is reloaded, the device will not fully boot until the
configurations are bypassed.
Conditions: This issue occurs when you execute the privilege exec level 0 show glbp brief
command and saving the command.
Workaround: Reload the router before saving the configurations.
CSCua56209
Symptom: Pseudowires (PWs) are not enabled after an SSO.
Conditions: This is only a specific case where the primary pseudowire path is DN when the active
RP coming up, so the backup PW comes to UP state. Later when the primary path is available
pseudowire redundancy switchover happens the primary PW becomes UP. At this stage if the
Software Switchover happens the PWs on the newly active RP is DN.
Workaround: Run the clear xconnect all command to enable the PWs.
CSCua56802
Symptom: QoS does not work on one of the subinterfaces or EVC.
Conditions: This issue occurs when you configure the HQoS policy on more than one sub-interface
or EVC on ES.
Workaround: Remove and reapply SG.
CSCua58100
Symptom: The syslog displays the following traceback message:
112
OL-26698-16
Jun 20 10:05:23.961 edt: %SYS-2-NOTQ: unqueue didn't find 7F3D26BDCCD8 in queue

7F3CA5E4A240 -Process= RADIUS Proxy, ipl= 0, pid= 223 -Traceback=
1#e0ee0ce60492fdd11f0b03e0f09dc812 :400000 873623 :400000 2547652 :400000 20F9217
:400000 6C70C9C :400000 6C69C71 :400000 6C682BC :400000 6C68183 Conditions: Occurs
under the following
Conditions: Establish 36k EAPSIM sessions using a RADIUS client on server A, and then establish
36 k roaming sessions using a RADIUS client on server B. The roaming sessions have the same
caller station ID, but use a different IP address from that of the EAPSIM sessions.
CSCua58072
Symptom: On some Cisco ASR 1000 Series Aggregation Services Routers, IPv6 BGP next hop is
collected with misordered bytes, for example, a nonexisting IPv6 address is displayed for it.
CSCua58324
Symptom: Pending objects are generated after copying a PWLAN configuration with default
sessions to the running configuration.
Conditions: This issue occurs when a Cisco ASR 1000 Series Aggregation Services Router is
initiated with basic startup configuration. Copy the PWLAN configurations to the running
configurations.
CSCua58386
Symptom: The dispersion and delay values are printed wrongly.
Workaround: The dispersion and delay values are 64-bits values. Configure the ntp commands and
compare sh ntp association values with SNMP-GETBULK values.
CSCua59268
Symptom: When an ESP switchover occurs in an intrabox or interbox setup, the standby ESP gets
stuck and does not come up properly.
Conditions: The show redundancy application group <grp-number> command on the new
standby (previously active) shows the RF state as STANDBY COLD-BULK.
Workaround: Reload the standby.
CSCua60078
Symptom: Issue seen while unconfiguring virtual-template configurations.
Conditions: This symptom occurs when virtual-template configurations are removed.
CSCua61330
Symptom: Traffic loss is observed during switchover under the following scenarios:
BGP graceful restart is enabled
Next hop is learned by BGP
Conditions: It happens with cisco router loading with XE35 image

CSCua61394
Symptom: The addition and deletion of application route entry fails.
OL-26698-16
113
Conditions: This issue occurs when there is an addition and deletion of the same IP address and
gateway, but with a failure of different gateway topoids.
CSCua61760
Symptom: When fast reroute is configured, IS-IS inter-area prefixes do not have a repair path.
Conditions: This symptom does not occur under a specific condition.
CSCua61814
Symptoms: Overhead accounting configuration needs to be configured on both the parent and child
policies, rather than just the parent policy.
Conditions: This symptom is observed with overhead accounting.
CSCua62545
Symptom: After attaching an attribute map to a protocol, the same is not reflected at the Collector
when the FNF export of the options attribute is enabled.
Conditions: When the attribute map is configured and an attribute set is done to one or more
protocols.
Workaround: Force an NBAR restart with a reload, protocol pack load, and so on.
CSCua62550
Symptom: When the volume and/or time prepaid is applied on PPPoE PTA sessions through auto
service, the volume and/or time monitor is not applied on the session.
Conditions: This issue occurs when the prepaid auto service on the PPPoE PTA session is exhausted.
CSCua63182
Symptom: Incorrect minimum bandwidth is displayed when 0 kb bandwidth is received from a peer
of a different version of xx.
Conditions: Different behavior in ASR when minimum bandwidth of 0 kb is received from xx.
CSCua64358
Symptom: When an SVTI uses a loopback interface as tunnel source, the ping fails.
Conditions: When the tunnel source is the loopback interface, the default MTU setting is 1514, and
the ping through this SVTI tunnel is dropped at the corresponding peer box with an error message
report.
Workaround: Change the MTU setting to the physical interface such that the former is the same as
that on the loopback interface.
CSCua64676
Symptoms: MVPNv4 traffic does not flow properly from the remote PE to the UUT.
Conditions: This symptom is seen in Agilent traffic on and after the removal/addition of MDT
configurations for the MVRFs configured on the UUT.
114
OL-26698-16
CSCua65067
Symptom: Apply control policy to identify RP session using unauthorized user name. The policy is
applied to both the DHCP and RP sessions.
Conditions: This issue occurs when the same control policy is used for DHCP sessions.
Workaround: Create a separate policy for the DHCP sessios and the RP sessions.
CSCua66308
Symptom: Classification- related error messages and tracebacks are seen on the CLI console, and
the configuration is not downloaded to the data path.
Conditions: This symptom is observed in large configurations with multiple deny statements.
Workaround: Observe caution when using deny statements in a configuration.
CSCua66386
Symptom: The Cisco ASR 1000 Series Aggregation Services Router do not send an ICMPv6
Unreachable Code One message to a sender when the packets are discarded by an ACL.
Condition: This issue occurs when you use a Cisco ASR 1000 Series Aggregation Services Router
as LNS and deny the packets by an ACL in the virtual template interface.
CSCua66795
Symptom: A neighbor may not inherit the configuration of a peer group.
Conditions: When a neighbor has the same configuration before it joins a peer group that is not
configured, then it applies only to the session configuration, for example, the configuration does not
apply to AF configuration.
Workaround: Reapply the configuration to the peer group. If it does not work, configure the peer
group to a different value, and then configure the peer group to its original value. After this,
unconfigure the neighbor, and then reconfigure the neighbor.
CSCua66870
Symptom: When changing the RPF neighbor (S,G) in the PIM-dense mode, OIF on (*,G) is pruned
unexpectedly.
Condition: This issue occurs when you use PIM-dense mode.
CSCua67998
Symptoms: The system crashes.
Conditions: This symptom occurs after you add or remove a policy map to a scaled GRE tunnel
configuration.
CSCua68211
Symptom: Subclassification of the HTTP traffic (for example, by host, URL, and so on) will
sometimes not work on the first transaction of the HTTP flow and will only match in the second
request.
Conditions: This symptom is observed when all the protocols or specific protocols on top of HTTP
are enabled, for example, sharepoint, audio-over-HTTP, video-over-HTTP, Windows Azure, Oracle
EB-Suite Unsecured, BitTorrent and so on.
OL-26698-16
115
Workaround: If you are using subclassification on HTTP, avoid using protocol discovery, FNF, or
specifically enabling other protocols that run over HTTP.
CSCua68825
Symptom: A Cisco ASR 1000 Series Aggregation Services Router that is configured as LISP xTR
might generate large ICMP messages with wrong source address.
Conditions: When the data packets are encapsulated by LISP xTR, and the encapsulated packet is
greater than the egress MTU, a Cisco ASR 1000 Series Aggregation Services Router generate an
ICMP reply with the wrong source address.
CSCua69242
Symptom: In the show bgp mvpn command output, the Route Distinguisher Value may be
truncated.
Conditions: This issue occurs in the show bgp ipv4 mvpn and show ip bgp ipv6 mvpn commands.
CSCua69657
Symptoms: Traceback is seen when executing the show clock detail command.
Conditions: This symptom is seen when executing the show clock detail command with Cisco IOS
interim Release 15.3(0.4)T image.
CSCua69725
Symptom: Pending objects and traffic loss is observed on cell packed interfaces.
Conditions: This issue occurs when the xxx Router is reload.
CSCua70307
Symptom: When the volume-based lifetime expires, the IPsec session goes down for a few seconds
during rekey.
Conditions: This issue occurs when the user configuration volume-based IPSec lifetime is larger
than 100 GB.
Workaround: Use the default lifetime of 4 GB or any value lesser than100 GB, or disable the
volume-based lifetime.
CSCua70534
Symptom: Two IS-IS adjacency entries are created with the same SNPA (MAC) address.
Conditions: Switching the IS-IS process on an existing adjacency interface or misconfiguration
could cause two adjacency entries with the same SNPA to be created.
CSCua70593
Symptom: Shape rate is not enough to allocate the child policy's bandwidth.
Conditions: Shape rate is not enough to allocate the child policy's bandwidth when the router is
loaded with the Cisco IOS 15.3(0.4)T image.
CSCua70906
116
OL-26698-16
Symptom: NATs performance is suboptimal when it is run on ESP100.

Conditions: This issue occurs when you run ESP100 on Cisco IOS XE Release 3.7.0. NAT is not
supported on ESP100 that runs on Cisco IOS XE Release 3.7.0.
Workaround: Upgrade to Cisco IOS XE Release 3.7.1 or later.
CSCua71785
Symptom: CE2-to-CE1 ping fails after the primary pseudowire is removed and readded with a
different VCID.
Conditions: This happens only if the primary pseudowire is removed from the configuration before
the switchover occurs. The ping fails because of traffic black-holing, but is restored back after 300
seconds.
Workaround: Perform a redundancy switchover to back up the pseudowire before removing the
primary pseudowire from the configuration. Also, traffic is automatically restored after 300 seconds.
CSCua72048
Symptom: The ESP reloads with a traceback.
Conditions: This symptom is observed when ipv6 vfr max-fragmentation in/out is configured at
no-default value.
CSCua74816
Symptom: Site of Origin (SoO) extended community attributes are seen unexpectedly with the
update.
Conditions: The SoO set statement is set on an outbound route map with a continue clause leading
to that route-map clause.
Workaround: The SoO set statement should not be used on an outbound route map. You should
remove it.
CSCua77720
Symptom: cpp_svr restart seen on oer border on tunnel flap (external interface) or config replace.
Conditions: PfR external i/f flapping or MC/BR session flapping.
CSCua77855
Symptom: Traceback is seen when you unconfigure a router EIGRP.
Conditions: This is not seen consistently. This behavior varies on different platforms.
CSCua78318
Symptom: MLPPP fragmentation is not enabled on an MLPPP bundle unless the PPP Multilink
Interleave is enabled. This problem does not exist when the PPP Multilink Interleave is enabled.
Conditions: This issue affects only MLPPP over Serial and does not affect Broadband MLPPP,
which does not support MLPPP fragmentation on Cisco ASR 1000 Series Aggregation Services
Routers. This problem occurs in Cisco IOS Release 15.1(3)S4 and it was addressed in later releases.
Workaround: Enable PPP Multilink Interleave on the multilink interface.
CSCua78779
OL-26698-16
117
Symptom: Traceback is seen when the router ospf <pid> configuration is removed from the router.
The router displays this error message:
Jun 27 07:07:45.723 UTC: %SYS-2-CHUNKSIBLINGS: Attempted to destroy > chunk with
siblings, chunk 549990FC. -Process= "Virtual Exec", ipl= 0, > pid= 528*.
Sometimes, this leads to memory leak when you issue the no router ospf command.
Conditions: This issue occurs when you delete the router process when the SPF algorithm is running.
CSCua79088
Symptom: An ESP 80 crash is observed after the Carrier Card is reloaded.
Conditions: Scaled setup of 7K Xconnects, 3K VPLS, and 4K L2TPV3 circuits.
CSCua79516
Symptom: SYN packets that are meant to establish FTP data connections are sporadically dropped
at the Cisco ASR 1000 Series Aggrrgation Services Routers.
the active mode FTP.
When you use the PAT.
Workaround 1: Use the passive mode FTP.

Workaround 2: Use the static NAT or dynamic NAT configuration.
CSCua78468
Symptom: Under a heavy load, L4F may not forward packets to the scan-safe process. Unit may
crash while trying to remove scan safe off the interface.
Conditions: This issue was first identified on a Cisco ISR running the 15.2.4 image.
CSCua78555
Symptom: Custom protocols does not retain attributes assigned to them using the attribute map after
loading the protocol pack. It shows unassigned or other (which is the default for custom protocols).
Conditions: This symptom is observed when the attributes of the custom protocol are changed using
the attribute map and any other protocol pack is loaded.
Workaround: Reconfigure the attributes for the custom protocols after loading the protocol pack.
CSCua80204
Symptom: The EoMPLS remote port shutdown feature does not work.
Conditions: This symptom is observed if XConnect and a service instance are configured under the
same interface.
CSCua80643
Symptom: The source address of the NTP packet does not change when the routing path changes.
The old address is used as the source address.
Conditions: The issue occurs in Cisco IOS Release 15.2(3)T.
118
OL-26698-16
Workaround: Appoint an NTP source or reconfigure the NTP configurations to change the source IP
address. However, even if you use the older source IP address as the source IP address, the packets
are forwarded based on the RIB table.
CSCua80659
Symptom: In the latest mcp_dev image, policy map counters do not get updated for user-defined
policies.
The following show commands display a failed example:
Router# sh policy-map
Policy Map police-1
Class prec2
484375
conform-action transmit
bandwidth 12 (%)
police cir 15500000 bc
exceed-action drop
Routera# sh class-map
Class Map match-any class-default (id 0)
(id 1)
Match access-group
2002
Match any
Class Map match-all prec2
Router# sh policy-map int

POS8/1/0
Service-policy output: police-1
Counters last updated 00:00:05 ago
Class-map: prec2 (match-all)
9565877 packets, 2429732758 bytes
30 second
offered rate 46539000 bps, drop rate 31055000 bps
Match: access-group 2002
Queueing
queue limit 4650 packets
(queue depth/total drops/no-buffer
drops) 2/0/0
(pkts output/bytes output) 3169279/804996866
bandwidth 12%
(18600 kbps)
police:
cir 15500000 bps, bc 484375 bytes
conformed 3184546 packets, 808874684 bytes; actions:
transmit
exceeded 6381333 packets, 1620858582 bytes; actions:
drop
conformed
0000 bps, exceeded 0000 bps
----------------> Not updated
28697682 packets, 7289203046 bytes
30 second offered rate 139618000 bps, drop rate 6992000 bps
Match: any
queue limit 34100 packets
(queue depth/total drops/no-buffer drops)
34095/1438900/0
(pkts output/bytes output) 27087593/6880240440 RHA_76a#
Conditions: This issue occurs in the conformed and exceeded rates counter, and can be seen after
sending the traffic under a customer-defined policy.
CSCua80784
Symptom: The number of IP SLAs configurable analysis returns 0.
Conditions: This issue is seen on devices having free memory of more than 2 GB.
Workaround: Decrease the IP SLA low-memory value to increase the threshold value.
CSCua81021
Symptom: ART is accepts the next hop that belongs to its own router.
CSCua81445
Symptom: Authenticated status and list of active services are not returned as a part of the COA
account-profile-status-query response for the lite session.
Conditions: This issue occurs whenever COA account query is performed for the lite session.
CSCua82440
OL-26698-16
119
Symptom: Records are not exporting out.

Conditions: This symptom is observed after a reload.
Workaround: Change the exporter protocol to V9.
CSCua83073
Symptom: The Cisco ASR 1006 Router crashes while running the
asr1000rp2-advipservicesk9.03.05.01 .S.152-1.S1.bin image.
Conditions: This issue occurs only when the RADIUS server receives an invalid attribute from the
UID database.
Workaround: Check the RADIUS attribute retrieved from the UID database. If it is invalid, stop the
execution and continue with the uid database operation for the valid radius attribute.
CSCua83458
Symptom: Static analysis warnings are seen.
Conditions: These warnings are observed while publishing REL-11 to the dsgs branch.
CSCua84147
Symptom: Router crashes during sh run | format CLI execution.
Conditions: This crash is seen only during sh run | format execution. All other CLI executions are
fine.
Workaround: Avoid executing sh run | format. Instead, execute sh run.
CSCua84879
Symptom: A crash occurs in slaVideoOperationPrint_ios.
Conditions: This symptom is observed when the IPSLA video operations are configured andthe
show running-config command is issued.
CSCua84923
Symptom: Following a misconfiguration on a two-level hierarchical policy with a user-defined
queue limit on a child policy, the UUT fails to attach the QoS policy on the interface even when the
correct queuing features are used.
The issue must have a user-defined queue limit defined.
This error recovery defected is confirmed as a side effect of the C3PL CnH component project
due to ppcp/cce infrastructure enhancement.

CSCua84989
Symptom: Smart Call Home within a VRF is unable to send HTTP requests. The following message
is displayed:
%CALL_HOME-3-HTTP_REQUEST_FAILED: failed to send HTTP request to:
https://tools.cisco.com/its/service/oddce/services/DDCEService (ERR 123 : Host name
resolution failed).
Conditions: This issue occurs when the Call-Home is configured with a VRF.
120
OL-26698-16
Workaround: Configure a host entry for tools.cisco.com (use dig or nslookup to confirm the IP
address <ip host tools.cisco.com n.n.n.n>).
CSCua85092
Symptom: RTCP cannot be terminated from the endpoint.
Conditions: This issue occurs when you configure rtcp-regenerate on the SBC and establish a call
between the callers. Use PCMA on both sides and do not trigger transcoding. Transcoding is
triggered when a caller sends the reinvite and changes the codec to PCMU.
CSCua85116
Symptom: Under certain conditions, an ESP may reload and an ESP forced switchover may occur.
Conditions: This occurs on ESP20 and RP2 with 200 branches, and two BRs each with two exits,
and with delay flap on over one of ISP link.
CSCua85239
Symptom: Flapping BGP sessions are seen if large BGP update messages are sent out and BGP
packets are fragmented because midpoint routers have the smaller MTU or IP MTU configured.
Conditions: This symptom is observed between two BGP peers with matching MD5 passwords
configured, and can be triggered by the following conditions:
If the midpoint path has an MTU or IP MTU setting that is smaller than the outgoing interface
on BGP routers, it will force the BGP router to fragment the BGP packet while sending packets
through the outgoing interface.
Peering down and the MD5 error do not always occur. They occur only once or twice within 10
tests.
CSCua85934
Symptom: A session provisioning failure is seen in the ISG-SCE interface. The deactivate or
disconnect request has the message authenticator wrongly calculated.
Conditions: This symptom is observed in the ISG-SCE interface.
CSCua86310
Symptom: When relay is configured with an unnumbered interface, it appears, the packet is sent out
of the loopback interface (instead of the serial interface) to the server, which does not receive the
packet.
Conditions: The issue occurs only when an unnumbered loopback address is used on the relay
interface that connects to the server. If an IPv6 address is used directly on the interface, it works fine.
CSCua87896
Symptom: QFP exmem is exhausted in the standby FP.
Conditions: This condition is observed when TCP is used for SIP signalling.
CSCua87944
OL-26698-16
121
Symptom: In an IPv6 snooping policy, the keyword prefix-list has no effect on the control packet.
The keyword only affects binding table recovery. In an ipv6 nd raguard policy, the
limited-broadcast keyword appears although it is deprecated. It should be hidden and is always on.
Conditions: These symptoms are observed in an IPv6 snooping policy and IPv6 and RA guard
policy.
CSCua88412
Symptom: The DNS queries through the Cisco ASR 1000 Series Aggregation Services Router, NAT
sessions are not resolved even though the no ip nat service dns-reset-ttl command is configured.
Conditions: This issue occurs if the Cisco ASR 1000 Series Aggregation Services Router
configuration includes the no ip nat service dns-reset-ttl command.
Workaround: Remove and add the no ip nat service dns-reset-ttl command configuration.
Alteratively, if the target platform supports it, reload the ESPs.
CSCua90577
Symptom: VRF-aware IP SLAs with ICMP probes fail.
Conditions: The Cisco ASR 1000 PE Router is configured to send ICMP ping probes to a certain
MPLS VPN destination. The ping is received back from the destination, but IP-SLA shows
continuous failures. Manual ping via CLI fails as well.
Workaround: Shut/unshut the ICMP source interface (loopback) or unconfigure and reconfigure the
VRF on the loopback interface. However, if the router is reloaded, the issue reappears.
CSCua91147
Symptom: ESP 80 crash is observed.
Conditions: The issue occurs in scaled configurations (7K XConnects, 3K VPLS, 4K L2TPV3
circuits) with FP switchover followed by RP SSO.
CSCua91104
Symptom: The IS-IS adjacency process shows traceback messaging related to the managed timer.
Conditions: While configuring ISIS network point-to-point on the LAN interface with ISIS BFD or
ISIS IPv6 BFD enabled, traceback does not always ocur; it depends on timing.
Workaround: Disable ISIS BFD or ISIS IPv6 BFD before issuing isis network point-to-point
command. Restore ISIS BFD or ISIS IPv6 BFD configuration on LAN interface.
CSCua91729
Symptom: BGP assert-enabled images show asserts pointing to bgp_afi2priv_topoid. However, the
released images do not have asserts enabled, so these are not seen on the released images.
Conditions: The topoid access API used to fetch the topoid of IPv6 multicast in BGP needs to be
changed. Because the existing API in the code does not use the correct API, the asserts are raised in
this DDTS.
Workaround: There is no workaround. The code should fetch the correct topoid for IPv6 multicast
for the VRF.
CSCua91995
Symptom: IPv6 IPsec sessions may come up slowly (1 TP per 10 seconds).
Conditions: This issue occurs when the IPv6 addresses are identical in the first few bytes.
122
OL-26698-16
CSCua92557
Symptom: The active FTP data channel sourced from the outside may not work as expected. Other
protocol inspections that expect a pinhole or door for connections initiated from the outside may be
affected as well.
Conditions: This symptom was first identified on Cisco ASR 1000 Series Aggregation Services
Routers running Cisco IOS Release 15.1(3)S3 with VASI VRF PAT FW. This issue is seen when the
FTP client is on the inside and the active FTP server is on the outside.
Workaround: Static NAT will work.
CSCua92741
Symptom: The allow list prevents the remote neighbors from coming up.
Conditions: This issue occurs when the remote neighbors are configured with a 32-bit IP address.
CSCua93001
Symptom: The auto-RP group is not enabled automatically.
Conditions: The router reboots and starts with the existing configurations.
Workaround: Manually re-enable ip pim autorp.
CSCua93136
Symptoms: The switch crashes.
Conditions: This symptom occurs while sending a DHCPv6 packet with ipv6 snooping configured
on VLAN configurations.
CSCua93149
Symptom: Platform kernel messages are displayed on the console.
Conditions: This occurs when you configure the network-clock synchronization on a Cisco ASR
1002-X platform.
CSCua93635
Symptom: The xxx router crashes while testing the MPLS-TE features.
CSCua94117
Symptom: 1:1 inside local to inside global behavior may be validated.
Conditions: This symptom is observed under rare timing conditions on Cisco ASR NAT when using
the route map (without overload) configuration.
CSCua94563
Symptom: The traceroute may return * * * instead of host.
Conditions: This occurs when you move from IPv4 to IPv6 through NAT64 stateful on a Cisco
ASR1000 Series Aggregation Services Router.
OL-26698-16
123
CSCua94947
Symptom: The RP crashes when downloading the FreeRADIUS Framed-IPv6-Route during MLPPP
sessions.
Conditions: This issue occurs when downloading the FreeRADIUS Framed-IPv6-Route during
MLPPP sessions.
CSCua95523
Symptom: The Cisco ASR1000 Series Aggregation Services Router FP crashes with coredump,
causing all the VPN tunnels to halt and possibly renegotiate.
Conditions: This issue is found to affect DMVPN with IKEv2 setup in a 120-spoke router.
CSCua96209
Symptom: Fragments get dropped.
Conditions: This issue occurs when the fragmented traffic is in CGN mode.
CSCua96354
Symptom: A reload may occur when issuing the show oer and show pfr commands.
Conditions: This symptom is observed when you issue the following commands:
show oer master traffic-class performance
show pfr master traffic-class performance
CSCua96958
Symptom: In a rarely used configuration of PIC in a confederation, the CEF points the adjacency of
the prefix via the repair path instead of an active best path in BGP and RIB.
Conditions: This occurs when the BGP flags the best path (incorrectly) and repair path (correctly)
with recursive-via-connected, even though only the repair path has the gateway that is directly
connected to the confederation peer.
Workaround: Make sure the gateway for the received best path is also directly connected to the CEF
to choose the correct outgoing interface. This can be done by setting the next-hop-self feature on the
confederation peer from where the best path is received.
CSCua97282
Symptom: Router crashes.
Conditions: No IP routing occurs when router ISIS is running.
Workaround: Enter the no ip router isis command before issuing the no ip routinger command to
perform IP routing after unconfiguring IS-IS IP.
CSCua97509
Symptom: An ESP100 crash is observed.
Conditions: This issue occurs because of high-scale configurations of VPLS and L2VPN with the
traffic. When the ESP switchover is followed by RP SSO, the ESP crashes.
124
OL-26698-16
CSCua99060
Symptom: FR back to back.
Conditions: Reload the box.
Workaround: shut/no shut the FR interface.
CSCua99409
Symptom: ESP reload with an FMAN-FP error.
Conditions: This issue occurs when you configure the crypto map from the interface when there is
a double ACL in the crypto map.
CSCua99969
Symptom: The IPv6 PIM null register is not sent in a VRF context.
Conditions: This issue occurs in a VRF context.
CSCub00134
Symptom: The CPP CP server messages are seen on the CP server logs.
Conditions: This issue occurs when you check the CP server logs under normal conditions.
Workaround: This is no workaround.
CSCub00822
Symptom: Continuous output of the show sbc call-stats all current15mins command.
Conditions: Adjacencies are more in numbers with running calls.
CSCub01494
Symptom: AD is not updated to the configured value in the router installed by a client.
Conditions: When the ip route 0.0.0.0 0.0.0.0 dhcp 5 is configured, AD is not updated to 5.
CSCub01816
Symptom: The ESP or CPP of a Cisco ASR 1000 Series Aggregation Services Router crashes with
the PfR.
Conditions: This issue occurs when there are many learn lists.
CSCub02743
Symptom: The lfd_install_local_label_for_key: installation fails on a standby RP.
Conditions: This issue occurs when you remove the MCPT timer or flap the ATM cell-packed
interface.
CSCub04112
Symptom: The router may lose OSPF routes pointing to the reconfigured OSPF interface.
OL-26698-16
125
Conditions: This symptom occurs after a quick removal and readdition of the interface IP address
by script or copy and paste.
Delay entering the commands while removing or adding the IP address. The delay should be
longer than the wait interval for LSA origination; by default, it is 500 ms.
Enter the clear ip route * command to refresh the routing table.
CSCub04345
Symptom: The Cisco ASR-1002-X Router freezes after four hours in a scaled path jitter SLA probe
configuration.
Conditions: This issue is observed with scaled path jitter SLA probe configuration.
CSCub04740
Symptom: The Cisco ASR 1000 Series Aggregation Services Router displays the following error
message and traceback:
SEMAHOG & BADHWUNLOCK.
Conditions: This problem occurs when you attach the input marking policy and egress queuing
policy to the VP.
CSCub05559
Symptom: On 1RU, the bootflash (eUSB) gets disconnected rarely after booting the system. As a
result, the system reboots, but cannot stay up without eUSB storage.
Conditions: This issue occurs randomly, and there is no specific pattern that can be mentioned.
CSCub05643
Symptom: When you change the interface name in the aaa group server radius rad123 ip radius
source-interface <interface name> command, the changes do not take effect on the source interface
of the RADIUS packet.
Conditions: When the configured RADIUS source interface is changed, the new interface does not
take effect immediately.
Workaround: Reload the router, unconfigure the router, and then reconfigure the server group.
CSCub06131
Symptoms: The IPSLA sender box is reloaded with the following message:
SYS-6-STACKLOW: Stack for process IP SLAs XOS Event Processor running low, 0/6000
Conditions: This issue is observed in the IPSLA sender box.

CSCub06859
Symptom: OSPFv2 NSR on quad-sup VSS does not work. The router stops sending hello packets
after switchover.
Conditions: This issue is observed on quad-sup VSS with OSPFv2 NSR.
Workaround: Clear the IP OSPF process after NSR switchover.
CSCub07430
126
OL-26698-16
Symptom: ICMP Echo reply with the wrong src IP address from the Cisco ASR 1000 router.
Conditions: The issue occurs when the MPLS Multi-VRF Selection is configured with PBR.
CSCub07679
Symptom: The router may crash or generate datapath trace-back.
Conditions: This symptom is observed when one of the following conditions is met:
MMON is enabled.
The NBAR is enabled and configured to look into IPv6 tunnels, using one or both the following
CLI commands:
a. ip nbar classification tunneled-traffic ipv6inip
b. ip nbar classification tunneled-traffic teredo
Workaround: Perform the following steps for the conditions described previously:
Disable media monitoring.
Disable NBAR classification of tunneled trafficby using the # no ip nbar classification
tunneled-traffic ipv6inip command and the # no ip nbar classification tunneled-traffic

teredo command respectively.
CSCub07695
Symptom: The VRRP IP address owner scenario can be triggered by matching a vIP with the IP of
a different physical interface.
Conditions: This issue occurs when the VRRP is incorrectly configured to have a primary vIP that
is equal to another interface's physical IP address.
Workaround: Configure the VRRP to have a vIP within the same subnet of the interface on which it
is present.
CSCub07855
Symptom: A VRF error message is displayed in the router.
Conditions: This symptom occurs during router bootup.
CSCub08714
Symptom: Poor performance is seen for multicast on Cisco ASR 1000 Series Aggregation Services
Routers over DMVPN.
Conditions: This symptom occurs under both the following conditions:
Multicast packets should come in via tunnel interface (not a physical interface).
The negate signaling (NS) flag has to be set on one of the interfaces in the MFIB (S,G) entry.
If both these conditions are met, the packet is punted to the control plane and forwarded in
software in addition to the hardware forwarding, thus causing duplicates. Note that the NS punts
are periodic/throttled, and not all multicast packets are punted because of NS. Thus, the
duplication is intermittent/periodic.
CSCub09124
Symptom: The MDT tunnel goes down.
OL-26698-16
127
Conditions: This symptom is seen in MVPN. If the ip multicast boundary command on the
noncurrent RPF interface blocks the MDT group, it may cause MDT tunnel failure.
Workaround: Adding the static join command in the PE loopback interface may help you work
around the problem temporarily.
CSCub10102
Symptom: The PCMCIA flash card formatting error occurs on the Cisco UBR7200-NPE-G1.
Conditions: This issue occurs after swapping different characteristics, such as size, clusters, or
sectors, of the compact flash card on Cisco UBR7200-NPE-G1.
Workaround: Reload Cisco UBR7200-NPE-G1.
CSCub10951
Symptom: At RR, for an inter-cluster BE case, there are missing updates.
1.
The following configuration exists at all RRs that are fully meshed:
bgp additional-paths select best-external

nei x advertise best-external
2.
For example, RR5 is the UUT. At UUT, there is,
Overall best path via RR1.

Best-external (best-internal) path via PE6 (client of RR5): for example, the path is called
"ic_path_rr5".
Initially, RR5 advertises "ic_path_rr5" to its nonclient iBGP peers, that is, RR1 and RR3.
3.
At PE6, unconfigure the route so that RR5 no longer has any inter-cluster BE path. RR5 sends
the withdrawals to RR1 and RR3 correctly.
4.
At PE6, reconfigure the route so that RR5 will have "ic_path_rr5" as its "best-external (internal)
path." At this point, even though the BGP table at RR5 gets updated correctly, it does not send
the updates to RR1 and RR3. They never relearn the route.
Workaround: Hard/soft clear.
CSCub12361
Symptom: When a neighbor that is not created is configured to an existing peer group, a memory
leak of 1 KB is triggered along with the following error message:
Members of peer-group must use the same transport.
Each time a similar command is entered, a new memory leak of the same size occurs. Therefore, this
issue is not surface-impacting.
Conditions: This issue occurs when you execute the neighbor <ip-address> peer-group
<peer-group name> command in the router configuration mode, where the peer group name is valid
and configured. However, the neighbor is not created. For example, create a peer group neighbor rrc
peer-group and add an IPv4 neighbor to the peer group. When you configure the peer group to IPv4
nei 51.3.3.2 peer-group rrc and add an IPv6 neighbor to the same peer group to trigger a transport
error nei 5133::2 peer-group rrc Error, members of the peer group must all use the same transport.
Check for memory leak do show mem deb leak. This will produce an entry for a newly generated
memory leak.
Workaround: Avoid misconfigurations since the effect of .. is a localized memory leak.
CSCub13697
128
OL-26698-16
Symptom: The embedded IP addresses in the SIP packets may not get translated as expected.
Conditions: This was first identified on a Cisco ASR 1000 Series Aggregation Services Router
running the Cisco IOS 15.1(3)S3 image. The softswitch inside ... was configured with static PAT for
TCP and UDP port 5060 to a mapped IP address, A. The same softswitch on the inside of ... was
configured with bridged media, and the Cisco ASR 1000 Series Aggregation Services Router was
configured with dynamic PAT overload to a mapped address, B. Also, the inbound and outbound
connections were configured to use different mapped IP addresses.
Workaround: Use the static 1-1 NAT for the softswitch on the inside of ....
CSCub13983
Symptom: There are two calls to mcp-sysinit.
Conditions: This is seen frequently.
CSCub14299
Symptom: The router reloads when no mediatrace initiator is issued.
Conditions: This issue occurs when traceroute is enabled for a mediatrace session.
Workaround: Disable traceroute under each configured mediatrace session.
CSCub15542
Symptom: The IOSD restarts.
Conditions: This issue occurs when configuring MPLS LSP trace.
CSCub16403
Symptom: Timestamps are displayed as per the local wall clock time.
Conditions: This problem occurs when the show flow monitor MON cache command is issued on
the Cisco ASR 1000 Series Aggregation Services Routers running the Flexible Netflow feature.
CSCub16463
Symptom: The bandwidth remaining ratio command does not accept atm keyword for an ATM
cell tax compensation.
Conditions: This issue occurs during the basic command-line configuration.
Workaround: Use the bandwidth remaining percent configuration instead of bandwidth remaining
ratio.
CSCub17584
Symptom: IOSD crashes are seen in Cisco ASR 1000 Series Aggregation Services Router MVPN
sessions. When the sessions are cleared, all the IGMP joins are released, and the sessions are
brought up. When about 400 to 500 IGMP join, a crash occurs.
Conditions: A crash is observed when clearing the ASR 1000 Series Aggregation Services Router
MVPN sessions on LAC using the clear pppoe all command.
CSCub17585
Symptom: The system crashes and reboots with AVC1.0.
OL-26698-16
129
Conditions: FNF collecting HTTP fields such as host, with AVC1.0. The crash occurs infrequently
in context with MSN traffic.
Workaround: Removing the HTTP fields from the FNF records will eliminate the problem.
CSCub17852
Symptom: Improper accounting attributes are received as part of the COA account query response
for lite session.
Conditions: This issue occurs whenever COA account query is performed for a lite session.
CSCub17985
Symptom: A memory leak is seen when IPv6 routes are applied on the per-user sessions.
Conditions: This symptom is seen if IPv6 routes are downloaded as part of a subscriber profile. On
applying these routes to the sessions, a memory leak is observed.
CSCub18236
Symptom: The ES, ES20, and SIP-200 line cards crash when no shutdown command is executed in
the tunnel interface.
Conditions: This issue occurs when you attach to the line card and execute the shut and no
shutdown commands on the tunnel interface.
Workaround: Execute the no shutdown command only for the tunnel from the RP.
CSCub18243
Symptom: When the traffic is matched with the last statement of an ACL, the performance of the
IPv6 traffic is impacted more than that of the IPv4 traffic.
Conditions: This issue occurs when an ACL with more than 20 entries and high traffic rate, hits one
of the last statements of the ACL.
CSCub18741
Symptom: Fragmented SIP packets may get dropped due to FirewallInvalidZone.
Conditions: NAT and Firewall configured in VASI interface, SIP payload needs to be translated and
the length of translated ip address is different from the prenat address or PAT is configured.
CSCub18786
Symptom: When the Feature Navigator for the Cisco ASR1001 Router is run for universalk9_npe
image and adventerprise image, the same features, that is, they should be in sync and no extra
features should be displayed.
Conditions: It is a day 1 issue, and consistently reproducible.
CSCub19921
130
OL-26698-16
Symptom: Route flaps may occur after a switchover when a router is configured to use ISIS IETF
NSF. The route timestamp is refreshed in the show ip route command output. Packet traffic may
also be dropped as a result of the switchover. Occurs with point-to-point interface or on a LAN
configured as point-to-point.
Conditions: Configure ISIS NSF IETF and the point-to-point interface.
CSCub20516
Symptom: The section output modifier does not work correctly for a specific sequence of commands
when the parser command serializer is enabled.
Conditions: This issue occurs when you use the hardware and configuration similar to that of NTT.
Invoking the show policy-map control-plane section CoPP_PPPoE will produce the preconditions
that are necessary to affect the subsequent invocation of show interfaces Port-channel1
Etherchannel | section IDBs. This produces incorrect output during the execution.
Workaround: Repeat the failed command twice.
CSCub20803
Symptom: The EIGRP delay value cannot be calculated correctly.
Condition: This issue occurs when the nonwide metric router receives prefix from the widemetric
router.
Workaround: Use the widemetric routers for both the receiver and the sender.
CSCub21340
Symptom: A segmentation fault occurs and the router reloads continuously.
Conditions: The issue occurs when the router is reloaded with CFM over an XConnect scale
configuration.
CSCub23298
Symptom: The multicast traffic over a PVC bundle always go to prec 0 pvc.
Conditions: Multicast over PVC bundle is configured.
CSCub24410
Symptom: In a scaled OTV setup (with 50 overlays and 2000 EFP configurations), when one ED
fails in a multihomed site, the remote ED has two next hops in MLRIB for the same MAC address.
Conditions: This issue occurs when you have a multihomed setup in one site and one ED in another
site, configure 50 overlays with 40 EFPs per overlay, send end-to-end traffic, and bring down one
ED in the multihomed site. The third ED will have MAC addresses with two next hops in the MLRIB
in some BDs.
CSCub25280
Symptom: The same inside global address is assigned to multiple inside local addresses in the
dynamic route map configuration and ALG traffic.
Conditions: This issue occurs in the ALG traffic dynamic route map configuration.
Workaround: Use static or dynamic NAT configuration without route maps.
OL-26698-16
131
CSCub25362
Symptom: A crash occurs when reloading a Cisco ASR 1000 Series Aggregation Services Router
RP2 with multicast configuration.
Conditions: This symptom is observed on rp2 XE3.8 mcp-dev nightly image when you reload the
router with the attached configuration.
CSCub25419
Symptom: A Cisco ASR1000 Series Aggregation Services Router ESP may crash at
pfr_tt_ll_resp_cb when you introduce delay and flapping for TC. That is, clear pfr master border
* on MC.
Conditions: Running PfR DMVPN setup with scaled number of branches, and clear pfr master
border * on MC.
Workaround: No PfR session flapping.
CSCub26079
Symptom: Service policies are not applied on the ATM interface.
Conditions: This issue occurs in the following scenarios:
The client is configured with PPP CHAP hostname peer.
A PPPoA session is established and policies 7up, and sprite are installed on the interface of
UUT.
PPP CHAP hostname rate is configured on the client later.
The time policies are downloaded from RADIUS that have not replaced with the previous
policies 7up and sprite values.

CSCub26441
Symptom: A Cisco ASR1000 Series Aggregation Services Router with ESP100 crashes if the
out-of-range queue ID QID is included while issuing mcp_bb_99#sho plat hard qfp act inf bqs
sch qid <qid> command. As a result, ESP100 will dump a core and reload, potentially impacting
traffic.
Conditions: A Cisco ASR1000 Series Aggregation Services Router must have one or more
redundant ESP100s operating, and the sho plat hard qfp act inf bqs sch qid <qid> command issued
with an out-of-range QID. Under normal circumstances (when other ESP models other than ESP100
are present), the following message displayed for a bad QID:
% Error: Failed to gather BQS information for QID 0xc03, QID out of supported range.
Workaround: Ensure that you include a correct QID. there is no work-around if the fix is not present.
CSCub26822
Symptom: When the prefix has multiple paths from the same next hop, one of these paths become
the best path. Another path from a different next hop is computed for RR best external path to
advertise to the peers that are configured to receive this path. The RR best external path advertised
to the BGP peers may not be withdrawn when the source withdraws this path from the UUT. This
may happen when the UUT BGP table has multiple paths that are the same next hop as the best path.
132
OL-26698-16
Conditions: This issue occurs when there are multiple paths from the same next hop in the PCP table
and an RR best external path having a different next hop. When this RR best external path is
withdrawn, the path is still seen in the peer that received it. The RR does not withdraw this route
from the peers.
Workaround: Use the clear ip bgp <peer> command to resend the prefixes to the peer. Alternatively,
use the Enhanced Route Refresh feature to avoid this issue.
CSCub27029
Symptom: In extremely rare cases, the sh ip nat trans command may cause an error message to be
displayed or a crash to occur.
Conditions: This occurs rarely.
Workaround: Downgrading to a release prior to Cisco XE 3.6.0 is a possible workaround. A fix is
expected, starting with Cisco IOS XE Release 3.7.1.
CSCub27590
Symptom: The RP crashes during the EXEC process.
Conditions: This issue occurs when you remove or readd the BGP AD L2 VFI with debug enabled.
CSCub27178
Symptom: The long-term service gets stuck in an attempting state and does not get established.
Conditions: This condition occurs during the following scenarios:
When the Cisco ISG session restart events are configured, service is stuck in the attempting
state, or there is an IP address mismatch.

When the session churning through idle timeout or session timeout is configured.
Workaround: GGSN retains the allocated IP address for a user (tagged by IMSI for GTP) within the
configured timer window. Essentially, after the first PDP context is deleted and the second one
arrives, GGSN allocates the same IP address for the user within the hold time. This is achieved
without the need to specify the address in End User Application - Information Element (EUA-IE)
from the iWAG in the CPC. The iWAG will not maintain any binding by itself; this is GGSN's
responsibility. Administrators should configure the iWAG so that the per-APN DHCP lease time
matches the hold-time value. The following is a sample configuration of a session restart event:
class-map type traffic match-any TC_OPENGARDEN
match access-group output name ACL_OUT_OPENGARDEN
match access-group input name ACL_IN_OPENGARDEN
!
policy-map type service OPENGARDEN_SERVICE
20 class type traffic TC_OPENGARDEN
accounting aaa list PROXY_TO_CAR
!
class type traffic default in-out
drop
!
!
policy-map type control BB_PROFILE
class type control always event session-start
10 service-policy type service name OPENGARDEN_SERVICE
20 authorize aaa list ISG_PROXY_LIST password cisco identifier mac-address
!
class type control always event session-restart
2 authorize identifier mac-address
4 set-timer IP_UNAUTH_TIMER 4
OL-26698-16
133
CSCub29610
Symptom: The Qos MIB filter statistics do not add up to the same number as the QoS MIB class
statistics.
Conditions: This issue occurs on a Cisco 7600 Router running the IOS XE 3.7 code. This does not
impact the Cisco ASR 1000 Series Aggregation Services Router and the Cisco ASR 903 Router.
Workaround: Avoid modifying the filters in the class map. If you need to modify, delete the
class-map and configure a new class-map with the desired filters.
CSCub29733
Symptom: The NAT HA feature is not going into PI20 because performance degradation issues were
found with the CEF changes made for this feature.
Conditions: Any changes that we checked into resiliency@dev4 for the NAT HA feature needs to be
backed out. Once that is done, we need to uprev latest of dev4 (without changes made for NAT) to
15.3(1)T/PI20.
CSCub30577
Symptom: Unexpected RTs are attached to redistributed routes in a VRF.
Conditions: This issue occurs when the export map for a VRF contains a clause that sets both the
RT matches a match as-path clause. In such a scenario, the match as-path clause will automatically
match, causing the attachment to occur.
CSCub31399
Symptom: The DHCPv6 client gives a parse error while receiving the NOPREFIX-AVAIL from the
server.
Conditions: This issue occurs when the status code is NOPREFIX-AVAIL for the client REQUEST.
CSCub31477
Symptom: A Cisco ISG router configured for Layer 2 Connected Subscriber Sessions does not
respond to ARP replies after a subscribers ARP cache has expired.
Conditions: This symptom occurs when the router is configured as ISG L2-Connect, the router has
configured HSRP as the high-availability method, and the subscriber-facing interface is configured
with the no ip proxy arp command. This issue is not seen if either HSRP is removed or the ip proxy
arp command is enabled.
Workaround: Clear the subscriber session. After the subscriber is reintroduced, the issue is resolved.
You can also configure ip proxy arp on the HSRP-configured interface.
CSCub32500
Symptoms: The router crashes in the EIGRP mode.
Conditions: This symptom is observed on the EIGRP flaps.
CSCub32890
Symptom: A request to include the max support user-queue information for the output of the sh
platform hardware qfp active infrastructure bqs capabilities command is displayed.
Conditions The current show bqs capability command output does not include this information.
134
OL-26698-16
CSCub33119
Symptom: The ?sh pl software interface fp active name interfacexxx ip reassembly? command
does not display the reassembly parameter correctly.
Conditions: When the router is not configured with the reassembly max-reassembly value, it uses
the default value, 16. In this scenario, the output of the sh ip reassembly gigabitEthernet 0/0/0
command will display reassembly value correctly, but the binos show platform software inter fp
active name xxx ip reassembly command will not display the value correctly.
CSCub33602
Symptom: An IGMP query with the source IP address 0.0.0.0 triggers a querier election process. As
a consequence, the port on which this packet is received is marked as the mrouter port for that
VLAN.
Conditions: This issue occurs when an IGMP query with source IP address 0.0.0.0 is received.
Workaround: Configure an ACL to block packets with the source IP address 0.0.0.0 and apply it to
the relevant interfaces.
CSCub33877
Symptom: During issue loadversion, when downgrading from Texel (or later) to YAP
(v151_1_sg_throttle or earlier), the standby RP keeps reloading due to the out-of-sync
configuration.
Conditions: This symptom occurs during the issue loadversion operation. The newer version of the
image supports IPv6 multicast, while the older version of image does not.
CSCub34128
Symptom: Ucode crash occurs followed by an FP crash seen on sending GTP traffic.
Conditions: This issue occurs when traffic is sent from the SGPRS simulator.
CSCub34756
Symptom: An RP crash is observed.
Conditions: When an RP card is hosting the TP tunnel midpoint, the RP crashes during the SSO
operation.
CSCub35526
Symptom: The output of the plim qos input queue command reflects on all interfaces of the same
SPA.
Conditions: When configured plim qos input queue for a interface, the configuration reflects all the
interfaces on the SPA.
CSCub36301
Symptom: The BFD sessions crash when the FP is switched over.
OL-26698-16
135
Conditions: This occurs when the peer is Cisco ASR1000 RP1 with large BFD sessions.
CSCub38174
Symptom: Memory leak is seen on the standby RP.
Conditions: This issue occurs only on the standby card in which the ERP interface is in the down
state. Ideally, the platform should not punt packet to the ERP process when the interface is down.
Also, the ERP should drop and free the memory for punted packet.
CSCub38559
Symptom: When static recursive routes are used in an MVPNv6 environment, multicast traffic loss
may occur due to a failure in determining the correct RPF interface for a multicast source or
rendezvous point.
Conditions: This issue occurs if a static route to an IPv6 address at a remote site of a VPN cloud
resolves via a BGP route, resulting in a failure to install the required MDT alternate next hop in the
recursively referenced BGP route.
Workaround: Execute the show ipv6 rpf vrf X <address> command for the address within the
recursively referenced BGP prefix range to install the required alternate next hop.
CSCub39131
Symptom: Packets get dropped.
Conditions: 5cps basic sip call.
Workaround: Reduce the traffic load from 5 cps to 2 cps.
CSCub43292
Symptom: The device displays an error while using the built-in environment variable of the Identity
Event detector applet called "$_interface.
Workaround: The actual variable is "$_identity_interface" and not "$_interface", which stores the
value of the interface.
CSCub44215
Symptom: In the routed VPLss scenario, when BDI interface on a Cisco ASR 1002 router is
configured in VRF and receive packets on VPLs, the VFI (from a PE router with XConnect) meant
for the VPN prefixes imported via route-target import from its l3vpn mpbgp peer (another PE). This
corrupts the packets. The destination device drops all the packets as it contains IP option.
Conditions: This issue occurs only for the destination learned via the route target import policy. The
devices behind the PE (having scanned) can ping the BDI interface, and the routes are directly
connected to a Cisco ASR 1000 Series Aggregation Services Router or learned via another device
in the same VRF. This issue is seen in the 15.2(2)S1 and 152-4.S.bin images.
CSCub46570
Symptom: The image cannot be built with an undefined symbol.
Conditions: The commit error triggers the compiling issue.
136
OL-26698-16
CSCbuub47374
Symptom: The router crashes during the IP SLA probe.
Conditions: This issue occurs during the IP SLAs removal and reconfiguration.
CSCub48495
Symptom: The router crashes when it runs the RT constrain feature and also, have redistribute
connected or network statements in other address-families with route-map.
Condition: This issue occurs when the route map is removed and then the RT filters are added.
CSCub50946
Symptom: The bandwidth value is not correctly cloned to the virtual-access interface of the virtual
template interface. When a FlexVPN client connects to the IOS head-end and the virtual template
does not have bandwidth configuration, the FlexVPN client uses the default value of 100 KB.
Conditions: This issue occurs when the FlexVPN server runs on a Cisco IOS15.1(3)T or later image.
The client connects and the virtual access interface gets cloned with the correct bandwidth (100
KB). When the client disconnects, and then reconnects, the bandwidth of the new virtual access
interface will be 10000 KB.
Workaround: Manually configure a nondefault bandwidth on the virtual template interface.
CSCub51087
Symptom: ODR is not working.
CSCub51279
Symptom: A Cisco ASR 1000 Series Aggregation Services Router resets its FP a with FW NAT
feature combination.
Conditions: A Cisco ASR 1000 Series Aggregation Services Router resets its FP with a FW NAT
feature combination along with traffic.
CSCub51527
Symptom: The line card crashes during switchover.
Conditions: During switchover, when the Tableid HA of the line card tries to open an IPC port of
the new active RP, the port is not created and the line card crashes.
CSCub52339
Symptom: A Cisco router that runs the Performance Routing (PfR) Master Controller function may
reload unexpectedly after the shutdown command is executed under PfR master.
Workaround: Do not execute the shutdown command on the router.
CSCub52639
Symptom: The embedded IP addresses in the SIP packets are not translated.
OL-26698-16
137
Conditions: This issue occurs when different NAT mappings translate to the same IP address in the
header and payload.
Workaround: Use the same configuration for both header and embedded translation for the same IP
address.
CSCub53087
Symptom: A high number of GTPv0 and GTPv1 packet drops with GTP permit-error OFF. On ASA,
this feature can be turned ON.
Conditions: This issue occurs when a zone-based firewall is configured for the GTP traffic and GTP
permit-error is OFF.
CSCub53660
Symptom: A stale multicast alternative route for the tunnel route is found after the level-1 interarea
tunnel route is replaced by a nontunnel level-2 route.
Conditions: When multi-cast intact is enabled and shut/unshut an interface causes topology change
only in level-2. The result of the level-2 SPF changes, but the level-1 topology and level-1 SPF result
does not change. Thus, the stale multicast alternative route for the level-1 tunnel route is not deleted
even though the tunnel route is replaced by a level-2 nontunnel route.
Workaround: Change the interface circuit type to level-1-2 or adjust the ISIS topology in such a way
that the tunnel route is replaced by a nontunnel route of the same level.
CSCub54686
Symptom: When the ultra kernel is crashes, the kernel core is not dumped.
Conditions: This issue occurs when the ultra kernel crashes.
CSCub54872
Symptom: When 32 prefixes are applied to an interface, for example a loopback, is not being treated
as connected. This can impact the connectivity of the 32-bit prefix.
Conditions: The symptom is observed when the prefix that is applied to an interface is meant for a
host route (/32 for IPv4 or /128 for IPv6).
Workaround: Use a shorter prefix.
CSCub54993
Symptom: When attaching an interface to a downstream VRF, the following warning message may
be displayed even if the VRF in question does not have the IPv6 address family configured:
% IPv6 does not support hdvrf interface Ethernet0/0
Conditions: This error message is displayed only when a downstream (half-duplex) VRF is
configured on an interface, and that VRF was created using the vrf definition command.
Workaround: This message is a reminder to indicate that IPv6 does not support half-duplex VRFs
and that VRF forwarding configuration will be ignored for the IPv6 address family.
CSCub55036
Symptom: A combination of static NAT and Firewall allows the flow of ICMP timestamp even
though the user-defined ACL is dropped.
Conditions: NAT with Firewall for ICMP timestamp flow
Workaround: Apply an ACL on the interface to deny ICMP time-stamp request.
138
OL-26698-16
CSCub55948
Symptom: The Cisco ASR 1000 Series Aggregation Services Routers contain a vulnerability that
could allow an unauthenticated attacker on an adjacent network segment to cause a Denial of Service
(DoS) and reload the box. A Cisco ASR 1000 router, that is configured for bridge domain interface
(BDI) routing, may crash.
Conditions:A Cisco ASR 1000 Series Aggregation Services Router that is configured for BDI
routing, may crash if it receives crafted fragmented ICMP packets that are meant for L2 broadcast
or multicast addresses.
Workaround: Under the interface BDI, use access-list to deny the ICMP packets meant for the subnet
broadcast address.
Base and Temporal CVSS scores at the time of evaluation were 6.1/5:
ctor=AV:A/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C CVE ID CVE-2012-5723 has been
assigned to document this issue. Additional information on Cisco's security vulnerability policy can
be found at the following URL:
CSCub56946
Symptom: 100 percent traffic loss is seen in all the VCs.
Conditions: Flap the MST (special PW) instance.
Workaround: It recovers by itself after 5 minutes.
CSCub57735
Symptom: ip nat inside source route-map NAT-MAP pool xyz force cannot be removed and shows
that dynamic NAT is in use even when there are no NAT entries.
Conditions: 1) Configure dynamic NAT 2) Relay SIP traffic, which hits NAT entries 3) Stop the test,
clear NAT entries, and remove the CLI.
Workaround: Use the no ip nat inside source route-map NAT-MAP pool xyz force command
instead.
CSCub58238
Symptom: The FP crashes when the ATM VC bundle configuration is loaded.
Conditions: The issue is seen in configurations of around 200 ATM VC bundles.
Workaround: The FP will be stable after the initial crash.
CSCub58483
Symptom: The line radius-server attribute 6 on-for-login-auth command can no longer be
configured on images where CSCtu18661 has been integrated.
Conditions: Use CSCtu18661 integrated in an image.
CSCub58490
Symptom: A memory leak occurs on the standby RP due to the banner command.
Conditions: This issue occurs when the banner command is available in the active running
configuration.
Workaround: Prior to booting up the standby server, remove the banner command from the active
running configuration.
OL-26698-16
139
CSCub58775
Symptom: A crash may occur in the standby RP of a Cisco ASR 1000 Series Aggregation Services
Router.
Conditions: This issue may occur after an OIR of a power supply and probably other similar events.
CSCub58991
Symptom: The show ppp multilink command does not display the correct configuration status for
MLPPP Fragmentation, Interleaving, and Distributed MLPPP platform status. The Cisco ASR1000
was enabling Multilink PPP fragmentation (legacy mode) enabled by default. Fragmentation should
Series Aggregation Services Routers be enabled only if configured on the multilink bundle interface
or Virtual-Template (Broadband MLPPP).
Conditions: This issue is seen on all the multilink PPP configurations.
CSCub59275
Symptom: The configuration of the CT3 controller serial interface s does not match between and
standby RPs. Error messages such as %COMMON_FIB-4-FIBHWIDBMISMATCH: Mis-match between
hwidb Serial1/0/1/2:0 (ifindex 634) and fibhwidb Serial1/0/1/1:1 (ifindex 634) appear
on the standby RP during controller configuration. IP addresses are assigned to wrong serial
interfaces. When RP switchover occurs, traffic does not pass due to the mismatch.
Conditions: This issue occurs when configuring the CT3 SPA in a dual RP router.
CSCub59493
Symptom: The CPU remains at 100 percent after the SNMPv2c walk even after 5 minutes.
Conditions: This issue occurs when an SNMP walk is performed on the MPLS-LSR-STD MIB.
CSCub60278
Symptom: The OSPF neighbor cannot enable over point-to-multipoint ATM bundles .
Conditions: This issue occurs when two ASR1000 Series Aggregation Services Routers are directly
connected with ATM PVC bundles and one end is a point-to-point subinterface and the other is a
remote multipoint subinterface. Try to execute the ospf over bundle.
Workaround: Change the interface to P2P ATM.
CSCub62988
Symptoms: Consecutive crashes occur.
Conditions: This symptom is observed in an ASR 1000 Series Aggregation Services Router with
ESP10, and Cisco IOS Release 15.2(2)S.
CSCub63440
Symptom: An EEM applet may execute its action statements twice.
Conditions: This issue is seen when the configured event in the EEM applet is a cron timer requiring
the NTP to be configured on the system.
140
OL-26698-16
CSCub65151
Symptom: The CCP of the Cisco ASR 1000 Series Aggregation Services Routers crashes when the
core-facing MPLS interface on the NPE is hutdown.
Conditions: This symptom occurs rarely.
CSCub65293
Symptom: The VSAs actual-data-rate-upstream and actual-data-rate-downstream are duplicated in
the access request sent bya Cisco ASR 1000 Series Aggregation Services Router.
Conditions: This issue occurs when the ANCP port is configured under a subinterface or ATM VC,
and the ANCP, port is in the UP state and Established.
CSCub66311
Symptom: After NSR switchover, Cisco IOS router do not listen for the DR multicast address on the
interface.Before switchover: show ip|ipv6 int Multicast reserved groups joined: 224.0.0.5 224.0.0.6
Joined group address(es): FF02::1 FF02::2 FF02::5 FF02::6 After switchover: Multicast reserved
groups joined: 224.0.0.5 Joined group address(es): FF02::1 FF02::2 FF02::5
Conditions: NSR OSPF switchover.
Workaround: Execute either the shut interface command or the no shut interface command.
CSCub66569
Symptom: The Cisco ASR1000 Series Aggregation Services Routers generate IGMP packets all of
which have a zero source MAC address.
Conditions: This random issue occurs when the OTV ED/Bridge-domain is configured.
CSCub66957
Symptoms: In a basic LSM setup of PE-P-PE where the router is performing a disposition function,
the ESP40 may crash.
Conditions: The ESP40 may crash the moment traffic hits the box.
Workaround: Execute the following commands to disable LRE:
set plat hard qfp active feature multicast v4 lre off
CSCub66524
Symptom: Reload may occur.
Conditions: On a Cisco ASR 1000 Series Aggregation Router NAT, a reload may occur depending
on the timing condition in the out2in particular invalid packets.
CSCub67101
Symptom: The POS interface line protocol goes down with encapsulation PPP in an MPLS setup.
Conditions: This symptom occurs when configuring encapsulation PPP on both ends of PE1 and
CE1, and then configuring XConnect in the customer-facing interface of PE1.
Workaround: Reconfigure the XConnect settings.
OL-26698-16
141
CSCub68021
Symptom: The show interface command on a SPA interface shows "0" for "unknown protocol
drops". Yet when the same interface is polled for ifInUnknownProtocols, a value is returned.
Conditions: This issue occurs when there are normal polling events.
CSCub68200
Symptom: The FP may crash while flapping sessions with the ISG services or flapping the ISG
services themselves.
Conditions: This behavior may be seen on the Cisco ASR 1000 Series Aggregation Services Routers
running Release 15.1(2)S or later release images. The ISG services that are involved are Traffic
Class services, and they may have any of the L4R, DRL/Policing, or accounting-based features
applied. This issue may be seen when such services are quickly added and removed from a
subscriber.
CSCub69350
Symptom: When using the radius-server domain-stripping command, the aaa accounting suppress
null-username' command does not work. The router sends a null username in the accounting packet
even when the command is issued.
Conditions: This issue occurs when you use the radius-server domain-stripping command and the
use aaa accounting suppress null-username command.
CSCub69414
Symptom: A traceback occurs in FreeUInt64 on booting up router.
Conditions: This issue occurs when tracebacks are seen when a Cisco ASR1006 Router boots up.
Workaround: Traceback occurs are because of the snmp-server enable traps entity-qfp
mem-res-thresh command. Disable the snmp-server enable traps entity-qfp mem-res-thresh
command.
CSCub69764
Symptom: Occasionally, after full chassis reload, all ATM autovc fail to come up when PADI is
received the CPE does not gets PADO. All the PPPoEoA sessions fail to establish on the chassis.
Conditions: The trigger for this issue is unknown. This occurs intermittently, for example, after full
chassis reload, once every ~50 reloads.
Workaround: Reload the chassis again.
CSCub70239
Symptom: Customers see the following error messages repeatedly:
%OCE_FORWARDING-3-CAUSE_OCE_COUNTER_EXCEED_STACK: OCE counter stack exceed -

CSCub70336
Symptom: Router crashes when the clear ip bgp * command is done in huge scale condition.
142
OL-26698-16
Conditions: This issue is observed only when huge scale with ten of thousands of peers and lot of
vpnv4/v6 prefixes.
Workaround: Issuing the clear ip bgp * command is not a common operation. A crash occurs when
the clear ip bgp * command is issued . Do not perform this workaround.
CSCub70819
Symptom: No mechanism is available to upgrade the existing throughput licenses, for example, from
throughput_10g to throughput_20g.
Workaround: Install the corresponding throughput license to get the throughput value.
CSCub71570
Symptom: The dynamic route-map counter displays wrong results.
Conditions: This issue occurs when the show route-map dynamic command is in the more state
and a trigger clears the clear route-map entries.
Workaround: Avoid executing the show route-map dynamic command in the more state for long
and use terminal length 0 before displaying the show command output.
CSCub73403
Symptom: Bad voice quality.
Conditions: some possible conditions that may update the trigger conditions later 1. RP1, ESP10,
SIP10 2. This issue may be impacted by the multiple spa 0/0 SPA-2X1GE-V2
ok
17:46:43 0/1 SPA-DSP ok 16:18:57 0/2 SPA-2X1GE-V2 ok 17:46:42 3. Transcoding / blended
transcoding.
CSCub73484
Symptom: The standby ESP100 gets reloaded.
Conditions: 4K IKEv2 IPv6 static crypto map 4k VRF (ivrf = fvrf). Running bi-directional IMIX
CSCub73159
Symptom: The IOSD crashes.
Conditions: This issue occurs when you bring up 8k PPP sessions with QoS and EBGP routes.
CSCub73177
Symptom: The RP crashes.
Conditions: This issue occurs when the Cisco router is reloaded.
CSCub73430
Symptom: Cisco router running on Cisco IOS 15.2.(4)S ipBaseK9 feature set will crash when an
interface that a QoS policy attached to it is activated.
Conditions: This issue occurs when a Cisco router is reloaded.
Workaround: Use other feature sets, for example, AdvEnterpriseK9.
OL-26698-16
143
CSCub76612
Symptom: The console displays a message:
%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F0: fman_fp_image: PFR TT Enable download to CPP
failed" and prints traceback
The Cisco ASR1000 Series Aggregation Services Router may reload with the fman_fp core file.
Conditions: FMAN-FP reports the PfR ERR log when a PfR session is flapping between MC and
BR.
CSCub77685
Symptom: The CPU temperature reaches a high point with a water mark message.
Conditions: This issue occurs in the SSO mode with L2VPN set up.
Workaround: Use the standby in the RPR mode.
CSCub78143
Symptom: The Clear ip bgp vpnv4 unicast damp rd command does not clear the damp information
in the VRF.
Conditions: This issue occurs when you configure the BGP Dampening feature within the address
family and flap the BGP route.
Workaround: Use the clear ip bgp vrf <VRF name> dampening command.
CSCub79590
Symptom: The match user-group command does not appear in the running configuration after
being configured. Configure an inspection type class-map.
Conditions: This issue pertains only to the match user-group command.
Workaround: This issue affects devices after reload because the corresponding router reads the
startup configuration, which does not have the match user-group command. Therefore, the match
user-group commands should to be re-entered after each reload.
CSCub81374
Symptom: The Cisco ASR1001 Feature Navigator does not show the correct image for license
mapping.
Conditions: ASR1001 ordering with or without licenses.
CSCub82275
Symptom: A Cisco ASR 1000 Series Aggregation Services Router may experience reloads on the
ESP module due to a CPP driver fault during an in-2-out NAT translation. The issue has been notices
in Cisco IOS 15.2S, but not in 15.1S.
Conditions: The issue occurs when NAT is enabled. No other known requirements have been
identified.
CSCub83960
Symptom: After the second RP switchover, mcast traffic stop forwarding by PE.
Conditions: mVPN topo, during mcast traffic sending, do an RP switchover on PE1.
144
OL-26698-16
Workaround: Using the clear ip mroute * command to enable the global MDT mroute rebuild can
restore the mcast traffic before and after the second switchover.
CSCub84204
Symptom: The GTPv0 request is dropped and there is a failure to create a session.
CSCub85608
Symptom: An ASRNAT address leak may occur. This displays a larger number of allocated
addresses inthe sh ip nat stat command output, as also the translations that exist for the
corresponding IP address.
Conditions: This issue occurs when a dynamic routemap configuration is used and the NAT subdrop
code ESP_CREATE_FAIL is increments, that is, ESP traffic must be present.
Workaround: The leaked addresses can be reclaimed periodically by executing the clear ip nat
trans command in the nonpeak hours to avoid user disruption.
CSCub85948
Symptom: A memory leak occurs due to CDP protocol.
Conditions: This issue occurs under normal working conditions.
Workaround: Remove the no cdp advertise-v2 command from the configuration.
CSCub86706
Symptom: After multiple RP switchovers, the router crashes with the following message:
UNIX-EXT-SIGNAL: Segmentation fault(11), Process = BGP HA SSO

mVPN with 500 vrf
Performed multiple switchover on PE1
CSCub88742
Symptom: NULL pointer access in a BGP C-Route function
Conditions: This issue occurs when MPLS MLDP is toggled after two SSOs and when each SSO
takes a long time to complete because of an HA bulk sync failure in the IP multicast.
CSCub89150
Symptom: PW with backup.
Conditions: This issue occurs when you switch between the active and standby pseudowire.
Workaround: Reload the corresponding routers.
CSCub89157
Symptom: Message are dropped.
Conditions: This issue occurs when the message string exceeds 128 charecters.
Workaround: Resend the message.
CSCub89711
OL-26698-16
145
Symptom: The ATM keyword for the show command disappears.

Conditions: This issue occurs when you perform a powered shutdown of the SPA card and bring it
back up using the no form the previous command.
CSCub91150
Symptom: The Cisco SBC interface cannot be pinged from a Cisco ASR 1000 Series Aggregation
Services Router.
Conditions: 1. SBC interface is created with netmask /32. 2. SBC activated.
Workaround: 1. Deactivate SBC. 2. Delete the SBC interface and re-create it again.
CSCub91178
Symptom: ALG FTP44 does not work and the data path fails to get established.
Conditions: This occurs when the two networks are divided into twoVRFs, with both the client and
server residing.
Topo:
Client --- Gi 0/0/0 --- vasileft 1 --- vasiright 1 --- Gi 0/0/1
(inside)
(outside)
(outside)
(inside)
vrf_in
vrf_out
---- Server
For vrf_in, there is a dynamic NAT:

access-list 10 permit 10.0.0.0 0.255.255.255
ip nat pool in 202.120.0.2 202.120.0.10 prefix-length 24
ip nat inside source list 10 pool in vrf vrf_in overload
For vrf_out there is a static NAT:

ip nat inside source static 192.168.0.2 202.119.0.2 vrf vrf_out
The client runs the FTP in the active mode.

Workaround: Use dynamic NAT instead of ALG FTP44.
CSCub92997
Symptom: Router crashes after a session flap.
Conditions: This issue occurs when the ... Router has a BGP Route Server enabled and has a
route-server client with graceful restart enabled. A client-generated session flap will cause a crash.
Workaround: Disable graceful restart.
CSCub93228
Symptom: Incorrect TCAM search key. Traffic does not pass through even if the filter conditions are
met.
Conditions: This issue occurs when IPv4 and IPv6 co-exist in the interface configuration, and FW
NAT is configured.
Workaround: Instead of using a pre-NAT source address in the ACL, use a post-NAT source address.
If the static NAT ip nat inside source static 36.1.1.2 37.1.1.83 is used, in order to allow traffic
from host 36.1.1.2 to pass through the firewall, the ACL should be.
permit ip host 36.1.1.2 any
146
OL-26698-16
Due to this list, the ACL should be configured as follows:

permit ip host 37.1.1.83
CSCub96074
Symptom: Software is forced to reload on the Cisco ASR 1000 Series Aggregation Services Routers
or RP2.
Conditions: ISG sessions cannot be authenticated or authorized whenever primary or secondary
RADIUS servers are marked as unreachable. This creates a high load on the ISG.
CSCub96323
Symptom: When the aaa session-id unique command is in place, the parent session ID in the
service accounting request does not match the session ID of the corresponding user session.
Conditions: This issue occurs when the aaa session-id unique command is configured in the ISG.
Workaround: Remove the aaa session-id unique command and work with the default setting.
CSCub96576
Symptom: Reload may occur.
Conditions: A reload may occur on a Cisco ASR 1000 Series Aggregation Services Router with NAT
when removing static RMAP mapping.
CSCub96743
Symptom: Packet loss is seen during SSO swithover in the Cisco ASR 1000 Series Aggregation
Services Routers platform.
Conditions: This happens in scaled configurations.
Workaround: Cisco has fixed it partially for loopback interfaces.
CSCub97641
Symptom: When a NetFlow test is performed in the NAT CGN mode, you may see an abnormal
NetFlow log. However, this is not seen in the default mode. Use the template ID 257 instead of 256.
Conditions: This issue occurs when ... is configured as cgn mode : ip nat log translations
flow-export v9 udp destination 10.75.163.59 9995 ip nat settings mode cgn.
CSCub98634
Symptom: NTP clients are unable to synchronize properly with the NTP server.
Conditions: Ntp access-group serve or Ntp access-group serve-only configured on the NTP server
running 15.2 IOSXE-based version.
Workaround: Revert back to 15.1 version or use the Ntp access-group peer command.
CSCub99205
Symptom: The shaper becomes inactive when policy-map rem/add back on sub-intf.
Conditions: This issue occurs each time on rem/add on sub-intf.
Workaround: Changing the shaper value reactivates the shaper.
OL-26698-16
147
CSCuc00289
Symptom: The interface cache is deleted when the parser config cache interface command is
configured.
Conditions: This issue occurs after the show tech-support command is issued.
Workaround: Execute the show running-config command to create the interface cache.
CSCuc00465
Symptom: configured permit-error, for 3GPP RLS7&8 req/resp, sessions are created, but for those
unknown/unwanted IE, gtp counter doesn't work correctly.
Conditions: This issue occurs due to permit errors.
CSCuc02916
Symptom: The IPv6 packet with hop-by-hop extension header is dropped when the packet is sent
out to the L2TP virtual access interface.
Condition: ASR is configured as L2TP LNS. At that time, the EssUnsupPktType drop counter is
incremented.
CSCuc02921
Conditions: This issue occurs when SYN cookie protection is being triggered, and the packet TCP
data offset is wrong.
Workaround: Do not configure SYN cookie protection.
CSCuc04837
Symptom: On the serial interface, the Cisco IOS counters for input packets, input errors, and aborts
increase even after the interface is administratively shut down.
Conditions: This issue does not occur in any specific condition.
Workaround: Shut down and restart the interface.
CSCuc05660
Symptom: The TTL in the CNAME record is reset.
Conditions: DNS CNAME record.
CSCuc05671
Symptom: The console reports
[aom]: (ERR): Unable to find async context for AOM and traceback.
Conditions: This symptom occurs when FMAN-FP reports the PfR ERR log when a PfR session is
flapping between the MC and the BR.
CSCuc07235
Symptom: When using the call-policy-set copy source x destination y command the
Conditions: This issue occurs if you reuse a number that was removed previously.
148
OL-26698-16
Workaround: Copy the policy to a new set number.
CSCuc07317
Symptom: The output of the Show controller pos pm command does not show the correct SFP line
type for all the POS SPAs.
Conditions: The line type is shown as LONG MM for all the SFPs inthe output of the show
controller pos pm frp command.
Workaround: Execute the show hw-module subslot x/y transceiver command.
CSCuc08098
Symptom: The trap configuration for the AAA-SERVER MIB is missing.
Conditions: This issue occurs when a Cisco ASR 903 device is loaded with MetroAggrServices
license.
CSCuc09520
Symptoms: Some transit ICMPv6 traffic may not be forwarded by instead processed by the device
itself, even if the destination IPv6 address is not one of the IPv6 addresses configured on the device.
Conditions: An IPv6 packet carrying an ICMPv6 payload and a hop-by-hop extension header, and
within the HbH a Router Alert option for MLD will not be forwarded, but processed by the device
itself.
Workaround: Apply an ACL blocking the IPv6 packets carrying a hop-by-hop extension header.
Note that such an ACL will also block legitimate MLDv1 or MLDv2 traffic, which in turn will
impact the neighbor discovery process (including DAD).
Base and Temporal CVSS scores as at the time of evaluation were 2.6/2.3:
ctor=AV:N/AC:H/Au:N/C:P/I:N/A:N/E:F/RL:W/RC:C
No CVE ID has been assigned to this issue. Additional information on Cisco's security vulnerability
policy can be found at the following URL:
CSCuc10081
Symptom: ISSU and ISSD fail.
Conditions: They fail under all conditions.
CSCuc11853
Symptom: The T1 Controller stays DOWN after switchover.
Conditions: This issue occurs when the SATOP is configured on T1.
Workaround: Use the shut and no shut commands.
CSCuc13805
Symptom: The LSP Tunnel Head Control process is seen holding memory over a period of time with
higher count/memory held each time outputs are collected.
Conditions: Explicit IDs are only released when defined with an address. When the IDs are stored
as a string, no function releases them.
OL-26698-16
149
Workaround: Use Path Protection using Path Option Lists with ID-explicit paths rather than named
explicit paths.
CSCuc14088
Symptom: The default class is not exported with the class option template.
Conditions: The class-default class is missing in the c3pl-class-table under the Flow Exporter.
CSCuc15203
Symptoms: The Router crashes when you configure ZBFW.
Conditions: The following conditions:
The ISM-VPN module is turned on.
Asymmetric routing occurs.
CSCuc15548
Symptom: Subscriber session on LAC/LNS with vpdn authen-before-forward and auto-service in
the radius-profile
Conditions: vpdn authen-before-forward command and one auto-service in the users profile.
Workaround: Configure and apply a policy map with the SESSION-START rule.
CSCuc15695
Symptom: The counters are not polling the correct statistics.
Conditions: This symptom was first observed on an ATM interfere, but is not particular to the ATM
because this issue was reproduced on a Gigabit Ethernet interface as well.
CSCuc16125
Symptom: Packet drops may occur and syslog errors may be displayed during ISSU.
Conditions: This issue is observed during ISSU.
CSCuc16623
Symptom: After changing the grandparent shape rate via ANCP, traffic is not shaped to the new rate.
Conditions: PPPoE model F Qos. Through ancp, change the grandparent shape rate.
CSCuc19783
Symptom: BGP neighbor sessions are not reset when the router ID is changed in the BGP VRF
address family.
Conditions: This issue occurs when the router ID is not configured within the BGP VRF address
family.
Workaround: Manually reset the BGP neighbors in the VRF address family by issuing the clear ip
bgp vrf <vrf-name> command.
CSCuc19862
Symptom: Traceback and CPUHog is seen due to spurious memory access when flexible NetFlow
is enabled on a 4G cellular interface.
150
OL-26698-16
Conditions: Enable flexible NetFlow on a 4G cellular interface with the traffic rate set to 1Mbps.
CSCuc20045
Symptom: The maximum configurable port bundle host key (PBHK) source interfaces on an Cisco
ASR 1000 Series Aggregation Services Router is random and could be as low as 1.
The following is a sample error message that is displayed on a Cisco ASR 1000 Series Aggregation
Services Router when adding 83rd source interface for PBHK:
PortBundle: Unable to add source IP into list PortBundle: Command failed
allowed number of source IPs: 82
PortBundle:
Conditions: Configure multiple PBHK source interfaces on the Cisco ASR 1000 Series Aggregation
Services Router.
CSCuc21880
Symptom: A memory leak is observed in aaa_util_get_cmdlist.
Conditions: A memory leak is observed in the aaa_util_get_cmdlist on Cisco 3945 Integrated
Services Router after a 10-hour traffic run for spoke-to-spoke FlexVPN.
CSCuc22217
Symptoms: The multicast re-created state may take one minute to register.
Conditions: Shutdown interface on first hop router towards active source and let multicast state time
out, then bring up interface. This may delay recreated state with one minute.
CSCuc25214
Symptom: router crashes after-an SNMP MIB expression is enabled.
CSCuc26232
Symptom: A reload indicating stuck thread may occur.
Conditions: On a clear ip nat translations vrf <vrf-name>
Workaround: use clear ip nat trans. * This issue exists only in Cisco IOS XE Release 3.7.1.
CSCuc26434
Symptom: RP information is not learned when auto RP is configured for a customer domain and the
MA and RP candidates are on different PEs.
Conditions: MA and RP candidate are on different PE.
CSCuc29310
Symptom: The TD probes in fast mode are gone when the link flaps.
Conditions: This issue occurs when a link flap causes an SAF session flap.
Workaround: Clear pfr mas tr.
CSCuc31692
OL-26698-16
151
Symptom: A Cisco ASR 1000 Series Aggregation Services Router ucode crash occurs during scaled
MLPPP configuration with sustained high data rates across most bundles.
Conditions: This issue occurs during a highly scaled MLPPP configuration with sustained high data
rates across most bundles. This symptom has been seen only in the context of ESP40.
CSCuc33328
Symptom: Memory leaks are found in the statistics.
Conditions: This issue occurs when a probe is executed and statistics are updated.
CSCuc34315
Symptom: The Cisco ASR 1000 Series Aggregation Services Routers crash with fman_fp during the
unconfiguring process during a PBR scalability test.
Conditions: After the PBR scalability test is performed with 1024 interfaces, a crash is observed.
CSCuc34574
Symptom: Pending-issue-update @ SSL CPP CERT on ASR 1000, 1002, ESP-1000 platform.
Conditions: show platform software object-manager fp active pending-issue-update Update
identifier: 128 Object identifier: 117 Description: SSL CPP CERT AOM show Number of retries: 0
Number of batch begin retries: 0
CSCuc36464
Symptom: Traffic check fail for user-defined classes with HQoS policy.
Conditions: This issue occurs on sending traffic from ixia.
CSCuc37597
Symptom: A memory leak is seen at the responder nodes during reverse mediatrace.
Conditions: A memory leak seen at the responder nodes on receiving a proxy request and while
receiving responses for reverse mediatrace.
CSCuc38440
Symptom: The following message is displayed with the tracebacks:
%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED
Conditions: This issue occurs during configuration or unconfiguration of match the message ID
under class.
CSCuc39329
Symptom: SNMP SMALL CHUNK leaks occur when the copy operation is performed using the
snmp set command.
Conditions: When performing the copy entry task, memory leaks are found. If this task fails, the
leaks occur. 1. same entry in queue (snmp_config_copy_add fail to add new entry) 2. Enqueue into
the copy queue fails 3.if ServerAddreesRev1 is set.
152
OL-26698-16
Workaround: Free all the pointer entries for all the above three scenarios.
CSCuc40585
Symptom: A ucode crash occurs when gtp aic inspect packets.
Conditions: This issue occurs when GTP AIC is configured.
CSCuc41531
Symptom: A forwarding loop is observed in the context of some PfR-controlled traffic.
Conditions: This symptom is observed with the following conditions:
Traffic classes are controlled via PBR.
The parent route is withdrawn on selected BR/exit.
Workaround: This issue does not affect configured or statically defined applications; it affects only
the learned applications. Therefore, the learned applications can be used as one of the workarounds.
Another option is to issue shut and no shut on PfR master or clear the related TCs with the clear
pfr master traffic-class command, which fixes the issue until the next occurrence.
CSCuc43337
Symptom: VRF name is not present in the sh run command output.
Conditions: This issue occurs for vrf path-jitter probe.
CSCuc44774
Symptom: A high RTT spike is seen during the UDP jitter operation.
Conditions: This issue occurs when another application runs for more than 500 ms, without giving
the IP SLA a chance to run.
CSCuc47357
Symptom: An unexpected Cisco ASR 1000 Series Aggregation Services Router crash is observed
on Release 15.2(2)S2 SW. The crash occurred at line 3799 in ppp_cp.c, which is in the
cp_process_confreq()functionfrom the core decode: #0 __be_cp_process_confreq
(ppp=0x7f50114689e8, cp_spec=0xc87fa0ec4f7f0000, cp=0x7f501035a57c,
neg=0x7f50059a6084) at ../VIEW_ROOT/cisco.comp/ppp/core/src/ppp_cp.c:3799
Below is a snippet of cp_process_confreq(). The cp_get_option_spec() returned NULL and
ppp_debug_prot_s() de referenced it:
option_spec = cp_get_option_spec(cp_spec, option_type);
ppp_debug_prot_s(ppp,
PPP_DEB_OPTION_STALL,
<<< Line 3799
cp_spec->cp_protocol, option_spec->name);
return; ... The function
cp_get_option_spec() is expected to return NULL and later debug print was trying to
dereference the NULL pointer .
Conditions: This symptom was observed when more than 40 x Cisco ASR 1000 Series Aggregation
Services Routers were upgraded to Cisco IOS XE Relesae 15.2(2)S2.
Workaround: A protective fix has been added before the debug print.
CSCuc50498
Symptom: A cpp_cp_svr crash is observed.
Conditions: This issue occurs when the service policy is attached to a member link that has a port
channel configured.
OL-26698-16
153
CSCuc57965
Symptom: The ISG prepaid idle timer stops firing after receiving two QV0 in a roll from the prepaid
sever.
Conditions: This issue occurs when the ISG session with prepaid service is applied. After receiving
two QV0 in a roll from the prepaid server, the prepaid idle timer stops firing, resulting in ISG stops
contacting the prepaid server for more quota.
CSCuc58513
Symptom: FP reload occurs.
CSCuc58603
Symptom: When using SNMP to query the CLNS adjacency table in the CISCO-IETF-ISIS-MIB,
the ciiISAdjIPAddrType for IPv6 addresses is incorrectly reported as IPv4(1).
Conditions: ISIS adjacency with IPv6 enabled.
CSCuc60435
Symptom: Packets with a single-digit MNC are not matched in the L7 class map. Instead, counters
increase in the class, as follows:
Service-policy inspect gtpv1 : gtpv1_grx_inside_mcc_mnc
Class-map: gtpv1_grx_inside_mcc_mnc (match-any)
0 packets, 0 bytes
<<<< zero
30 second offered rate 0000 bps
543464 packets, 11565497 bytes <<<<
30 second offered rate 19000 bps, drop rate 0000 bps
Match: any
Conditions: This symptom is observed when the match criteria in the L7 class map define
single-digit MNC as follows:
class-map type inspect gtpv1 match-any gtpv1_grx_inside_mcc_mnc
match mcc xxx mnc 1
match mcc xxx mnc 1
CSCuc65437
Symptom: A cpp_cp_svr crash is seen.
Conditions: This issue occurs when service policy is removed from main int.
CSCuc65609
Symptom: Duringa SIP attack, NAT causes ESP lock-up.
Conditions: This issue occurs because of a SIP registration attack.
154
OL-26698-16
Workaround: Use ACL to block the SIP attack.
CSCuc67468
Symptom: The sh plat h q a f nat data dynbin command output gets into a loop.
Conditions: This issue occurs when the command is executed on a Cisco ASR 1000 Series
Aggregation Services Router.
Workaround: Use the sh ip nat trans command and its filters for showing this information.
CSCuc67687
Symptom: The Router crashes due to VRF-related RG configurations.
Conditions: This condition is observed in the following configuration:
R1-13RU(config-if)#
R1-13RU(config-if)#
R1-13RU(config-if)#
R1-13RU(config-if)#
ip vrf forwarding b2b-vrf % Interface GigabitEthernet0/1/0

ip address <ip> <mask>
zone-member security Z1
redundancy group 1 ip <ip> exc dec 50
CSCuc74548
Symptom: Due to overload, the console is locked.
Conditions: Overload related problem.
CSCuc76670
Symptom: The 2X1GE-SYNCE (metronome) SPA does not boot on a Cisco ASR 1002 Router.
Conditions: From release 3.7, the metronome SPA (2X1GE-SYNCE) fails to boot on a Cisco ASR
1002 Router. The following error message is displayed on the RP console:
SPA not supported.
CSCuc78320
Symptom: QFP crash with icmpv4 error packets when ZBF debugs enabled (debug platform
hardware qfp active feature firewall datapath global all detail)
Conditions: This issue occurs when the ZBF debugs are enabled.
Workaround: Do not enable the ZBF debugs with the detail or drop keywords for all traffic. Enable
ZBF debugs only for the traffic you would like to debug. See CSCtf45361 for more information.
CSCuc88112
Symptom: Ucode crashes.
Conditions: This condition is observed while the frf12 feature is tested.
CSCud27293
Symptom: Sometimes, on a Cisco ASR1000 Series Aggregation Services Router, the SPA-8XT3/E3
SPA may not come up and may get powered off with the following message:
%SPA_OIR-6-OFFLINECARD: SPA (SPA-8XT3/E3) offline in subslot
Conditions: This symptom occurs only on a certain set of on board flash devices on the
SPA-8XT3/E3 with 15.3(01)S release.
OL-26698-16
155
156
OL-26698-16

includes severity 1, severity 2, and selected severity 3 bugs.
Note
For information about the caveats pertaining to releases earlier to 3.6S, see Cisco IOS XE 3S Release
Notes.
Note
Cisco Systems, Inc.

www.cisco.com
Caveats in Cisco ASR 1000 Series Aggregation Services Routers Release 3.7.4aS
Caveats in Cisco ASR 1000 Series Aggregation Services Routers Release 3.7.4aS, page 2
Caveats in Cisco ASR 1000 Series Aggregation Services Routers Release 3.7.2T, page 57

Release 3.7.4aS
This chapter contains the following section:
Resolved CaveatsCisco ASR 1000 Series Aggregation Services Routers Release 3.7.4aS, page 2

Release 3.7.4aS
This section documents resolved issues on Cisco ASR 1000 Series Aggregation Services Routers
Release 3.7.4aS.
CSCuj45418
Symptom: ASR1002-X reloads with the corefile reporting
CIF_CSR32_CIF_CIF_MISC_GRP2_ERR_LEAF_INT__INT_CIF_EPIFC_CRC_ERR interrupt.
Conditions: This condition is applicable only to ASR1002-X running IOS images prior to IOS
XE3.7.4aS. The issue is not specific to any configuration or traffic pattern.
Workaround: There is no workaround. The issue is fixed in IOS XE3.7.4aS and later releases.

Release 3.7.4S
OL-26698-16

3.7.4S
CSCui22356
Symptom: The Subpackage ISSU Upgrade is performed on ASR1002-X router after upgrading the
standby RP (R0/1) with new RP subpackages. Then, Switchover is forced from the active IOS
process to the standby IOS process. During the switchover, new active RP performs configuration
Bulk-Sync with the standby RP. During this Bulk Sync operation, the configuration related to the
interfaces is not synchronized with the standby RP due to Bulk Sync MCL failures. The following
error message will be displayed when this error is present.
Sample Error Message:
<.............>
Config Sync: Bulk-sync failure due to Servicing Incompatibility. Please check full
list of mismatched commands via:
show redundancy config-sync failures mcl
Config Sync: Starting lines from MCL file:
interface Tunnel150
! <submode> "interface"
- tunnel source GigabitEthernet0/0/0.34
<..............>
Standby takes more time(~744 seconds) for reaching terminal State.
Conditions: The symptom is observed after redundancy force-switchover step in ISSU upgrade
procedure.
Workaround: Peform a standby IOS reload using the following command:
hw-module subslot R0/0 reload
CSCtx72973
Symptom: Config-sync failiure is seen when unconfiguring the crypto gdoi group.
CSCtz49200
Symptom: OSPF IPv6 control packets are not encrypted or decrypted.
Conditions: This issue occurs while configuring the IPv6 OSPF authentication.
CSCua90097
for AUTH response.
Tunnel-id Local
172.4.234.1/500
Remote
172.255.255.252/500
fvrf/ivrf
Status
none/none
IN-NEG
OL-26698-16
Encr: AES-CBC,
keysize: 256,
verify: Unknown - 0
Remote req queued:
Remote window:

of SA : Yes

Remote id:
Local req msg id:
Local req queued:
Local window:

Initiator
2ru-2#
CSCuh20209
Symptom: ucode crashes when running the clear ip nat translations command.
Conditions: This condition occurs very rarely with stateful traffic.
Workaround: Use clear ip nat translations vrf vrf_name command to clear VRF aware translations.
CSCuh87017
Symptom: Hw-Sw: ASR1004 ASR1000-RP2 ASR1000-ESP20
asr1000rp2-adventerprisek9.03.09.01.S.153-2.S1. The ESP goes down logging messages as shown
below:
Jun 27 19:59:12.308: %CPPHA-3-FAULT: F0: cpp_ha: CPP:0.0 desc:CPP Client process
failed: cpp_cp det:HA class:CLIENT_SW sev:FATAL id:1 cppstate:RUNNING res:UNKNOWN
flags:0x0 cdmflags:0x0 Jun 27 19:59:12.393: %CPPOSLIB-3-ERROR_NOTIFY: F0: cpp_ha:
cpp_ha encountered an error
12FF8 :10000000 F108 c:E51F000 1E938 c:E51F000 1EAE0 Jun 27 19:59:13.054:
%PMAN-3-PROCHOLDDOWN: F0: pman.sh: The process cpp_cp_svr has been helddown (rc 134)
Jun 27 19:59:14.289: %PMAN-0-PROCFAILCRIT: F0: pvp.sh: A critical process cpp_cp_svr
has failed (rc 134) Jun 27 19:59:18.422: %CPPOSLIB-3-ERROR_NOTIFY: F0: cpp_ha:
cpp_ha encountered an error -Traceback= 1#e1875e79d5b29fc4e498ecbc61cdf452
12FF8 :10000000 F108 c:E51F000 1E938 c:E51F000 1EAE0
Conditions: On issuing show ip nat trans command when there are a large number of static
networks translations the ESP may reset with the above messages. The issue is caused by a
calculation dealing with the number of static network translations that are configured. It is possible
to avoid this issue by moving out of the impacted range of static network translations.
Workaround: Determine the number of static network translations:
Router# show platform hardware qfp active feature nat datapath stats | include static
net
non_extended XXXX entry_timeouts XXXX statics XXXX static net 126 hits
XXXX misses XXXX
Take the number of static network translations ("static net") and
divide it by 32, and then look at the remainder:
126/32 = 3 remainder 30
If the
remainder is 30 or 31 this issue could be encountered when the 'show ip nat
translation' is executed. To avoid this situation add or remove one or two static
network translations, for example:
ip nat inside source static network X.X.X.X
Y.Y.Y.Y /ZZ ip nat inside source static network A.A.A.A B.B.B.B /CC
The addresses
used in these two static network translations do not need to be hit by any traffic,
and do not need to be subnets that are regularly used within the network. Next verify
that the remainder is no longer 30 or 31:
Router#$show platform hardware qfp active
feature nat datapath stats | include static net
non_extended XXXX
OL-26698-16
entry_timeouts XXXX statics XXXX static net 128 hits XXXX misses XXXX
128/32 = 4
remainder 0
This can also be accomplished by removing one or two static network
translations to lower the remainder. More Info: Symptom: Hw-Sw:
ASR1004
ASR1000-RP2 ASR1000-ESP20
asr1000rp2-adventerprisek9.03.09.01.S.153-2.S1 The ESP
goes down logging messages similar to what is shown below: Jun 27 19:59:12.308:
%CPPHA-3-FAULT: F0: cpp_ha: CPP:0.0 desc:CPP Client process failed: cpp_cp det:HA
class:CLIENT_SW sev:FATAL id:1 cppstate:RUNNING res:UNKNOWN flags:0x0 cdmflags:0x0 Jun
27 19:59:12.393: %CPPOSLIB-3-ERROR_NOTIFY: F0: cpp_ha: cpp_ha encountered an error
errmsg:F6DB000 2230
c:E51F000 1E938 c:E51F000 1EAE0 Jun 27 19:59:13.054: %PMAN-3-PROCHOLDDOWN: F0:
pman.sh: The process cpp_cp_svr has been helddown (rc 134) Jun 27 19:59:14.289:
%PMAN-0-PROCFAILCRIT: F0: pvp.sh: A critical process cpp_cp_svr has failed (rc 134)
Jun 27 19:59:18.422: %CPPOSLIB-3-ERROR_NOTIFY: F0: cpp_ha: cpp_ha encountered an
error -Traceback= 1#e1875e79d5b29fc4e498ecbc61cdf452
errmsg:F6DB000 2230
c:E51F000 1E938 c:E51F000 1EAE0
CSCuh90658
Symptom: QFP crash.
Create normal GTPv1 session and primary PDP.
Delete request with teardown false.
Update QoS with different data TEID at both SGSN and GGSN when crash occurred.
CSCui07002
Symptom: When two routers attempt to build an IKE session and use PKI for authentication, if the
CRL has expired, the responding router crashes and reloads.
Conditions: PKI chain-validation, CRL check, expired CRL
Workaround: Disable CRL check.
CSCui38300
Symptom: High latency is observed in customer network.
Conditions: Under conditions such as forced test, it is possible to create scenarios where flow-lock
contention is very high because of NAT gatekeeper failures.
CSCui40812
Symptom: CUBE responds with 491 for RE-Invite with a=recvonly during HOLD.
Conditions: ++ SIP RE-Invite to deactivate the media with (c=IN IP4 0.0.0.0 and a=recvonly) is
causing CUBE to respond with 491 on IOS "asr1001-universalk9.03.06.02 .S.152-2.S2" where as
on IOS "asr1001-universalk9.03.04.01 .S.151-3.S1" CUBE is responding with 200 ok with
a=inactive.
CSCui61103
Symptom: DMVPN Phase 3 NHRP refresh clears RIB/NHO flag and RIB is not updated.
OL-26698-16
Conditions: When an NHRP Phase 3 child mapping entry is refreshed the mapping entry loses its
'rib' and 'nho' flags and the corresponding RIP route is either removed (rib) or the next-hop-override
is removed (rib + nho).

Release 3.7.4S
Release 3.7.4S.
CSCtj24692
Symptom: NVRAM configuration file gets corrupted when a chassis is power cycled without a
graceful shutdown.
Workaround: Shutdown chassis using the reload command and make sure RP gets to ROMMON
before power cycling the chassis.
CSCtj61284
Symptom: NAT overload does not work for non-directly connected destinations in MPLS-VPN
configurations.
Conditions: The symptom is observed with NAT overload configured to NAT traffic coming over an
MPLS VPN to internet via a VRF-enabled interface.
CSCtj96278
Symptom: T38 fax relay call speed is set to 14.4k regardless of the "fax rate" CLI configuration.
Conditions: There is no condition.
CSCtl55445
Symptom: CUBE logs the following message: %SIP-3-INTERNAL: Cannot insert call history
entry for callID.
Conditions: Calling party cancels call before connection. The following is an example:
INVITE
--------------->--------------->
<--------------<---------------CANCEL
180 Ringing
---------------->--------------->
<----------------<-----------------
100 Trying
<--------------<---------------200 OK
<------------------<---------------
ACK
CSCto81601
Symptom: If there is a problem with publishing the CRL, a major problem must exist so that further
publishing is suspended until the issue is addressed, and the CA requires a shut or no shut. Currently
there is no error message which suggests what happened with CRL. Need to add proper error
messaging to make it more interactive.
OL-26698-16
Workaround: Enter "shut" or "no shut" on the CA server should result in the CRL being published
again.
CSCtr88785
Symptom: When following an upgrade from Cisco IOS Release 12.4(24)T2 to Cisco IOS Release
15.1(4)M1, crashes were experienced in PKI functions.
Conditions: This symptom is observed on a Cisco 3845 running the
c3845-advipservicesk9-mz.151-4.M1 image with a PKI certificate server configuration..
Workaround: Disable Auto-enroll on the CA/RA. Manually enroll when needed.
CSCts34256
Symptom: We send 1M prefixes to an ASR with 8G of memory. The memory status is seen as
critical. However this stays as critical even days after the BGP peering is removed. The fman_rp
process seems to be holding the most memory even when the BGP routes are cleared. The impact of
this is unknown at this time.
Conditions: This symptom is observed on a Cisco 3845 running the
c3845-advipservicesk9-mz.151-4.M1 image with a PKI certificate server configuration..
Workaround: Disable Auto-enroll on the CA/RA. Manually enroll when needed.
CSCtt45299
Symptom: Failed to join the Meetme conference.
Conditions: If there's person already join the conference.
CSCtx99353
Symptom: The following error message appears: %SYS-3-INVMEMINT: Invalid memory action
(malloc) at interrupt level.
This error message can lead the device to crash.

Workaround: Remove the route list from Multicast MOH CLI so that Cu can still have music on hold
and can continue the feature. Alternatively, disable MOH (no Music comes on hold).
CSCty26035
Symptom:
There is a discrepancy in the inbound and the outbound SA lifetime in thestandby router.
The KB lifetime in a standby router is greater than that of the active router, when a KB lifetime
rekey occurs.
The ping will not go through after applying a dynamic crypto map.
Conditions: The issues are seen after establishing the session between the HA routers and various
test conditions.
CSCty31407
Symptom: netsync configuration for E1 (option 1) does not working.
Conditions: Configure R0 as netsync source, the netsync source doesnt lock (only option 1) , option
2 works fine.
OL-26698-16
CSCty59423
Free: 0
-Process= "VOIP_RTCP", ipl= 0, pid= 299

-Traceback= 0x25B1F0Cz 0x25AB6CBz 0x25B1029z 0x46C02Ez 0x46C89Bz 0x46BCC2z 0x471D12z
0x43EF59Ez 0x43DD559z 0x43DCF90z
%SYS-2-MALLOCFAIL: Memory allocation of 780 bytes failed from 0x46C02E, alignment 32

CSCty91566
Symptoms: Potential memory leak is seen when handling DNS lookup response.
Conditions: This symptom occurs when handling DNS lookup response.
CSCtz58718
Symptoms: CEF switching is not working with GRE + protected tunnel configuration.
Conditions: Packets should go through tunnel interface.
CSCtz96750
Symptoms: Expected SPI is not populated after Authentication is configured.
Conditions: Issue is seen for IPV6.
Workaround: The problem is seen only in case of VL configuration.
CSCua26931
Symptoms: Calls placed on hold by 3rd Party SIP Server are disconnected if media inactivity is
configured.
Conditions: PRI -- GW -- SIP -- 3rd Party SIP Server. Media inactivity is configured on the SIP GW.
Phone behind the call server puts the call on hold. If the 3rd Party SIP server uses RFC 3261 hold
(a=inactive) the call drops. If the 3rd Party SIP server uses RFC 2543 hold (c=0.0.0.0 and
a=sendonly).
Workaround: Set media inactivity timer to a large value.
CSCua35161
Symptoms: On DMVPN HUB, some crypto maps still exist after removing Tunnel protection from
tunnel interface.
Conditions: It happens with scaling test.
CSCua36330
Symptom: Trace backs found.
Conditions: While copying the text file from the certificate server. Accessing
https://msca-root/test.txt.
CSCua59513
OL-26698-16
Symptom: Transform comp-lzs is not supported with current hardware configuration.

Conditions: For ikev2_sanity script ,while testing the miscellaneous testcase Transform comp-lzs is
not supported with current hardware configuration.
CSCua62348
Symptom: IKE TUNNEL HISTORY TABLE/ipsecGlobalValues/cipSecSpiStatus failed.
Conditions: It should give correct data.
CSCua65780
Symptom: After a rollover, RA server does not retry to obtain its rollover CS cert from the CA
server.
Conditions: The issue is seen after the RA has rolled over once and its first enrollment request
(post-rollover) sent to the CA server has failed for some reason.
CSCua75781
Symptom: CME reloads for E911 call ELIN translation for incoming FXS/FXO trunk.
Conditions: The symptom is observed from Cisco IOS interim Release 15.3(0.2)T.
CSCua78616
Symptom: Not able to retrieve Via header for sending OPTIONS response back.
Conditions: This issue is seen in OPTION message case.
Workaround: Use the las_option_request from ccb while retreiving Via header.
CSCua78771
Symptom: Error message display needs cosmetic changes to follow style guide.
Conditions: In rare situation, we hit error message regarding an error situation. The message format
needs to be updated to follow style guidelines.
CSCua80616
Symptom: SPA handle invalid message is seen after running the hw-module subslot x/y shut
command on ELC.
Conditions: When multiple ELC sources are configured, such as primary and secondary network
clock sources from ELC, and execute ELC shut using hw-module subslot x/y shut command, the
SPA invalid handle error message is displayed.
CSCua88511
Symptom: Ipsec sas not setup correctly on uut1 = secp53-6.
Conditions: Negative testcase failed because expect_ncomp is 77, ncomp is 78 , compf is 0(this
particluar number should be 7), expect_compf is 8.
CSCub01509
OL-26698-16
Symptom: ESP reload on ASR1002-X and ISR4451.

Conditions: Very High traffic rate of fragmented packets recieved with NAT configured(or traffic
loop).
Workaround: Eliminate unnecessary fragments using either: MTU tunning, ACL filter, diverting the
packet to new interface without NAT.
CSCub18622
Symptom: Dynamic ACL does not get applied to the interface ACL, but the user shows up in the
show ip auth-proxy cache command output.
Conditions: Very High traffic rate of fragmented packets recieved with NAT configured(or traffic
loop).
Workaround: Move the auth-proxy rules onto a physical interface.
CSCub34534
Symptom: A basic call between 2 SIP phones over SIP trunk (KPML-enabled) fails.
Conditions: This symptom is observed with Cisco ISR G2 platforms.
CSCub46423
Symptom: Connecting from Windows 7 L2TP/IPSec client to the VPN fails when using HSRP
virtual IP as a gateway IP and Error 788 is displayed.
Conditions: This symptom is observed with Cisco IOS Release 15.2(3)T or later releases, and the
Windows 7 L2TP/IPsec VPN client.
Workaround: Downgrade to Cisco IOS Release 15.1(3)T.
CSCub52278
Symptom: DVTI Virtual Access interface may flap during rekey with a large number of
IKEv2/IPSec tunnels.
Conditions: IKEv2 in large scale deployment is used.
CSCub79487
Symptom: Traffic flow is not fine with Fragementation.
Conditions: None.
CSCub79543
Symptom: CLI changes in the show spi details command
CSCub84076
Symptoms: CRYPTO MAP ACL FILTERING TEST FAILED due to indent counters.
Conditions: CRYPTO MAP ACL FILTERING TEST FAILED due to indent counters.
CSCub93641
10
OL-26698-16
Symptoms:The load balancing feature of the flex-vpn solution of Cisco IOS does not provide
authentication facilities to avoid non authorized member to join the load balancing cluster. Thus, an
attacker may impact the integrity of the flex-vpn system by inserting a rogue cluster member and
having the load balance master to forward VPN session to it. A number of secondary effect,
including black-holing of some of the VPN traffic may be triggered by this issue.
Conditions: Flex-VPN with Load Balancing feature active.
Workaround: Using CoPP and interface access-list may be used to allow only trusted router to join
the load balancer cluster PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following
CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 4.3 or
3.9
ctor=AV:N/AC:M/Au:N/C:N/I:P/A:N/E:F/RL:W/RC:CCVE ID CVE-2012-5032 has been assigned
to document this issue. Additional information on Cisco's security vulnerability policy can be found
at the following URL:
CSCub97881
Symptoms: Few Mem leak seen in HSRP-CLB notification in scaled IKEv2 load-balancing cluster
scenario.
Conditions: Scaled IKEv2 load-balancing cluster scenario. Crypto Load Balancer HSRP state
change [Master->Slave] or [Slave->Master]. IOS TCP process cleaning up internal message which
has pointer to meory which CLB has allocated.
CSCuc01194
Symptom:
If there is a "peer .. fqdn ..." statement in the startup-config
For example: crypto ikev2 client flexvpn flex
peer 1 fqdn <FQDN>
Then after rebooting, the "peer ..." statement may be missing from the running-config.
Conditions: This occurs because at boot time, when the startup-config is parsed, there is no DNS
connectivity so the DNS resolution of the FQDN fails and hence the command is not accepted.
Workaround: Remove the peer and add it again with the "dynamic" keyword, i.e.:
client flexvpn flex no peer 1 fqdn <FQDN> peer 1 fqdn <FQDN> dynamic
Note
crypto ikev2
This process will delay the DNS resolution of the fqdn until the VPN tunnel is built.
CSCuc02931
Symptoms: FlexVPN site to site crypto session at UP-NO-IKE status.
Conditions: Clear cry session is given during rekey, create new sa with invalid spi, invalid SPI do
not delete
Workaround: Shut or no shut the tunnl interface.
CSCuc07317
Symptom: The output of the Show controller pos pm command does not show the correct SFP line
type for all the POS SPAs.
Conditions: The line type is shown as LONG MM for all the SFPs inthe output of the show
controller pos pm frp command.
Workaround: Execute the show hw-module subslot x/y transceiver command.
OL-26698-16
11
CSCuc09667
Symptoms: Router experiences crashes due to SIP due to a freed pointer in memory.
Conditions: There is no conditions.
CSCuc11809
Symptoms: The number if IPSec SAs on the box keeps increasing.
Conditions: IPSec eekeys are happening due to volume lifetime exhaustion.
Workaround: Turn off volume based rekey.
CSCuc22655
Symptom: IOS Router Identity Certificate missing upon reboot.
Condition: Identity certificate imported into a trustpoint that does not contain the direct issuer
Certificate Authority certificate.
Workaround: Import the identity certificate into the trustpoint which contains the issuer's certificate.
CSCuc25995
Symptom: A router unexpectedly reboots and a crashinfo file is generated. The crashinfo file
contains an error similar to the following:
%ALIGN-1-FATAL: Illegal access to a low address 04:52:23 UTC Wed Sep 19 2012
addr=0x4, pc=0x26309630z , ra=0x26309614z , sp=0x3121BC58
Condition: This occurs when IPsec is used. More precise conditions are not known at this time.
CSCuc28138
Symptom: Tracebacks are seen.
Condition: When protocol mode dual-stack is enabled under telephony-service and create cnf-files
is executed.
CSCuc29179
Symptom: The Cisco ASR 1000 Series Aggregation Services Router filters out the ARP requests
with its own source address. This leads to ping failure between two interfaces, which belong to
different vrf and own same IP subnet; for example, vrf v1 1.0.0.1/24 and vrf v2 1.0.0.2/24.
Conditions: The gigabit ethernet interface (gig0/0/0) connected b2b to another interface on same
router with VRF configured on atleast one of the interfaces.
Workaround: Configure some MAC address on the gigabit ethernet interface (gig0/0/0) and then
unconfigure the MAC address.
CSCuc39418
Symptom: When IKE sends KEY_MGR_CLEAR_ENDPT_SAS during initial contact, IPSec sends
KEY_ENG_DELETE_SAS.
Conditions: on performing SSO in spoke.
CSCuc44749
12
OL-26698-16
Symptom: Audio distortion for MMOH stream produced by GW, when live-feed from FXO port is
used.
Conditions: Live-feed is implemented to produce MMOH stream in CME environment, where
Live-Feed source is connected to an FXO port. File based Moh also to be configured, and the file
needs to be in Cached state.
Workaround: Remove the file based Moh. Or have a file based Moh which will NOT get cached.
CSCuc47356
static route.
CSCuc53595
Symptoms: Hung calls on FXO ports where supervisory disconnect is used to disconnect calls.
Conditions: Analog phone / device initiates disconnect. Custom CPTone is used to detect the
disconnect tone that is provided to the FXO port
Workaround: Configure the analog device to use one of the default CPTones that is bundled with
IOS ( country based ).
CSCuc53667
Conditions: When issuing the following show command on a ASR1K 1RU, ESP5, ESP10, ESP20
and ESP40 system.
show platform hardware qfp [active | standby] infrastructure bqs [schedule|queue] qid
This only causes an ESP crash when the 'qid' specified is an internal queue. It is safe
for interface or QoS created queue.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal
CVSS scores as of the time of evaluation are 3.8 or 3.3:
ctor=AV:L/AC:H/Au:S/C:N/I:N/A:C/E:H/RL:OF/RC:C
No CVE ID has been assigned to this issue.
CSCuc67116
Symptom: IPSec SA reset when sequence number rolls over back to 0 with anti-reply disable.
CSCuc67664
Symptom: Multiple failed IKE negotiations result in multiple MM_KEY_EXCH states from same
spoke. The older failed SA's are never deleted from the IKE SA db. This ultimately would exhaust
the call admission limit set on the router.
OL-26698-16
13
Conditions: 3945 router running 15.(1)4M5 code.

Workaround: Staying at 15.1(4)M4 at the moment.
CSCuc80457
Symptom: When ASR1K router is equipped with FP100 or FP160 models, the conditional police
might fail to work if the physical interface of the tunnel QoS changes to a different one.
Conditions: If the child policy of tunnel QoS contains "priority <kbps>" and "fair-queue" features,
the police of the "priority" feature will fail to function if the physical interface is changed to a
different one. Then the priority traffic would behaves like strict priority feature which might starve
other traffic class. This issue is specific to certain FP models, like FP100 and FP160.
Workaround: Detach and reattach the same policy-map to tunnel interface will restore the
functionality for Tunnel QoS.
CSCuc88175
Symptom: When a dynamic cryptomap is used on the Virtual Template interface, SAs do not get
created and thus the testscripts fail. This issue occurs because the crypto map configurations are not
added to the NVGEN, and there is no security policy applied on the Virtual Template interface.
Conditions: This symptom is observed only when a dynamic map is used on the Virtual Template
interface. However, this issue is not seen when tunnel protection is used on the Virtual Template
Workaround: Use tunnel protection on the Virtual Template interface.
CSCuc95160
Symptom: After receiving the CRCX message, the Cisco AS5400 does not send 200 ok to SSW.
SSW sends the CRCX message to the Cisco AS5400 again. Between these messages, debug outputs
are displayed. It seems that the call is not disconnected completely for the end point by the previous
disconnect request (the DLCX is received after the CRCX message from SSW). The end point may
be stuck in call_disconnecting state. Conditions: This symptom is observed only when a dynamic
map is used on the Virtual Template interface. However, this issue is not seen when tunnel protection
is used on the Virtual Template interface or when a dynamic map is used on the typical physical
interface.
Conditions: This symptom is observed with MGCP. This issue occurs when the Cisco AS5400
receives DLCX before sending 200 ok for the first CRCX message.
CSCud02391
Symptom: The EIGRP routes are not coming up after removing and reenabling the tunnel interface.
Conditions: This symptom is observed when EIGRP routes do not populate properly.
CSCud17362
Symptom: ASR router may crash running under heavy load
Conditions: This issue is considered an extreme corner case caused by the exhaustion of resources
combined with the aggressive polling of information through CLI while the system is overloaded.
CSCud21500
14
OL-26698-16
CSCud36343
CSCud78362
Symptom: GW starts to drop calls randomly if you increase simultaneous calls beyond 350.
Conditions: This symptom occurs if 350 calls are connected on GW, some doing digit collection
using Cisco ASR(MRCPv2) and some playing media. Increasing a few more calls triggers the issue
of call drops and total calls stay at only 350.
Workaround: A patch was provided which fixed the issue.
CSCud83835
Symptom: An IPsec VPN tunnel fails to be established. The debug crypto ipsec command shows
no output when attempting to bring up the tunnel.
Conditions: This symptom occurs when all of the following conditions are met:
1) The crypto map is configured on a Virtual-Template interface.
2) This Virtual-Template interface is configured with "ip address negotiated".
3) The tunnel is initiated locally (in other words, if the tunnel is initiated by the peer, it comes
up correctly).
Workaround: Downgrade to Cisco IOS Release 15.2(2)T3 or earlier releases or always initiate the
VPN tunnel from the peer.
CSCud85342
Symptom: IKE responder fails to accept phase 1 proposal with rsa-sig authentication with public
RSA keys and no trustpoints configured.
Conditions: An authentication mechanism of rsa-sig is configured and rsa-encr cannot be used due
to hardware/software limitations.
Workaround: Use rsa-encr if supported, otherwise switch to using actual certificates with trustpoint
or pre-shared keys.
CSCud87915
Symptom: EzVPN client cannot access the Internet over the VPN. Access to Hub internal resources
works fine. The ZBF firewall on the Hub drops the encryptred ESP(udp) traffic from self to out
containing reply from the host on the Internet. Log on the hub:
*Dec 28 15:34:51.189: %FW-6-DROP_PKT: Dropping udp session 8.8.8.2:0 8.8.8.1:53000 on
zone-pair self-out class class-default due to DROP action found in policy-map with ip
ident 0
source IP and port is incorrect.

Conditions: EzVPN client behind NAT and source port is PATed - is not udp 4500. EzVPN client
reaching the Internet with u-turn on the Hub. Hub has ZBF policy from self to outside permitting
VPN traffic. Hub has CEF enabled.
Workaround: Remove the ZBF policy from self to outside.
CSCud88366
OL-26698-16
15
CSCud88483
Symptom: In GETVPN and IPSEC redundant configuration combination, if secondary group
member is reloaded in the topology, it causes TEK registration of the group member is lost once the
router comes back up and HSRP does state transition to standby.
Conditions: GETVPN with IPSec Redundancy configuration.
Workaround: Wait for next rekey or issue clear crypto gdoi.
CSCud92596
Symptom: When traffic is sent with VLAN2 tag between two ixia ports through ASR1004 as below.
After executing the command show controller, input vlan errors can be found and the counter
increases without any packet drops. It is also found that when show interface command is executed,
the value of input errors counter under related interface is 0.
Conditions: There is no known condition for this symptom.
CSCud94248
Symptom: Voice XML Gateway Crashes While Handling SIP Calls - caps nack'ed.
Conditions: A fax tone getting detected on the gateway is causing the gateway to send a T.38 Fax
offer on the SIP leg. However customer does not support fax calls and the gateway receives 400 Bad
Request Response for the T.38 Fax Offer. When responding with a ACK for 400 Bad Request
Response we are seeing a crash as for some reason ccb->pld.destVdbPtr is getting set to NULL.
Accessing the NULL pointer is causing a crash.
Workaround: Remove the fax configuration in "voice service voip->sip" will prevent the crash.
CSCud96896
Symptom: "x Calls in queue" status is not displayed on all agents in the hunt group.
Conditions: This happens when a particular agent is logged out, then the subsequent agents (i.e in
the order in which they are configured a list member) do not get the status update.
Workaround: Have all the agents logged in.
CSCue14418
Symptom: Only single L2TP IPSEC vpn client can connect to vpn when they are behind PAT device
even though NAT DEMUX is configured.
Conditions: VPN clients behind PAT device.
CSCue18003
Symptom: Packets drop occur when performing a ping from an ASR 1001 console with packets of
large size (i.e. several kilobytes).
Conditions: This issue is specific to the ASR 1001 and requires a burst of data from the Control
Plane to the Forwarding Plane such that internal hardware buffers are saturated. Normal processing
continues, however, there are drops when the hardware buffer is full.
16
OL-26698-16
CSCue22731
Symptom: WCCP service cannot be enabled.
other is inactive. Then the inactive service cannot be enabled any more.
Workaround: Do not remove a service from the interface when another service is inactive.
CSCue22764
Symptom: ip wccp check acl outbound doesn't work on Ultra/Overlord.
Conditions: Ultra/Overlord platform
CSCue32707
Symptom: crypto pki export <> causes crash.
Conditions: This symptom is observed in when a SUB CA trustpoint is configured and a trustpoint
is configured and enrolled to that SUB CA.
Workaround: If possible, have the trustpoint on a separate box.
CSCue33313
Symptom: A Cisco ASR repeatedly produces a "no-input" event despite inputs provided by caller.
Conditions: The symptom is observed with the following conditions:
IOS VXML GW running Cisco IOS Release 15.x.
Problem seems to be triggered by a "no-match' event prior to providing
expected responses.
Debugs show the following order of events:
GW instructs TTS server to say "please say yes or no, or press digits 1 or two".
GW instructs ASR to recognize.
CSCue37000
Symptom: GTP-U drops are noticed for communication that should not have been dropped.
Swisscom agrees that this might be related to some timers and pending PDP sessions that need to be
terminated. Since local tests with mobile devices are all successful, Swisscom wants and needs to
go for 24 hour test to see if the GTP-U drops really lead to a service impact for mobile users.
Conditions: There is no conditions.
CSCue39518
Symptom: A Cisco 7200 with VSA fails to encrypt traffic under specific conditions.
Cisco 7200 has IPsec SSO configured with HSRP. Dynamic crypto map is
configured. Remote sides have static crypto map to this device.
All the 15.x codes to the latest Cisco IOS 15.2(4)M2 are affected.
Issue is not seen in the Cisco IOS 12.4 codes.
Issue not seen when IPsec SSO and HSRP are removed.
OL-26698-16
17
CSCue45131
Symptom: sVTI tunnel interface does not come up after router reboot.
Conditions: This issue happens when you reboot the router.
Workaround: Reload ESP.
CSCue47940
CSCue48419
Symptom: The Cisco AS5350 stops processing calls on PRI with a signaling backhaul from PGW.
In the packet trace, there is no q931message from PGW. Further analysis shows that as5350 sends
a q_hold (0x5)message in BSM, causing peer (PGW) to stop sending signaling traffic. However,
there is no BSM_resume message or BSM_reset sent after it. Hence, PGW is stuck in this condition.
There was earlier defect for CSCts75818 with similar symptoms in U-state.
Conditions: This symptom is observed due to some RUDP timing issues that cause BSM session
switchover.
Workaround: Reload the Cisco AS5350 (but only when CU notices the outage). Also, shutting both
Ethernet interfaces may help, but this workaround has not been tested.
CSCue50255
CSCue52963
Symptom: Some of the SPA goes to inserted (physical) state after an ISSU upgrade. This issue is
Conditions: This issue is seen while doing an ISSU upgrade on a setup that has a high scale
Workaround: This issue is not seen in the following scenarios:
CSCue57374
Symptom: QFP load spike occurs when dropping traffic via IPv6 ACL.
Conditions: IPv6 traffic is dropped with ACL.
Workaround: Configure the no ipv6 icmp unreachable command under the receiving interface.
CSCue57582
Symptom: The following error message may appear:
%STILE_CLIENT-4-MAX_LINK_TOUCH_WARN: F0: cpp_cp: NBAR number of flow-slinks threshold
is reached, cannot allocate more memory for flow-slinks.
This may cause some degradation in SSL based traffic.

Conditions: This message may appear under heavy SSL traffic.
18
OL-26698-16
Workaround: Currently there is no workaround. The classification of the SSL-based traffic should
be based on the other classification mechanisms.
CSCue59967
Symptom: VPN led does not come up when an IKEv2 tunnel is active.
Conditions: IKEv1 is not affected only IKEv2.
CSCue63807
Symptom: SIP call during "Call Forward No Answer" option leaks the Transcoder resource used on
CUBE Example call flow: Telco -> SIP Trunk (G711alaw/G729) -> CME -> SIP phone (G711ulaw)
->NOAN -> CUE (G711ulaw)
Conditions:
SIP Call
Codec mis-match between two legs of the call and invokes the local transcoder resource.
Call forward No Answer (noan) feature
Workaround: Reset the sccp session.
CSCue65405
Symptom: SAs do not get installed in GETVPN GM.
Conditions: The symptom is observed when the key server is configured with "receive-only" SAs.
Workaround: Remove receive-only configuration at the key server.
CSCue80506
Symptom: Traceback at DMVPN Spoke registration, DMVPN QoS policy not deployed to QFP
datapath component.
CSCue88591
leads to crash:
by reloading
CSCue89658
incomplete.
Conditions: The kernel core is generated when HMAN stops strobing the HW Watchdog timer. This
occurs concurrently when a process with a large resident set size (IOSd) is dumping core.
CSCue89779
OL-26698-16
19
Symptom: A FlexVPN spoke configured with an inside VRF and front-door VRF may have
problems with spoke-to-spoke tunnels if they are not the same. During tunnel negotiation, two
virtual-access interfaces are created (while only one is needed), the one in excess may fail to cleanup
correctly. As a result, the routes created by NHRP process may lead to loss of traffic, or traffic may
continue to flow through the Hub.
Conditions: This symptom occurs when the VRF used on the overlay (IVRF) and the VRF used on
the transport (FVRF) are not the same.
CSCue94610
%SPA_DSPRM-3-DSPALARMINFO: Checksum Failure:80000000,0000000e,d0156a80,d0156000
*Mar 14 17:56:05.851:
%SPA_DSPRM-3-DSPALARMINFO: 0042 0000 0080 0000 0000 0000 4368 6563 6B73 756D 2046
6169 6C75 7265 3A38 3030 3030 3030 302C 3030 3030 3030 3065 2C64 3031 3536 6138
302C 6430 3135 3630 3030 0000 0000 0000 0000 0000
come up.
CSCue98604
Symptoms: A Cisco 3845 that is running Cisco IOS Release 15.1(4)M2 may have a processor pool
memory leak in CCSIP_SPI_CONTROL.
Conditions: The conditions are not known at this time.
CSCuf03688
Symptoms: If the call to transfer-target fails, this problem would occur.
Conditions: When an external Application is registered to UC gateway via a web-services interface,
Workaround: External application is not registered or the registered application do not subscribe for
AUTHORIZE_CALL event.
CSCuf08585
Symptom: NAT64 does not work in simulator.
Conditions: This issue is not seen on hardware.
Workaround: A reboot is likely to clear the issue.
CSCuf09056
Symptom: The traffic may not be shaped correctly resulting in more traffic to leak through or the
router crashes when model 3/4 subscriber policy is applied.
Conditions: The model 3 and 4 hierarchy is built incorrectly on ESP-100/200 and ASR1002X when
the subscriber policy is added after the main interface is already active.
CSCuf17379
Symptom: NA
20
OL-26698-16
Conditions: NA
CSCuf20108
Symptom: Using MRCPv2 on VXML GW for CVP calls to 3rd party ASR, we have found the
MRCP Client process is disappearing after a few hundred calls. This causes all future calls to fail
until the VXML GW is rebooted.
A traceback is thrown in the logs at this time, indicating a memory problem.
Feb 28 00:23:23.949 JST: %SYS-2-FREEBAD: Attempted to free memory at B0D0B0D, not part
of buffer pool
Traceback= 18B57F4z 2C60B0Cz 5B120B3z 4BCA9F6z 2BCCA09z 4C7692Ez 4BCAA8Bz 4C8D03Fz
4C8EE4Bz 4C85EF2z 4C85D2Fz 4C75A21z
Running 'show process' after this traceback shows the MRCP Client process is no longer running.
Conditions: The issue occurs when a Nuance server abnormally tears down MRCPv2 session in the
middle of the call. MRCPv2 is needed to trigger the crash. MRCPv1 does not cause a crash.
Workaround: Set all sessionTimeout configurations to -1 on the Nuance server (In the NSSserver.cfg
file). Use MRCPv1 instead of MRCPv2
CSCuf20409
CSCuf35314
Symptom: Operation relying on PKI may start failing when enrolling a new trustpoint to same CA
as already existing trustpoint.
Conditions: First seen with Cisco IOS 15.2(4)M1.
Workaround: Use crypto key zeroize pubkey-chain command.
CSCuf39338
Symptom: Running sh sbc FOO sbe mib mgmmediaaddresstable on standby causes CLI to hang.
Conditions: When enabled SBC-B2B redundancy.
Workaround: Do not run this command on standby.
CSCuf39344
Symptom: In SBC-B2B, after no attach/attach an adjacency, calls are rejected with 503 Service
Unavailable.
Conditions: This condition occurs under the following:
Config vrf001 on BOX1(ACTIVE) then on BOX2(STANDBY).
Config adjacency's vrf and signaling-address, and media-address and vrf, both refer to vrf001.
Switch-over.
no attach/attach adjacency on BOX2(ACTIVE).
Later calls are rejected with 503 Service Unavailable.
Workaround: Always add or change vrf related SBC config on the same box. More Info:
CSCuf51539
CSCuf39344
OL-26698-16
21
Symptom: In some rare situations, EzVPN client routers are seen to have an IKEv1 SA lifetime
beyond 24 hours - up to "3 weeks, 3 days". This can lead to unpredictable behavior during IKEv1
phase1 renegotiation, notably this can cause the server to initiate a negotiation which would result
in errors and interruptions of service over the VPN.
CSCuf61640
Symptom: Tracebacks as follows seen during router bootup:
%SYS-2-INTSCHED: 'suspend' at level 2 -Process= "Init",
ipl= 2, pid= 3
-Traceback= 4F6966C 6A708EC 890127C 6B4F924 6B4F7F8 6B4EAAC 6B4F43C 6B4F514 6DD6D4C
6DDB3A8 6A23E50 6A23F18 6A24100 57D3F94 57D42D8 4F701E4
0x4F6966C
0x6A708EC
0x890127C
0x6B4F924
0x6B4F7F8
0x6B4EAAC
0x6B4F43C
0x6B4F514
0x6DD6D4C
0x6DDB3A8
0x6A23E50
0x6A23F18
0x6A24100
0x57D3F94
0x57D42D8
0x4F701E4
--->
--->
--->
--->
--->
--->
--->
--->
--->
--->
--->
--->
--->
--->
--->
--->
process_ok_to_reschedule+288
process_suspend+4C
random_fill+248
default_entropy_routine+9C
hardware_entropy_source+CC
nist_instantiate+78
try_create_rng+1B4
nist_rng+34
cts_sap_get_key_counter+54
cts_sap_init+C4
subsys_init_routine+60
subsys_init_class_internal+A8
subsys_init_class+8C
system_init+250
init_process+94
ppc_process_dispatch+
Conditions: The symptom is observed during router bootup.

CSCuf68548
Symptom: ccpp_cp_svr and fman_fp cores during mdr.
Conditions: While doing spa/SIP OIR during mdr.
CSCuf81742
Conditions: In the rare case, where the software managed memory pools have been increased and a
coalescing of buffer pools is required to create large buffers out of smaller buffers. Only a few
features (MLPPP, FRF12, ESS, SSL, and IP reassem) make use of this memory.
CSCuf93376
Symptom: CUBE reloads while testing SDP pass-through with v6.
Conditions: CUBE reloads while testing SDP pass-through with v6.
Workaround: Do not use SDP pass-through and use normal SIP processing call flows.
CSCuf93606
Symptom: A Cisco 3945E router crashes.
22
OL-26698-16
Conditions: The symptom is observed with the following conditions:

Extension mobility is configured for the phone. The logout profile should not
be configured with any number.
In the logged out state, user has to press the "NewCall" softkey followed by
dialing any digit between 1-9 (excluding 0).
Instead of pressing "dial" softkey, press "AbbrDial" softkey.
Workaround: Have a proper number configured under the logout profile.
CSCug04660
Symptom: Spurious CPLD-EHSA interrupts are seen. These interrupts are seen in cmand_R*
tracelog file. Sometimes, these can also cause high CPU depending on the activity on the USB
device.
Conditions: When an external USB device is attached to an Intel-x86 based RP. This includes RP2,
1RU, 2KP platforms. RP1, 2RU, 2RU-F are PPC based platforms, so these do not have this issue.
On Intel x86 platforms, CPLD interrupt lines are shared with external USB devices. Spurious
CPLD-EHSA interrupts are in fact USB interrupts.
Workaround: Remove external USB device from the router when not in use.
CSCug08555
Symptom: A 3945e will crash due to a bus error with a null instance variable.
Conditions: This has been observd on a 3945e but the conditions are still unknown.
CSCug09761
Symptom: Handshake fails when we select Diffie Hellman cipher suite from sslvpn configuration.
Workaround: Select other than Diffie Hellman cipher suite at sslvpn.
CSCug12997
Symptom: The ASR 1004 router crashes with:
CPPHA-3-FAULT: F0: cpp_ha: CPP:0.0
desc:ETC_ETC_LOGIC1_LEAF_INT_INT_LP_LONG_PKT_ERR det:DRVR(interrupt) class:OTHER
sev:FATAL id:2694 cppstate:STOPPED res:UNKNOWN flags:0x7 cdmflags:0x0
Conditions: VASI, cryto, mpls, during normal operation (as per what is known).
CSCug18233
address to the client. The prefix always gets pushed as 128.
Conditions: ikev2 local authorisation.
CSCug18685
Symptom: An NHRP resolution request is forwarded to the first NHS on the tunnel interface instead
of being forwarded along the routed path.
Conditions: DMVPN phase 3 implementation.
OL-26698-16
23
CSCug19148
Symptom: FXS ports on a Cisco VG224 running Cisco IOS versions 124-24T7 or 151-4M5 will stop
working randomly, user will hear a busy tone when going offhook on the analog device connected
to the FXS port on the VG224. The call status will show as "ERR_WAIT4_DISC" or
"ERR_WAIT4_ONHO" in the output of the command "show stcapp device summ" for that
problematic FXS port.
Conditions: The Cisco VG224's FXS ports are set up as STCAPP with Cisco Unified Callmanager
(CUCM) server and have the shared line feature enabled with a Cisco IP phone on the same CUCM
cluster.
Workaround: Remove the "shared line" feature if feasible or issue a "shut" followed by "no shut"
under the problematic FXS voice-port via the VG224's IOS command line interface (CLI) or issue
a manual "reload" on the VG224 during a maintenance window.
CSCug19697
Symptom: "playout-delay fax" CLI is not changing T.38 and modem Passthrough playout buffer to
accommodate packet jitter.
Conditions: Ability to reduce the default Fax playout delay.
CSCug20669
Symptom: ASR1000 router crashes due to PPTP related traffic.
Conditions: Router is running on 3.9.0S. NAT PAT is configured in CGN mode on the router.
Workaround: Disable PPTP ALG in CGN mode. No ip nat service pptp.
CSCug21413
Symptom: Call failure.
Conditions: Media antitrombone + Call farward cases + SDP passthrough.
CSCug28041
Symptom: In a NAT64 configuration, "show policy-map type inspect zone-pair sessions" shows
NATed ipv4 address for the ipv6 host. It should show the hosts' real IP addresses, i.e. v6->v4 or
v4->v6, not v4->v4.
The PD command sh plat ha qf ac fe fir da scb actually shows the scb's addresses as the real hosts'
addresses, i.e. v6->v4 or v4->v6. However, the v6 host's port number is still shown as the translated
v4 port number.
In the ZBFW datapath log at cpp_cp*.log, the session key printed in the debug messages is showing
wrong port number. The session key is supposed to be all v4, but the port number is actually printed
as v6 port number.
For the PD show scb command filter such as sh plat ha qf ac fe firewall datapath scb ipv6 3000::2
44 ::1d00:2 444, we can't use the v6 port to match the session and have to use v4 port of the v6 host
to match.
Conditions: NAT64 configuration. For the issues involving v6/v4 port numbers, they are only visible
if there is PAT configuration, i.e. if the v6 host's port number can be changed after NAT64
translation.
CSCug28192
24
OL-26698-16
Symptom: Over-sampling entropy source on Cavium and Quack/ACT based platforms.

CSCug28631
Symptom: Silent suppression of the line that is causing the difference in behavior.
Conditions: Silent suppression of the line that is causing the difference in behavior.
Workaround: Remove the silent suppression line using the lua script LVASR01#more
bootflash:edit_silence_supp.lua function delete_lines(msg) for line in
msg.sdp:select_by_prefix("a=silenceSupp:off"):iter() do line:delete() end end
MeEditor.register(MeEditor.BEFORE_RECEIVE,"SilenceSupp",delete_lines).
CSCug28904
Conditions: Peer router sends nonce with length 256Bytes
CSCug30823
Symptom: No media forwarded or media dropped for "Reprocess limit exceeded".
Conditions: This issue occurs when all the following conditions are met:
the call is setup as nat call
media is received before off/answer completed
the call is modified to hairpin with other calls both on two sides
CSCug31076
Symptom: ASR1000 ESP may get reloaded unexpected when PfR NAT OER integration feature is
enabled.
Conditions: When one of the NAT outside interface shuts down administratively with active NAT
translations.
Workaround: Disable PfR NAT OER integration feature.
CSCug33656
Symptom: When turning off a wccp service or detachin a service from an interface, the memory
allocated for wccp is not freed. This can be seen using: show platform software memory
qfp-control-process qfp active | section WCCP.
Conditions: None.
CSCug34404
Symptom: RP_Crash seen at be_interface_action_remove_old_sadb
Conditions: While unconfiguring the 4K svti sessions after the HA test.
CSCug34507
Symptom: Traffic decrypted on a Cisco ISR G2 series is process switched instead of staying in the
CEF path.
OL-26698-16
25
Conditions: The symptom is observed when the hub and/or the spoke are located behind NAT or
PAT.
Workaround: Disable NAT/PAT.
CSCug34677
Symptom: Topology: S---asr1k---D1--\
|
x.x.x.x/32
------D2--/ * ISIS, fast-reroute
per-prefix configured * LDP on all interfaces * x.x.x.x/32 is reachable via D1 (primary) and D2
(backup) * Sending traffic from S to x.x.x.x * S, D1, and D2 are simulated (Agilent) * Version
15.3(1)S Problem: Upon failing link asr1k-D1 (laser shut on Agilent, equivalent to pulling fiber),
FRR is not triggered and traffic flow is restored when ISIS reconverges.
remote shutdown.
Workaround: There is no workaround except changing interface type to POS/ATM.
CSCug34758
Symptom: Topology: S---asr1k---D1--\ | x.x.x.x/32 ------D2--/ * ISIS, fast-reroute per-prefix
configured * LDP on all interfaces * x.x.x.x/32 is reachable via D1 (primary) and D2 (backup) *
Sending traffic from S to x.x.x.x * S, D1, and D2 are simulated (Agilent) * Version 15.3(1)S
Conditions: Upon failing link asr1k-D1 (laser shut on Agilent, equivalent to pulling fiber), asr1k
quickly (<50msec) starts forwarding packets (dest x.x.x.x) to D2 (backup), but with D1's advertised
label! Only after ISIS converges the packets are forwarded with the correct label (from D2).
CSCug34822
forced option when removing a NAT mapping. The following is an OK example:
CSCug37242
Symptom: Router crash due to memory leak.
Conditions: The symptom is observed with a CME shared line feature configuration.
Workaround: Disable the shared line feature will avoid memory leak.
CSCug38023
Symptom: I/O Leak in the middle/DSPRM buffer pools are observed
Conditions: Flex DSPs are present.
CSCug40546
Symptom: QFP reloads and gets stuck in reset loop until pap or cgn configuration.
Conditions: This occurs when the router is reloading when the following configurations exist: ip nat
setting mode cgn and ip nat setting pap.
Workaround: Either remove PAP or CGN configuration. A fix is expected in release 3.9.1 and later.
26
OL-26698-16
CSCug41599
Symptom: VTCP needs to adjust in case 10k h323 resemble packets size are received. Clear DF bit
to decrease the impact on MPLS Path Selection and Limit Packet length for assembled h.323 packet
to 8K.
Conditions: The following apply:
Send 10K tcp segments from server
pmod manipulate the 1st tcp segment into h323 realization format (03 00 length after tcp
header)
the response src port 80 and dst 1720
Workaround: Disable h323 alg.
CSCug43136
Symptom: After applying the QoS configuration with policy-maps, the configuration is seen in show
running config properly. However, on checking the QFP, the following is displayed:
sh platform hardware qfp active feature qos all output all"
no interfaces are
configured as QoS target(s)
When checking the matching of the packets on the interface, it is displayed as "0".
Conditions: IOS XE Version: 03.07.01.S.
CSCug44667
Symptom: CM tone detector being turned ON irrespective of the fax and modem features being
disabled.
Conditions: CM tone detector being turned ON and being reported to the host by the DSP.
CSCug45517
Symptom: Topology: ========= < -----(SIP Trunk A)-----CUBE-----(SIP Trunk B)-----> CUBE
is not forwarding the REINVITE message received from Trunk A to the SIP Trunk B when 491
Request Pending is received from SIP Trunk B for the previous SIP transaction.
Conditions: When 491 Request Pending is received.
CSCug50844
Symptom: REq/RES timeout not work as expected.
Conditions: FW session under heavy traffic 2K create/delete.
Workaround: Stop the traffic and the timer works
CSCug53310
Symptom: ICMP v6 traffic is observed to drop.
Conditions: ICMP v6 traffic is observed to drop with cxsc configured under the zbfw policy-map.
Drops are observed the zone is applied on a DMVPN tunnel.
CSCug53415
OL-26698-16
27
Conditions: ASR1001 Built-in SPA.

CSCug54468
Symptom: ASR 1002-X acting as LNS, RP crashes after shutting down the interface that is
connecting LAC.
Conditions: 5000 sessions with per-session QoS. All these sessions are setup on single L2TP tunnel.
CSCug56212
Symptom: GTPv1 traffic CPP crashed caused by writing protected memory
Conditions: Landslide LinuxTC ASR5K GGSN LinuxTC introduced packet delay, drop,
reproduced, corrupt, reorder between GTP AIC and GGSN. During the GTPv1 traffic, CPP crash is
expected, which is caused by protect memory writing.
CSCug56942
For MOSCqe alert clear trap, CUBE should not send CurrentLevel Varbind but should send
Conditions: This condition occurs when CUBE SP generates clear trap for voice quality alerts.
Workaround: The code fix is included in CUBE 15.2(4)S4. If earlier CUBE version is used,
manually clean the alarm at CUOM after root cause is rectified.
CSCug58617
configuration.
Conditions: The symptom is observed on routers with configurations that break show run format.
CSCug59775
Symptom: Running show crypto map.
Conditions: During high CPU.
CSCug63013
Symptom: A DMVPN spoke router running 15.2(4)M3 and configured for Dual Hub - Dual DMVPN
failover will fail to forward multicast traffic for EIGRP neighbor forming after failing from primary
to backup and back to the primary. EIGRP neighbrship will fail to complete and flap on the spoke.
The hub will never show any EIGRP neighborship.
Conditions: DMVPN spoke router running 15.2(4)M3 in Dual Hub - Dual DMVPN scenario and
running dynamic routing protocol must failover and failback to the primary tunnel for this to occur.
Workaround: Removing "ip nhrp map multicast x.x.x.x y.y.y.y" and readding it resolves the
problem.
The issue doesn't exist in 15.2(4)M1.
CSCug63839
28
OL-26698-16

in Crypto IKMP process particularly on crypto_ikmp_config_send_ack_addr function.
CSCug65636
in Crypto IKMP process particularly on crypto_ikmp_config_send_ack_addr function.
CSCug68282
Symptom: ASR1000 RP crash after software upgrade.
1#b3d7956825375323829953c9aa18e3e0 :10000000 6FCCF4 :10000000 6FD0A0 :10000000
1#b3d7956825375323829953c9aa18e3e0 :10000000 6FCCF4 :10000000 6FD0A0 :10000000
1F1D9C4 :10000000 1F227B4 :10000000 1F1C1B0 :10000000 1F3F750 Apr 20 09:53:01.402:
:10000000 1F1C1B0 :10000000 1F3F750
PC = 0x087308B4 LR =
0x08732384 MSR = 0x0002D000 CTR = 0x07DC0D60 XER = 0x20000000 R0 = 0x000000FA R1
= 0x30742CC8 R2 = 0x30085C70 R3 = 0x00000000 R4 = 0x00006908 R5 = 0x00000006
R6 = 0x00000000 R7 = 0x08730B5C R8 = 0x0002D000 R9 = 0x3007E7F0 R10 =
0x3007E7F0 R11 = 0x30742CA0 R12 = 0x08732384 R13 = 0x18456078 R14 = 0x11F3F604 R15
= 0x00000000 R16 = 0x00000000 R17 = 0x00000000 R18 = 0x00000000 R19 = 0x00000000
R20 = 0x00000000 R21 = 0x1630C7D8 R22 = 0x18BDAA28 R23 = 0x18BDAC70 R24 =
0x18BDB3B8 R25 = 0xAB1234AB R26 = 0xAB1234CD R27 = 0x30742E58 R28 = 0x3AFDF4E0 R29
= 0x30742CE0 R30 = 0x0886A7AC R31 = 0x00000006
========= Start of Crashinfo
Collection (09:53:01 UTC Sat Apr 20 2013) ========= For image: Cisco IOS Software,
IOS-XE Software (PPC_LINUX_IOSD-ADVIPSERVICESK9-M), Version 15.2(4)S1, RELEASE
SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c)
1986-2012 by Cisco Systems, Inc. Compiled Sat 06-Oct-12 11:55 by mcpre
Uptime =
00:02:51
Conditions: Device configured with SBC with interchassis redundancy.

redundancy mode none application redundancy
group 1
name ECS
preempt
priority 150 failover threshold 100
timers delay 100
control Port-channel30.8
protocol 1
data Port-channel30.9
protocol 1
name BFD
timers hellotime msec 250 holdtime msec 1000.
Workaround: Do not setup B2B redundancy between XE36(or older) and XE37(or later).
OL-26698-16
29
CSCug69049
Symptom: ESP fails to initialize and reboots. A message like the following will be seen on the IOS
console:
*Jan 01 16:22:35.562: %CPPHA-3-INITFAIL: F0: cpp_ha:
startup init (0x1)
*Jan 01 16:22:35.562: %CPPHA-3-INITFAIL: F0: cpp_ha:
start CPP (0x1)
CPP 0 initialization failed CPP 0 initialization failed -
The cpp_driver tracelog contains an entry indicating the Hoover PLL failed to lock. This could be
on CIF,FIF, or ICM. Here is an example from CIF:
01/01 16:22:35.120 [cpp-drv]: (ERR): COMP0053/CIF/1028: QFP0.0 - timeout waiting
for Hoover TX PLL to lock.
Conditions: Router configuration or traffic pattern does not affect this problem. This software error
is fixed in to XE3.7.4, XE3.9.2, XE3.10.0 and later releases.
CSCug69540
Symptom: ESP fails to initialize and reboots. Cman-fp indicates error due to Hoover PLL lock
failure.
Conditions: Router configuration or traffic pattern does not affect this problem. This software error
is fixed in to XE3.7.4, XE3.9.2, XE3.10.0 and later releases.
CSCug72874
Symptom:Group Member is regitering the third Key Server in its list in a redundant KS scenario,
when certificate of first KS has been revoked.
Conditions: This has been observed under the following conditions:
GM has a list of 3 or more Key server
Certificate based authentication with OCSP validation
First KS certificate has been revoked.
CSCug73374
Symptom: ASR 1001 prints following error messages and crashes: % Internal error: Connection to
peer process lost %MCP_SYS-0-ASSERTION_FAILED: SIP0: cmcc: Assertion failed: Assertion
failed: cman/cc/./src/cmcc_util.c:322: "bay < cmcc_max_spas_per_cc()".
Conditions: Issue show platform hardware subslot 0/3 plim statistics command in CLI.
problem.
CSCug77988
Symptom: ZBFW syslog for passing and dropping ICMPv6 packets shows wrong value in the port
number fields. The src/dst port numbers should be the ICMP type and code. In addition, the passing
syslog is showing "Passing Unknown L4 protocol".
Conditions: The router is configured in 66, 64 or 46 case. syslog for pass or drop logging is enabled.
Sending ICMPv6(or ICMP from v4 side) packets.
problem.
30
OL-26698-16
CSCug80427
Symptom: Bursty shape rate on high bandwidth queue.
Conditions: When there are 2 vlans configured each with a single simple shape queue, one with a
very high rate (ex. 400,000,000bps) and another with a very low rate (ex 128,000bps), the high rate
queue's rate may be bursty and fluctuate +- 10% of the configured rate.
Workaround: Configure a hierarchical policymap on the vlans where the shape is on the parent class,
not on the queue.
CSCug82610
Symptom: NAT translations could be stranded on the standby with NAT B2B and AR configuration.
Conditions: NAT translations could be stranded on the standby with timeout of zero.
Workaround: During a MW or downtime, execute the clear ip nat trans command on the active box.
CSCug83538
Symptom: Static routes injected through RRI (reverse-route static) are not getting removed.
Conditions: This symptom is observed when a static crypto map that has "reverse-route static"
enabled is applied on two different interfaces with a local-address.
Workaround: Reload the Router.
CSCug84396
Symptom: May 3 12:46:21.835: %SYS-2-FREEFREE: Attempted to free unassigned memory at
3EC4FF9C, alloc 350B5A70, dealloc 350B5608
-Traceback= 35D9BEC4z 350C158Cz 350AEED8z 350B081Cz 32C23084z 32C23068z
May 3 12:46:21.839: %SYS-6-MEMDUMP: 0x3EC4FF7C: 0x350B5A70 0x3EC50C58 0x3EC4FDF0
0x65E
May 3 12:46:21.839: %SYS-6-MEMDUMP: 0x3EC4FF8C: 0x0 0x350B5608 0x1000133
0x3CDD2E48%Software-forced reload
-Traceback= 0x30DF22BCz 0x30DF05F0z 0x32C3278Cz 0x35D9BEC4z 0x350C158Cz 0x350AEED8z
0x350B081Cz 0x32C23084z 0x32C23068z
Conditions: May be with Presence or Shared line feature.

CSCug86085
Symptom: SBC SRTP ucode crash when doing srtp-rtp interworking.
Conditions: It seems this can happen in hairpined SRTP calls, though not able to reproduce in the
lab. The test scenario is: rtp----SBC-----SRTP--------SBC-------rtp
CSCug86432
Symptom: Incorrect statistic from SNMP OID "1.3.6.1.4.1.9.9.171.1.3.1.1", related to a number of
IPSec tunnels after running "clear crypto sa / session" command.
Conditions: Configured DMVPN, running "clear crypto sa / session" command.
Workaround: Reloadof router helps to solve the issue
CSCug88265
Symptom: Memory leak in [pfr_config].
Conditions: Performance Routing (PFR) is configured on the router.
OL-26698-16
31
CSCug91165
Symptom: ESP may reload when switching classic to CGN mode.
Conditions: ESP may reload when switching classic to CGN mode with traffic.
CSCug92464
Symptom: NAT timeout when used with port command does not work as expected.
Conditions: IP NAT translation port-timeout tcp <port #> <timeout value> Above CLI with ip nat
translation tcp-timeout timeout value is used.
Workaround: Make use of just ip nat translation tcp-timeout timeout value command.
CSCug95864
Symptom: The router crashes when removing and re-attaching a child policy from/to the parent or
when removing and re-adding the fair-queue policy. The issue does not require traffic in the
background. It could occur with a policy on a single target, so scaling is not required to hit the
problem. It happens primarily on ESP-100, ASR1002-X and 1NG (Nightster). The issue does not
impact ESP-5, ESP-10, ESP-20 and ESP-40, ASR1001 and ASR1002. The issue does also NOT
impact the ISR and CSR platforms.
Conditions: When removing and re-applying a child policy or a policy that includes fair-queue, the
hierarchy grows by one layer each time the policy is re-adding. This result is broken functionality
and removing the policy would eventually result into a crash.
Workaround: The workaround is to remove the parent policy, modify the configuration then re-apply
the service policy. The issue could also occur dynamically when a subscribe signs off but there is no
workaround for this issue in that case.
CSCug98010
Symptom: Crash seen on Primary RP due to Null Pointer send during Bulk Policy Map delete.
Conditions: Deleting Bulk Cos Policies.
CSCug98593
Symptom: When the ZBFW SYN cookie protection feature is enabled and is being triggered, the
firewall will generate and send SYN packets to the server on behalf of the client. If the response
from the server isn't received in time, the firewall will re-generate and resend the SYN packet. In
this retransmitted SYN packet, the MSS option is missing and the sequence number is incorrect(it
is one number bigger than the ISN).
Conditions: ZBFW SYN cookie protection is configured and is being triggered. Server doesn't
respond in time and is causing the firewall to resend the SYN packet to the server.
CSCug98723
Symptom: The TCP RST packets generated by ZBFW are dropped by ZBFW on ASR box.
Conditions: TCP flow specific TCP RST packets generated by ASR to rset the connection to the
client and server when "TCP packet inspection" is on.
CSCug98820
32
OL-26698-16
Symptom: Multicast RP-Announcement or RP-Advertisement packet is replicated more than one

copy per incoming packet. The number of copies is equal to the number of interfaces or io items
with IC flag enabled (use the show ip mfib command to get the number of IC interfaces).
Conditions: AUTO-RP filter is configured on PIM interfaces.
CSCuh01007
Symptom: After ESP 100 reload, show policy-map interface command counters does not populate
results.
Conditions: This condition occurs with an egress service policy on SPA Gigabit Ethernet interface
and sending high or low priority traffic.
CSCuh03859
Sympt om: If a customer configured snmp server enable traps sbc sla-violation-rev1
Conditions: This is a normal operation.
CSCuh04018
Sympt om: FMAN-FP traceback: cgm begin batch error.
Conditions: While adding classes to the ZBFW policy.
CSCuh09403
Symptom: ESP may reload in B2B NAT ZBFW setup.
Conditions: B2B NAT ZBFW setup with stateful traffic.
CSCuh09451
Symptom: Exception to IOS Thread: UNIX-EXT-SIGNAL: Segmentation fault(11), Process = SBC
main process.
Conditions: There is no workaround.
CSCuh11874
Symptom: The ASR1002-X Router reloads with core file reporting
CGI_CSR32_CGI_OTHER_LEAF_INT__INT_ECSR_PROTOCOL_ERR interrupt.
Conditions: Only applies to the ASR1002-X Router. This software error is fixed in the IOS XE3.7.4,
XE3.9.2, XE3.10.0 and later releases.
CSCuh12245
Symptom: cpp_cp process crashes.
Conditions: Change to the parent class of a session, which causes a rate update event to be performed
in the QFP hardware. At the same time, ANCP causes rate change on a VLAN shapper using mode-F
QoS. The shaper rate change causes the shaper on the VLAN to be removed and then re-applied.
Depending upon RP and FP CPU utilization, these events can be processed on the ESP as one QoS
transaction. where the sessions parent class has a rate change event and the session is also being
OL-26698-16
33
moved to an aggregation schedule node on the GE from the VLAN shaper schedule node. And then
the shaper is re-applied to the VLAN and the session is moved back to the VLAN shaper. This all
occurs in the same QoS transaction/commit on the ESP, causing the ESP to crash.
CSCuh17401
Symptom: NAT pool exhaustion with addresses with 0 refcount.
Conditions: This condition occurs while running NAT ALG and when port allocation failure occurs.
Workaround: To recover, execute clear ip nat trans command in off hours (as this is disruptive
operation).
CSCuh19209
Symptom: show ip wccp counters are not updated
Conditions: Configure more than 7 services on interface; disable some services; send traffic which
match the last configured service;
Workaround: When disabling service, also delete the configuration on interface.
CSCuh22742
Symptom: Callflow: Verizon - SIP trunk - CUBE (ASR 1000) - CUSP - Genesys - Interactions IVR.
CUBE does not ACK and BYE (glare handling case) after sending Cancel and receiving 200 Ok for
cancel from CUSP.
Conditions: Verizon cancelled the call 300 milliseconds (aprox) after sending the invite, it caused
the 200Ok of the invite and the Cancel to cross wire between CUSP and Genesy.
By that time CUSP had already sent 200 Ok for CANCEL to CUBE, thus CUBE did not respond to
the following 200 OK (for Invite).
CSCuh29716
Symptom: Call flow: Verizon -- CUBE -- CUSP -- Genesys/IVR, transfered with SIP Refer back to
PSTN hair-pining the call on CUBE.
When the call is transferred from IVR to PSTN, the codec negotiation with verizon fails, only if the
original Invite received included fax capabilities, dropping the call with reason code 47 and hanging
the UDP port used.
All subsequent calls that try to re-use the same UDP port for RTP stream are dropped with reason
code 47 and provisn RSP fail is logged on show voip fpi stats
Conditions: Hair-pinned calls that received FAX capabilities on original SIP invite from Verizon.
CSCuh33069
Symptom: qfp crash
Conditions: handoff from gtpv0 to gtpv1
Workaround: no More Info:
CSCuh36750
Conditions: Subscriber session with QoS over tunnel or shaped VLAN.
34
OL-26698-16
CSCuh38488
Router#show platform hardware qfp active feature firewall drop
------------------------------------------------------------------------------Drop Reason
Packets
------------------------------------------------------------------------------L7 inspection returns drop
1
Router#
Disable the port-to-application mapping for SIP with the no ip port-map sip port udp 5060
command. This prevents ZBF from treating UDP/5060 as SIP. Instead, it is treated as simple
UDP.
Use the pass action in both directions instead of inspect. This disables all inspection (even L4)
for the traffic.
CSCuh43018
Symptom: QFP reloads.
Conditions: Rarely occurs when issuing show platform hard qfp active feature nat da stats
command. Most likely to occur in CGN mode specifically after switching from classic to CGN
mode.
CSCuh44888
Symptom: PBHK update failure traceback from CPP-CP. AOM object download failure from
FMAN-FP..
Conditions: ISG sessions have PBHK features and RP switch-over.
CSCuh46031
Symptom: The Cisco ASR 1000 Series Aggregation Services Router sends a different
Acct-Session-Id in the Access-Request and Accounting-Request for the same user.
Conditions: Flex VPN IPSEC remote access is configured.
CSCuh50125
policy-map applied.
interface at the same time.
CSCuh51400
Symptom: gtpv0 policy is not working.
Conditions: gtpv0 traffic.
OL-26698-16
35
CSCuh58209
Conditions: This only causes an ESP crash when the qid specified is an internal queue. It is safe for
interface or QoS-created queue. When issuing the show platform hardware qfp [active | standby]
infrastructure bqs [schedule | queue] qid command on a ASR1K 1002X, ESP100/FP100, and
ESP200/FP200 system.
Base and Temporal CVSS scores as of the time of evaluation are 3.8/3.1:
ctor=AV:L/AC:H/Au:S/C:N/I:N/A:C/E:F/RL:OF/RC:C No CVE ID has been assigned to this issue.
CSCuh62307
Symptom: Cisco ASR 1000 Series Aggregation Services Router may crash when customer uses
call-policy-set copy source source-address destination destination-address command to create a
new call-policy-set.
Conditions: The na-src-address-table is configured within the call-policy-set. Enter this table with
na-src-address-table XXX after it was created by call-policy-set copy command.
Workaround: instead of using call-policy-set copy source source-address destination
destination-address command, copy and paste the text into config terminal to create a new
call-policy-set.
CSCuh75480
Symptom: QFP reload may occur.
Conditions: When running NAT in CGN mode and doing a removal of a mapping.
CSCuh76529
Symptom: Unknown.
Conditions: Astro can require a core voltage of up to 1.00V. However, the voltage was defaulted to
0.9V for all Astro chips. If an Astro requires 1.0V is on a board, it is only operating at 0.9V and
could fail to operate properly at speed.
CSCuh85883
Symptom: mplssetvrf bgp routes are not coming up along with multi-vrf PBR.
Conditions: The destination address of the packet is ASR local address. Say, the packet is for us
packet.
CSCuh91266
Symptom: VTCP is not robust enough when it receives TCP segments with abnormal sequence ID.
This may result in FP crash. We observed a TCP packet much older than the current window on
customer network.
Conditions: Abnormal sequenced TCP segments are received when VTCP buffering current flows.
36
OL-26698-16
CSCuh93698
Symptom: The Calling-Station-Id is not sent in the accounting-request.
Conditions: Easy VPN server or Flex VPN remote access is configured along with the "radius-server
attribute 31 remote-id" command.
CSCuh95125
Symptom: ESP-100 may crash continuously on an ASR1K box with cpp_svr crashes causing the FP
to go down.
Conditions: Numerous QoS sessions with a single queue being created on an interface in a
per-session basis on a Yoda platform (ASR1002-X/ESP100/ESP200).
Workaround: None at the moment More Info: This bug only affects Yoda platforms with large
number of singe queued QoS policies being applied on a per session basis on an interface.
CSCui06926
Symptom:
Initiator sends identity certificate based on 'ca trustpoint' under the
isakmp-profile.
However, the responder does not do this. Instead it gets the identity certificate from the *first*
trustpoint (out of the list of trustpoints) based on peer's cert_req payload in MM3.
Conditions:
IKEv1 with RSA-SIg Authentication, where each Peer has two certificates issued by the same
CA.
Each Peer has isakmp profiles defined that match on certificate-map and have 'ca trustpoint'
statements with self-identity as fqdn.

CSCui24927
Symptom: Data rate for a QoS shaped MLPPPoA/MLPPPoEoA traffic class may exceed the
configured QoS shape rate.
Conditions: This issue will be apparent if a parent or child shaper is defined on the MLPPP bundle
interface that is less than the configured PVC data rate.
Workaround: The user can explicitly tell the shaper to account for the ATM Cell Overhead by
appending the "account user-defined 0 atm" configuration option to the shaper configuration.
Example:
shape rate rate account user-defined 0 atm
Note that if the session is already active when modifying the QoS policy-map, the session may need
to be restarted for the QoS modification to take affect.
This issue will be addressed in the upcoming XE3.8, XE3.10, and later releases. This issue will not
be addressed in XE3.8 and XE3.9 and will require migration to XE3.10 or later releases to pick up
this fix when available.
CSCui26458
OL-26698-16
37
Symptom: Call flow: Verizon -- CUBE -- CUSP -- Genesys/IVR, transfered with SIP Refer back
to PSTN hair-pining the call on CUBE. When the call is put on hold to be transferred from IVR to
PSTN, the CODEC negotiation fails, dropping the call with reason code 47 and hanging the UDP
port used. All the subsequent calls that try to reuse the same UDP port for RTP stream are dropped
with reason code 47 and provison RSP failure is logged on show voip fpi stats command.
Conditions: Hair-pinned calls that receive multiple M-Lines on the SDP received from Verizon on
the original SIP Invite.
Workaround: There is no workaround. Reload of router is required to clear hung UDP ports.
CSCui27725
Symptom: When ASR1000 connect with ISO HDLC equipment, the ATOM PW traffic could not
transparent successfully.
Conditions: In L2VPN ATOM PW configuration, AC on the PE is CISCO HDLC encapsulation, and
CE equipment is ISO HDLC.
Workaround:
CE configure CISCO HDLC.
CE configure as the FR, and PE configure as HDLC.
CSCui38316
Symptom: The ESP crashes when updating a highly scaling configuration with a large number of
flow-controllable nodes. The crash could be observed during dynamic reconfigurations such as
changing the rates of a scheduling node, e.g. an ATM VC due to changing L2 shaping or QOS via
MQC.
The crash could also occur due to growing a scheduling node or moving an ATM VC from one
class-of-service node to another.
There are several other scenarios that could lead to a transformation of a hierarchy in order to lay
out the tree correctly to meet the hardware requirements. One such example is applying a flat policy
to or removing a child policy from a policy attached to an ATM VC.
Conditions: While transforming a hierarchy, there are hardware primitives used to execute the
update logic safely. One of requirements for this procedure is to move flow-control from the old tree
to the new tree in a particular order to prevent packets from getting out of order. The BQS resource
manager had a bug that caused the update to deplete internal flow-control IDs.
CSCui49230
Symptom: After reloading ASR1k with redundancy RP/FP, HDLC pass through configuration
remains but control flag actually lost.
Conditions: ASR1k with redundancy RP/ESP Configured HDLC pass-through and reload, or FP
switchover for two times.
Workaround: Manually re-config the CLI after reload.
UUT-ASR2-1006HA#conf t
Enter configuration commands, one per line. End with CNTL/Z.
UUT-ASR2-1006HA(config)#platform l2vpn hdlc-pass-through
UUT-ASR2-1006HA#sh plat hard qfp ac fea xcon cli intern
Platform Xconnect global configuration
L2VPN HDLC pass through control flag: TRUE
CSCui55732
Symptom: ASR1k:support of ignore-dtr on 4XT-Serial spa.
38
OL-26698-16


Release 3.7.3S

3.7.3S
CSCtz49200
CSCua90097
for AUTH response.
Tunnel-id Local
Remote
172.4.234.1/500
172.255.255.252/500
fvrf/ivrf
Status
none/none
IN-NEG
Encr: AES-CBC,
keysize: 256,
verify: Unknown - 0

Remote id:
Local req msg id:
Local req queued:
Remote req queued:
Local window:
Remote window:

of SA : Yes
Initiator
2ru-2#
OL-26698-16
39
CSCuc47356
static route.
CSCud41480
Symptom: QFP may reload.
Conditions: The known conditions for this are to have oneFirewall and NAT configured on a
CSCue50255
CSCuf04726
Conditions:
3. Save config.
4. Reload.
CSCuf20409
CSCug08561
Symptom: After a Web logon, the user does not get a Web logon response page sent by the portal.
If the Web logon is successful, the user is not redirected to the Web address specified. Instead, the
user is redirected to the portal for authentication.
Conditions:
1. Walkby feature is enabled with L4R & PBHK features applied to lite session.
2. User initiated the Web logon request.
Details: Upon a Web logon, an account-logon COA request is triggered from the portal to ISG. In
ISG, the request triggers conversion of the lite session to a dedicated session. During the conversion,
lite session and its associated resources (L4R and PBHK mappings) are removed from PD, and the
40
OL-26698-16
dedicated session gets provisioned. Once conversion is done, ISG replies to the portal with COA
ACK/NACK. Based on the response from ISG, the portal generates a Web logon response-page
(SUCCESS/FAILURE) and sends it back to the client.
But when the response packet reaches ISG, it does not get classified to the downstream session
(because PBHK & L4R mapping were deleted). As a result, the packet is dropped in ISG.
CSCug27334
Symptom: ASR router might start using new SPIs before quick mode exchange finishes. This causes
invalid SPI messages on the receiver side and, in some cases, flap of IKE/IPsec.
Conditions: First seen on IOS XE 15.2(4)S with DMVPN.

Release 3.7.3S
Release 3.7.3S.
CSCsr06399
Symptom: A Cisco 5400XM may reload unexpectedly.
Conditions: This symptom is intermittent and is seen only when the DSPs available are insufficient
to support the number of calls.
Workaround: Ensure that sufficient DSPs are available for transcoding.
CSCtq41512
Symptoms: After reload, ISDN layer 1 shows as deactivated. Shut/no shut brings the PRI layer 1 to
Active and layer 2 to Multi-frame established.
Conditions: This symptom occurs when "voice-class busyout" is configured and the controller TEI
Workaround: Remove the "voice-class busyout" configuration from the voice-port.
CSCtu02543
Symptom: Sometimes, users may face a "peer leak" situation with EzVPN.
Conditions: This symptom may occur when an NAT box gets reloaded/rebooted with live
translations.
Workaround: Reload the router to clear the leaked peers.
CSCty31905
Symptom: The router crashes upon initiation of an MSRPC secondary channel.
Conditions: When using a pre-gen created by control channel.
CSCty61216
Symptom: When the system includes a Cisco AS5350 universal gateway, the CCSIP_SPI control
causes a memory leak.
OL-26698-16
41
Conditions: The symptom is observed with the following IOS image:

c5350-jk9su2_ivs-mz.151-4.M2.bin. It is seen with an outgoing SIP call from gateway (ISDN PRI
--> AS5350 --> SIP --> Provider SIP gateway).
CSCtz15274
Symptom: When attempting a T.38 fax call on a gateway, you might see the following in the logs:
006902: %FLEXDSPRM-3-UNSUPPORTED_CODEC: codec cisco is not supported on dsp 0/0
006903: %FLEXDSPRM-5-OUT_OF_RESOURCES: No dsps found either locally or globally.
Conditions: The symptom is observed with a T.38 fax call.
CSCtz21456
Symptom: A router has an unexpected reload due to CCSIP_SPI_CONTROL process.
Conditions: This issue has been seen in Cisco IOS Release 15.2(3)T.
CSCtz55145
Symptom: Files cannot be downloaded using the management interface via FTP or HTTP. SCP
might also be affected. This can include firmware files, configuration files, or license files.
Conditions: This symptom occurs when using the management interface on a RP2 route processor
or the Cisco ASR 1000 router.
Workaround: Use an interface other than the management interface to download the file or use a
protocol that does not use TCP as the session transport, for example, TFTP. If you need to use the
management interface, see the workaround attached to the caveat.
CSCtz78943
Symptom: A Cisco router experiences a spurious access or a crash. Cisco ISR-G1 routers such as a
1800/2800/3800 experience a spurious access. ISR-G2 routers such as the Cisco 2900/3900 routers
that use a Power PC processor crash because they do not handle spurious accesses.
Conditions: This symptom occurs after enabling a crypto map on an HSRP-enabled interface.
CSCua10477
Symptom: The ASR1002-X Series Aggregation Services Router with large numbers of MLPPP
bundles might experience a crash, with the following error message: %CPPOSLIB-3-ERROR_NOTIFY:
SIP0: cpp_cp: cpp_cp encountered an error. This would be followed by a traceback and
eventual reload of the router.
Conditions: Large numbers MLPPP bundles on an ASR1002-X Series router.
Workaround: Keep the number of single-link MLPPP bundles under 4000, and the total number of
multi-member MLPPP bundles under 2000.
CSCua31157
Symptom: (Intermittently) One-way traffic is seen on a DMVPN spoke-to-spoke tunnel one minute
after the tunnel is built. Message: Invalid SPI.
Conditions: The symptom is observed with Cisco IOS Release 15.1(3)T1.
42
OL-26698-16
CSCua42104
Symptoms: Malformed RTCP packets are observed.
Conditions: This symptom occurs when DTMF interworking is enabled or SRTP/SRTCP is in use.
Workaround: Disable DTMF interworking if not required for the call.
CSCua49764
Symptom: The WAAS-Express device goes offline on WCM.
Conditions: This symptom occurs when a certificate is generated using HTTPS using the Cisco IOS
Release 15.1(3)T image. After upgrade to Cisco IOS Release 15.2(3)T, the WAAS-Express device
goes offline on WCM.
Workaround: Configure an rsakeypair on the TP-self-signed trustpoint with the same name and
execute the <CmdBold>enroll<noCmdBold> command again or delete the self-signed trustpoint point
and reenable the HTTP secure-server.
CSCua55629
Symptom: SIP memory leak seen in the event SIPSPI_EV_CC_MEDIA_EVENT.
Conditions: The command show memory debug leaks shows a CCSIP _SPI_CONTORL leak with
size of 6128 and points to the event:
SIPSPI_EV_CC_MEDIA_EVENT?:
Adding blocks for GD...
I/O memory
Address
Size
Alloc_pc
PID
Alloc-Proc
Name
Address
Size
Alloc_pc
PID
Alloc-Proc
Name
286E144
6128
8091528
398
CCSIP_SPI_CONTR
CCSIP_SPI_CONTROL
Processor memory
CSCub05907
Symptoms: Reverse routes are not installed for an IPsec session while using dynamic crypto map.
Conditions: Occurs when the remote peer uses two or more IP addresses to connect and the session
goes down and comes back at least twice.
Workaround: Issue clear crypto session for that peer.
CSCub14044
Symptom: A crash with traceback is seen, and all calls are dropped.
Conditions: This symptom is observed under all conditions.
Workaround: There is no workaround. The gateway crashes, and the soak time appears to be six
weeks.
CSCub42181
Symptom: The router crashes continuously after a normal reboot due to power or some other reason.
Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M4, RELEASE
SOFTWARE (fc1) uptime is 4 days, 11 hours, 38 minutes System returned to ROM by error - a
Software forced crash, PC 0x88D26F0 at 07:42:45 UTC Sat May 5 2012 System restarted at
07:43:55 UTC Sat May 5 2012 System image file is
"flash:c3900-universalk9-mz.SPA.150-1.M4.bin" ; Last reload type: Normal Reload
---------------------------- generated Traceback:
Pre Hardware Replacement
Crashinfo: ------------------------------------ #more
OL-26698-16
43
flash0:crashinfo_20120519-165015-UTC
------------------
------------------ Traceback Decode:
tshakil@last-call-2% rsym
c3900-universalk9-mz.150-1.M4.symbols.gz Uncompressing and reading

c3900-universalk9-mz.150-1.M4.symbols.gz via /router/bin/zcat
c3900-universalk9-mz.150-1.M4.symbols.gz read in Enter hex value: 0x88D1D88z
0x4962FC8z 0x88D1D88:fsm_crank(0x88d1d2c) 0x5c
0x24 0x4962FC8:process_execute(0x4962e24) 0x1a4 Enter hex value:
-------------------------------- Crash File Post Installation:
------------------------------
#more flash0:crashinfo_20120519-185725-UTC
------------------ Traceback Decode: -----------------
Enter hex value: 0x88D1D88z

0x4962FC8z
0x88D1D88:fsm_crank(0x88d1d2c) 0x5c

0x24 0x4962FC8:process_execute(0x4962e24) 0x1a4
---------------------------------------------------
Conditions: This symptom is observed with the following conditions: - MGCP gateway. - Take out
all the modules from the router. - Put the modules one by one. - Apply the configuration. - The router
is stable. The lab test recreated as follows: 1) Disable auto-configuration, that is, "no ccm-manager
config". 2) Reload the gateway. 3) Enable the CCM manager configuration and the router does not
crash.
Workaround 1: Bypass the start-up configuration and log in via ROMmon without any configuration.
Add the configuration one by one. Once the configuration is added, save the configuration and
reload the gateway.
Workaround 2: Shut down the router and add the cards one by one in slots 0, 1, 2, 3, and 4. The
device is stable until the third slot is inserted and brought up. As soon the router is powered on, after
adding the fourth slot, the crash starts. Shut down the router and remove the card in slot 4
(EVM-HD-8FXS/DID). Bring the device up without the card in slot 4 (EVM-HD-8FXS/DID).
Remove the "mgcp" and "ccm-manager fallback-mgcp" configuration from the device because the
console log is displaying the "Call Manager backhaul registration failed" error message. Shut down
the router and add the card which was removed. Bring up the router. Read the ccm-manager
fallback-mgcp command and do a "no mgcp/mgcp". The router becomes stable.
Workaround 3: Remove the ccm-manager config command by no ccm-manager config which tears
down the connection from the call manager to the MGCP gateway. The gateway will not download
the configuration from the call agent at the time of startup. Reload the router. Once the router is back
and stable, readd the command.
CSCub56842
44
OL-26698-16
Conditions: This symptom is observed when the show crypto eli command output shows that during
every IPsec P2 rekey, the active IPsec-Session count increases, which does not correlate to the max
IPsec counters displayed in the SW.
Workaround: Reload the router before active sessions reach the max value. To verify, do as follows:
router#sh cry eli
CryptoEngine Onboard VPN details: state = Active
Capability
: IPPCP, DES, 3DES, AES, GCM, GMAC, IPv6, GDOI, FAILCLOSE, HA
IPSec-Session :
7855 active,
8000 max, 0 failed
CSCub69764
Symptom: Occasionally, after full chassis reload, all ATM autovc fail to come up upon reception of
PADI. CPE gets no PADO. All PPPoEoA sessions fail to establish on the chassis.
Conditions: Trigger unknown. This condition occurs intermittently, after full chassis reload, once
every ~50 reloads.
Workaround: If the condition occurs, reload the chassis again.
CSCub74272
old SPIs are removed and then VTI tunnel line protocol goes down.
CSCub89144
Symptoms: In a VTI scenario with HSRP stateless HA, the tunnel state on standby is up/up.
Conditions: This symptom occurs when HSRP is configured and there is no SSO configuration.
CSCub90459
Symptoms: If CUBE has midcall reinvite consumption enabled, it also consumes SIP 4XX
responses. This behavior can lead to dropped or hung calls.
Conditions: This symptom occurs when midcall reinvite consumption is enabled.
CSCuc12685
CSCuc24937
Symptom: The voice gateway router is configured as a CME for handling ephone reloads due to
spurious memory access.
Condition: This symptom occurs as the voice gateway router is capable of handling ephones. Reload
is very specific to ephone handling.
CSCuc27517
OL-26698-16
45

this fix again.
CSCuc40448
Symptoms: No-way audio is observed on hair-pinned calls back from CUBE to SIP Provider. The
call flow is as follows: PSTN caller --Verizon---(sip)---ASR
CUBE---(sip)---CUSP---(sip)---Genesis (SIP refer sent to transfer back to Verizon) -- CUSP CUBE - Verizon -- PSTN
Conditions: This symptom is observed only after upgrading to Cisco IOS Release 15.2(2)S.
Workaround: Modify the diversion header on the transfer leg invite. Therefore, the Verizon handles
the call differently.
CSCuc42518
CSCuc46087
CSCuc54604
Symptom: CUBE SP does not respond to any SIP messages sent across using TCP. SIP using UDP
works fine. Call Flow: Multiple CUCM's ---> SIP --->CUBE SP--->Provider.
Conditions: This defect is noticed on 15.2(01)S01 and is only active when we have calls running SIP
TCP. Reason for this behavior is that during the create or close transaction on TCP, the control buffer
would be on hold. Therefore, if close of existing TCP connection is needed while the control buffer
are all being held, the connection would be marked as dead but not able to notify corresponding peer,
therefore the peer might still send data through that connection, which CUBE-SP would think as
invalid and get dropped internally.
46
OL-26698-16
Workaround: As a workaround we need to send the SIP call as UDP instead of TCP.
CSCuc56136
Symptom: Traffic fails to pass on PW.
Conditions: Configure xconnect on EFP and do RP SSO.
Workaround: Reconfigure the EFP and xconnect.
CSCuc65424
Symptoms: On dual RP configurations, a standby route processor might crash when establishing
new interfaces (could be PPP sessions).
Conditions: This symptom is observed when IDB reuse is turned on, for a dual RP configuration,
and when some interfaces are deleted and created again.
CSCuc69342
again.
CSCuc85157
CSCuc89800
Symptom: Receive a for_us packet with multiple (thousands of) tunnel headers, make ESP crash.
Conditions: Router A-------Router B-------Router C there is a tunnel T1 between A and C. In the
router A, there is a PBR that makes the packets from B transmitted through T1. In router B there is
a default route pointing to A. Then in router A a packet is transmitted through T1 encapsulated with
a GRE header. When this packet arriving at router B, due to the flapping of route between B and C,
it cannot be sent to C. But it will be sent to A because of the default route. When the packet arriving
at A, according to the PBR rule, it will be transmitted through T1 again encapsulated one more GRE
header. again and again, this packet will be encapsulated with thousands of GRE header. At last,
when the route between B and C no longer flaps, it will arrive at C, and make C crash.
Workaround: Workaround for customer's scenario: Customer can configure a ACL in router C 's
tunnel T1 interface, deny the packet if it has an inner header with the same src addr and dst addr
with outer header. But this workaround can't cover the scenario of an attack packet encapsulated
with multiple different tunnel headers.
CSCuc93739
Symptom: Phase 2 for EzVPN client with split network and VTI does not come up if IPSec SA goes
down.
OL-26698-16
47
due to no traffic. So in spite of traffic IPsec SA is not coming up leading to packet drops in client
network. The same problem is not seen with Cisco IOS Release 15.0(1)M7. This behavior is
introduced post-PAL where virtual-interface creates a ruleset where traffic cannot trigger IPsec SA
again once IPsec SA is deleted.
Workaround The following are workarounds for this symptom:
Configure ip sla on EZVPN client for split networks, so that IPSec SA will not go down.
Remove virtual-interface from EZVPN client profile if it is not needed.
CSCuc94687
Symptoms: SHA2 processing in software causes low throughput or high CPU.
Conditions: On the Cisco 892 running Cisco IOS Release 15.2(4)M and later, this symptom is
observed with SHA2 configured and the onboard crypto engine enabled.
CSCuc95192
Symptom: The ucode crash is seen.
Conditions: This symptom occurs when configuring or unconfiguring the static NAT in B2BHA
setup.
CSCuc96631
Symptoms: Incoming calls through e1 r2 stop working in Cisco IOS Release 15.2(4)M1.
Conditions: This symptom is observed with incoming calls through e1 r2 in Cisco IOS Release
15.2(4)M1. Outgoing calls work fine.
Workaround: Use Cisco IOS Release 15.2(2)T.
CSCuc98107
Conditions: The downgrading has been found since 15.3(01)S.
CSCud01502
Symptom: A crash occurs in CME while accessing a stream in sipSPIDtmfRelaySipNotifyConfigd.
Conditions: This symptom occurs in CME.
CSCud05368
Symptom: Traffic is be redirected to WCCP client even when defined as deny in wccp redirect ACL.
Workaround: The following are the workarounds for this symptom:
Move the deny entries before the permits when possible (especially for deny ... host ...), but it
still may not work in some situation.

Use different redirect ACLs for each service, and remove the unnecessary ones for specific
services.
CSCud06887
48
OL-26698-16
Symptom: There is no sync of SADB on an active router when it reloads from the current standby
router.
Conditions: This symptom occurs when the active and standby routers are up. Whenever a session
is up, there is a sync of SADB from active to standby. When active reloads and is up, there is no sync
of SADB from the current active router.
Workaround: Remove the isakmp-profile configuration under the crypto map.
CSCud08595
CSCud14033
Conditions: Remove and add uRPF and ACL configuration in the following manner while the traffic
is runnin:, copy remove_config running and copy add_config running.
CSCud22437
Symptom: An ASR 1K might experience a watchdog crash due to a kernel panic. After viewing the
plaintext contents of the resultant kernel core file that is generated, iosd generates a watchdog
because of a soft lockup that prevents it from responding within 60 seconds: <3>BUG: soft lockup
- CPU#0 stuck for 61s! [linux_iosd-imag:26869]

CSCud24885
Symptom: See some drops: FirewallInvalidZone 12676.
Conditions: ASR with WCCP and ZBF and netflow both configured.
Workaround: Ping the destination on ASR1000 before introducing WCCP traffic.
CSCud25675
Symptoms: Packet drop might be observed during IP Security (IPSec) rekey.
Conditions: This symptom is observed on a Cisco ASR1000 series router when functioning as an
IPSec termination and aggregation router, with Internet Key Exchange.
CSCud35550
Symptom: Many tracebacks are printed in the console when GTPv2 messages are handled.
Conditions: Attached configuration is imported. It can be triggered too if layer 7 drop is configured.
CSCud37568
Conditions: GTP AIC must be configured.
OL-26698-16
49
CSCud44854
Symptom: Hash table not memset for ALG during intialization.
Conditions: 1. Start sip/h323/... traffic. 2. Established NAT session over 60~70K 3. Send CLI
combinations with the following actions: A. clear ip nat trans * . B. Shutdown inside/outside traffic
interfaces C. Remove nat/alg config D. Reconfig nat/alg and unshut interfaces.
CSCud49494
Symptom: ESP crashes with multicast service reflect config when recieving UDP fragmented
packets.
Conditions: Multicast service reflect configured udp fragments recieved in the VIF interface.
CSCud50029
reason for the TX drops (sticky) is: Bad packet len: 0 Bad buf len: 0 Bad ifindex: 0 No device: 0 No
skbuff: 0 Device xmit fail : 663 <<<<< ......
CSCud51791
Symptom: Memory leak is seen on the router related to CCSIP_SPI_CONTRO.
Conditions: This symptom is observed in CME SIP phones with Presence in running configuration.
CSCud53401
Conditions: When FRF.12 is configured on ESP100 or 1RUVE2, the recycle queue cannot be
changed on-the-fly because there may be packets inflight that will be enqueued to this queue by the
hardware.
CSCud57841
Symptom: When the Ethernet SPA with Catskills SFPs (GLC-SX-MMD /GLC-LH-MMD) is
reloaded, the SPA could go out of service with the following error message:
%SMC-2-BAD_ID_HW: SIP0/0: Failed Identification Test in 0/0 [7/0]
Conditions: This symptom occurs when the Ethernet SPA is booted with the Catskills
SFPs(GLC-SX MMD/GLC-LH-MMD). The defect could happen during initialization or reload.
Workaround: Boot the Ethernet SPA without the Catskills SFPs. Insert the Catskills SFPs after the
Ethernet SPA has completely booted.
CSCud58038
Symptom: Ucode crash seen with nat tgn mode and CLI operation during traffic.
Conditions: 1. Setup sip/h323 traffic. 2. Shut ->clear ip nat tr * -> unshut. 3. Remove ip nat shut
clear ip nat tr *.
50
OL-26698-16
CSCud61366
Symptom: FP20 and FP40 cards crash if single bit parity error occurs on TCAM device #1.
Workaround: There is no workaround to prevent this crash. You may not run into this problem again
after FP reboot.
CSCud63381
Symptom: Switching from periodic to on-demand DPDs may cause the DPDs to fail intermittently
and thus IPSEC Failover may not work correctly.
Conditions: 1. 7200-VSA 2. IOS 15.1(4)M2. 3. On-demand DPDs configured for IPSEC FO.
Workaround: Disable the SCTP session: ipc zone default association 1 shutdown.
CSCud64870
Conditions: The crash happens when there are 5 CDPs for the hub router to fetch CRL. Given that
there are multiple CDPs, the hub router fetches CRL in a parallel way, which then lead to a crash
under a timing issue.
Workaround: Setting up only 1 CDP instead of multiple CDPs will avoid the timing condition which
leads to the crash.
CSCud66316
Symptom: Log messages for REJECT Create-session-response are not printed in sys-log.
Conditions: GTP AIC should be configured in the UUT.
CSCud66955
Symptom: SPA-2CHT3-CE-ATM is flapping with Nortel Passport due to very fast bouncing
down/up 10s after the interface is brought up.
Conditions: This symptom is observed in the E3 and DS3 mode.
CSCud67779
Symptom: One-way audio is observed when a call goes through BACD and comes over SIP trunk.
Conditions: This symptom occurs when a call comes through SIP trunk and is connected to an agent
phone via BACD during the third call xfer, along with the "headset auto-answer" configuration in
the ephone.
Workaround: Remove the "headset auto-answer" configuration in the ephone configuration.
CSCud71253
Conditions: When configuring IPv4 VRF aware ipsec with crypto maps with ivrf=ivrf1 and
fvrf=global.
Workaround: Put a route in the global routing table (fvrf) for the network in ivrf pointing the
next-hop to the ivrf interface.
CSCud72509
Symptom: ESP100 crashed.
OL-26698-16
51
Conditions: NAT configured, TCP segments size larger then 26K,ESP100 or 1002-X.
Workaround: Add "no payload-option" in the nat entry to disable all alg or disable a specific DNS
tcp alg by "no ip nat service dns tcp."
CSCud73600
Symptom: FP crash.
Conditions: QoS is confgiured on physical interface which is bind to a BDI interface. Stile is
configured on the same BDI interface.
CSCud75692
Conditions: Tunnel target interface is ATM sub-interface.
CSCud75856
Symptom: Presence of FP core file.
Conditions: Under certain very rare (unreproducible in lab) conditions, multicast LRE code can run
out of rbufs while serially processing packets, presumably because of the feature chain executed.
Workaround: Disabling MLRE through configuration command "platform multicast lre off" can be
done if condition occurs.
CSCud86039
Symptom: ASR1K router running NAT with a keyword of "oer" in the NAT overload mapping can
cause disruption to the NATted sessions when the PfR feature changes the exit link.
Conditions: ASR1K router running NAT with PfR with a oer keyword in the NAT configuration can
result in this condition.
CSCud86240
Symptom: The Cisco ASR 1000 ESP crashes (ucode core file created) when compressed packets
are sent on a Multilink PPP interface using the Cisco IOS XE 3.5 Release and earlier Cisco ASR
1000 software images. On Cisco IOS XE 3.6 Release and later on Cisco ASR 1000 software images
a crash does not occur, but routed traffic on configured interfaces are not forwarded. However, local
traffic between the peer routers may still be forwarded. In all releases, routed traffic will be dropped
on any other interfaces (for example, PPP, Multilink PPP, HDLC, and so on.) configured for this
mode of compression.
Conditions: This symptom is observed if the legacy IOS compression feature compress [mppc | stac
| predictor] is configured on any interface (for example, PPP, Multilink PPP, HDLC, and so on.). If
using an Cisco IOS XE 3.5 Release and an earlier Cisco ASR 1000 software image.
Workaround: Remove the compress [mppc | stac | predictor] feature configuration from all interfaces
as this functionality is not supported on the Cisco ASR 1000 router. The software fix associated with
this bug report will be removing this configuration option from the Cisco ASR 1000 router.
CSCud88359
Symptom: Rx traffic drop on the ESP seen by IN_RECV_UNKNOWN_OCT_ERR counter.
Conditions: When IP header checksum is "0" or "0xFFFF". This counter can be checked using the
following command - show platform hardware qfp ac fea ips data drops clear.
52
OL-26698-16
CSCud88517
Symptom: System may be out of service.
Security (IPSec) termination and aggregation router, and when more than 30 IPSec sessions are up
and running traffic.
CSCud90021
Symptom: An ASR1K running 03.06.00.S.152-2.S could crash due to a NAT bind age timing.
Conditions: This is a rare timing condition which was triggered by the RG infra toggle .
CSCud91920
Symptom: When configuring an ACL for both IPv4 and IPv6 in a policy-map,the policy-map does
not work properly.
Condition: This symptom occurs under the following conditions: -using an ACL for both IPv4 and
IPv6 in a policy-map -when the policy-map is attached to an interface or control-plane.
CSCud92837
Symptom: The aggregation-type prefix-length of PfR can not be configed less then 16. If so, the
number of learned prefix will be much lesser then it should be.
Conditions: When PfR is enabled.
Workaround: The aggregation-type prefix-length of PfR is better to be configed bigger then 24.
CSCud96075
Symptom: A router running Cisco IOS Release 15.2(4)M2 will reload with a bus error soon after the
DSP reloads when there is a live transcoding session.
CSCue05844
Symptom: The Cisco 3925 router running Cisco IOS Release 15.0(2)SG reloads when connecting
to a call manager.
Conditions: This symptom is observed with the Cisco 3925 router running Cisco IOS Release
15.0(2)SG.
Workaround: Remove SNMP.
CSCue06116
Workaround: Use the no ccm-manager config command to stop the configuration download from
CUCM.
CSCue15619
OL-26698-16
53

Conditions: Configure signaling-peer-port when the adj is attached, new vty terminal would be
hung.
CSCue25321
Conditions: Upon ESP switchover.
CSCue32352
Symptom: Non-hdlc traffic (Non standard but customer defined traffic) coming through HDLC
interface got dropped by ASR1K.
CSCue33171
shows that there are memory leaks from "CPP STILE Server CTX Chunk". There are three cases of
this memory leak: Case 1: when NBAR is active there is a leak of 40 bytes every 10 seconds. Case
2: when NBAR is active there is a leak of 60 bytes every 10 seconds. Case 3: when NBAR is not
active there is a leak of 20 bytes every 10 seconds.
CSCue39206
Symptom: ES crashes after the second 401 challenge.
Conditions: This symptom occurs when the second 401 is received after SDP offer/answer with
CSCue44651
Symptom: On a Cisco ASR1000 series router with GTP ZBFW enabled, pinholes are opened on
GTP-U for the initiating side. TRaffic back is dropped since the UDP-SRC port of the initiation side
is changed from xxxx to 2152.
Conditions: This symptom is observed when GTP ZBFW is enabled.
CSCue46664
deployment.
CSCue47484
Symptom: BFD neighbour is not up.
54
OL-26698-16
Conditions: This symptom is observed after ISSU upgrade of active RP.

CSCue55762
Symptom: x86-based platforms can crash after ~27x days.
Conditions: This symptom is observed with x86-based platforms. Most likely, this issue is not seen
on RP1, 1RU, and 2KP as their CPU feature set does not have both constant_tsc and nonstop_tsc on.
Workaround: Reboot the box. In any case, plan to upgrade to a release which has the fix within 7
months (the first release that has the fix is Cisco IOS XE Release 3.7.3S.)
CSCue59891
Symptom: When Priority-queue 100% is configured on class-default, packets are not going on High
ESI.
Conditions: When Priority-queue 100% is configured on class-default, packets are not going on
High ESI.
CSCue63756
Symptom: FPMAN-RP memory increases when the uut flaps the interface facing the CE side.
Conditions: 8K l2tpv3 scaling event monitor.
CSCue69527
Symptom: More than 95 SCCP controlled FXS ports cannot be configured on the Cisco VG350. The
debug output for "debug ccm-manager config-download errors" is as follows:
VG350 using CUCM.
CSCue72258
tunnel.
CSCue76134
on the standby.
the boxes.
1. clear ip nat trans *
CSCue82511
OL-26698-16
55
converge.
Workaround: The workaround is to use the same platform for all the PfR Border Routers.
CSCue85737
Symptom: ASR with PKI certificate may crash when issuing 'show crypto pki certificate'.
Conditions: Issue 'show crypto pki certificate' on ASR with pki certificate.
CSCue97338
CSCue97986
platform).
CSCuf29121
Conditions: On ASR1002 system with ipsec is configured on both ingress and egress GRE tunnel
Workaround: configure "no nat64 service ftp" to disable FTP64 ALG, system does not crash with
FTP stateful traffic.
CSCuf43548
CSCuf56693
Symptoms: Traceback might appear when configuring NBAR custom protocol on Border Router.
CSCuf60585
CSCug01256
56
OL-26698-16
Caveats in Cisco ASR 1000 Series Aggregation Services Routers Release 3.7.2T

Release 3.7.2T
Resolved CaveatsCisco ASR 1000 Series Aggregation Services Routers Release 3.7.2T, page 57

Release 3.7.2T
Release 3.7.2T.
CSCuc97477
Symptom: A new feature has been introduced for dummy packet support.
CSCud39590
Symptom: A new feature has been introduced for dummy packet support.
CSCud54133
Symptom: During the FIPS code review, a non-conformance was found. Specifically, when the SP
800-90 Deterministic Random Bit Generator (DRBG) calls the ACT chip for a seed, there is no
Continuous Random Number Generator Test applied to the value output from the chip.
Conditions: The symptom is observed when the SP 800-90 DRBG calls the ACT chip for a seed,
there is no Continuous Random Number Generator Test applied to the value output from the chip.
CSCud80859
Symptom: IPSec dummy packet support is currently not available in the Cisco IOS XE 3.7 image.
(This is the DDTS used to add the support in Cisco IOS XE Releases 3.7 and 3.7.2T).
Conditions: This symptom is observed at all times.
CSCud88517
Symptom: The system may be out of service.
OL-26698-16
57
Conditions: This symptom is observed on a Cisco ASR 1000 Series Router when it functions as an
IP Security (IPSec) termination and aggregation router, and when more than 30 IPSec sessions are
up and running traffic.
CSCue26378
Symptom: On a Cisco ASR 1000 Series Router, IPSec dummy packet counter is only shown in the
PD specific CLI under the show pl ha qfp act feat ipsec sa ## command. It is not shown under the
show crypto ipsec sa det command as dummy packets send or receive.
Conditions: This symptom is observed when you issue the show crypto ipsec sa det command.

Release 3.7.2S

3.7.2S
CSCtq81245
Symptom: SPA-4XCT3/DS0 reloads after performing an fp reload.
Conditions: 1. Issue is seen on a single fp system 2. Issue is seen when serial interfaces are
configured on the SPA.
CSCty24937
Symptom: TCAM exhaustion and FP crash with IDFW scale > 300 class-maps on 2ru or RP1/RP10
box.
Conditions: TCAM exhaustion and FP crash with IDFW scale > 300 class-maps on 2ru or rp1/rp10
box.
CSCua30168
Symptom: IOSd restart in 4k mixed tunnel scaling test.
Conditions: This symptom is observed during mixed tunnel scaling test and high traffic.
CSCua59573
Symptom: An issue is seen after running certain functionality tests of VPLS.
58
OL-26698-16
Conditions: The issue is seen in VPLS scaled test bed after running certain functionality tests. The
issue is reproducible on running the script.
Workaround: The issue is not reproducible manually.
CSCub69764
Symptom: Occasionally, after a full chassis reload, all ATM autovc fail to come up after reception
of PADI. CPE gets no PADO. All PPPoEoA sessions fail to establish on the chassis.
Conditions: Trigger unknown. This is occurring intermittently, after full chassis reload, once every
~50 reloads.
Workaround: If the condition occurs, reload the chassis.
CSCuc55907
Symptom: Under certain circumstances, an Aggregation Services Router 1000 with a single
Embedded Service Processor 40 (ESP40) and dual Router Processor 2 cards (RP2), will reload if the
ESP40 is replaced.
Conditions: When running an ASR1000 with dual RP2 running is SSO mode and a single FP40, if
the FP40 is removed/replaced, the entire router will reload and leave a core file behind. The router
is working as an L2TP access concentrator with thousands of active tunnels and passing traffic, but
other situations my trigger the same reaction.
Workaround: Running with redundant FP40 may help alleviate the situation.
CSCuc65424
Symptom: On dual RP configuration, a standby route processor might crash when establishing new
interfaces (could be PPP sessions).
Conditions: This symptom is observed when db reuse is turned on, on a dual RP configuration.
Some interfaces are deleted and recreated.
Workaround: Turn off the idb reuse option.
CSCuc85157
Symptom: Packet is dropped with reason of NatIn2out.
Conditions: PAT
CSCuc89800
Symptom: Configured IP GRE tunnel causes ESP to crash.
Conditions: A packet containing multiple IP/GRE headers being similar causes ESP to crash.
Workaround: Configure ACL to block the traffic.
CSCuc90992
Symptom: in a scale situation with several DENY statements and several NAT pools, the following
configuration hit the deny-jump. TCAM limitation and NAT does not work.
Oct 16 16:27:33.835 MEST: %CPP_FM-3-CPP_FM_TCAM_ERROR: F0: cpp_sp: TCAM limit
exceeded: Class group nat-class:1001.1 could not be successfully edited. Please remove
the class group from the interface.
Conditions: NAT and SIP NAT ALG are required. For SIP NAT ALG, not all embedded IP addresses
within SIP payload need to be translated. For this reason, aa exceptions need to be defined.
OL-26698-16
59
ip nat pool <name>-hosts 10.200.0.36 10.200.3.253 netmask 255.255.252.0 ip nat inside

source list all-nat pool <name>-hosts vrf <name> ! ip access-list extended all-nat
deny ip 192.168.152.0 0.0.1.255 192.168.152.0 0.0.1.255 permit ip any 192.168.152.0
0.0.1.255.
CSCud05368
Symptom: Traffic will be redirected to WCCP client even when defined as deny in wccp redirect
ACL.
Workaround: There can be 2 workarounds: 1. Move the deny entries before the permits when
possible (especially for deny... host...). This may not work in some situations. 2. Use different
redirect ACLs for each service, and remove the unnecessary ones for specific services.
CSCud24885
Symptom: Some packet drops seen: FirewallInvalidZone 12 676
Conditions: Netflow configured at the same time.
Workaround: Ping the destination on ASR1K before introducing WCCP traffic.
CSCud25675
Symptom: Packet drop may be observed during IP Security (IPSec) re-key.
Condition: This symptom is observed on a Cisco ASR1000 series router when I14 is configured.
CSCud30472
Symptom: IOSd crashes at ace_polo_list_cm_head_nodes.
Conditions: This symptom is observed while entering the show crypto ace polo detail command
after configuring 192-bit AES key for IPv6 OSPF encryption.
CSCud33184
Symptom: ESP ucode crash is seen on the ASR causing loss of traffic forwarding.
Conditions: CGN NAT is enabled on the router.
CSCud35735
Symptom: Ucode along with fman_fp core seen in UUT with
GTP_AIC_FUNC_POLICY_CHANGE.
Conditions: This symptom is observed while sending traffic from SGSN
CSCud36113
Symptom: Ping fails between CE routers.
Conditions: Configure MPLS VPN Inter-AS IPv4 BGP Label Distribution and flaps mpls bgp
forwarding in the interface between ASBRs
CSCud36156
Symptom: RP switchover due to a kernel crash.
60
OL-26698-16
Conditions: Dual RP running on ASR with 15.1(3)S1.

CSCud37921
Symptom: Update PDP context requests are dropped if GSN address is not identical with GSN
address provided in Create PDP context request.
Conditions: 3GPP communication on GRX interface. Roaming mobile users from GRX to inside can
have different GSN address information.

Release 3.7.2S
Release 3.7.2S.
CSCsu57181
Symptom: When the retransmission number is changed, the next rekey does not reflect this change.
Conditions: Change number of retransmissions from 2 to 5, and the number stayed at 2; and when
changing the retransmissions from 2 to 1, the number of retransmissions stayed at 2. This happen
for both unicast and multicast rekey.
Workaround: Clear crypto gdoi and start over again.
CSCts52120
Symptoms: Tracebacks are seen for PLATFORM_INFRA-5-IOS_INTR_OVER_LIMIT.
Conditions: This symptom is observed with RPSO.
CSCtv01521
Symptom: Logs: %LSMPI-4-INJECT_FEATURE_ESCAPE: Egress IP packet delivered via legacy
inject path.
Conditions: Ethernet/QinQ/LCP/IP frames are received on a QinQ subinterface with PPPoE.
Workaround: There is no workaround. Further information: Use the debug platform software
infrastructure inject err_packet command to get the first 32bytes of the packets causing this. Or use
the debug ip cef packet all input rate 10 dump command to dump the full packets.
CSCtx71747
Symptom: CPP Ucode crash on ASR1000-ESP40.
Conditions: This has been seen on ASR1006 (RP2) running
asr1000rp2-advipservicesk9.03.02.02.S.151-1.S2.bin. It will impact any systems that use MLRE
(FP40, FP80, and so on).
Workaround: Use the set platform hardware qfp act feature multicast v4mcast lre off* command
or for permanent setting used configuration command: conf> platform multicast lre [on | off].
*This is a temporary solution until the software bug is fixed.
CSCtz38010
Symptom: Platform max numbers for ASR1k NAT44 and NAT64 is not set for KP and FP80.
OL-26698-16
61
Conditions: Scalability numbers are not correct.

CSCtz69527
Symptom: Route not found on UUT for RRI test cases.
Conditions: When the testcase for RRI, reverse-route remote-peer 16.0.0.1 gateway is checked,
route is not found on the router.
CSCtz94286
Symptom: IOS router with enabled ISM-VPN-29 module does not process ESP traffic when GRE
packets are denied on the outside ACL.
Conditions: There are 2 conditions that must BOTH be met to experience this issue: 1. The router
uses an ISM-VPN module, and the module is installed and enabled. 2. There is an ACL on the
'outside' interface of the router that does not permit GRE traffic from the remote IPSec peer.
Workaround: There are 2 work-arounds for this issue: 1. Permit GRE traffic from the remote IPSec
peer or 2. Disable the ISM-VPN module.
CSCua45206
Symptom: Hub router crashes while removing Stale Cache entry.
Conditions: Crash occurs when 2 spokes are translated to same NAT address.
Workaround: Spokes behind the same NAT box must be translated to different post-NAT Addresses.
CSCua54514
Symptom: bqs queue output is different for FP10 and FP80.
Conditions: Output difference is seen while checking the sh plat hard qfp ac fe qos queue out all
d output.
CSCua55423
Symptom: security-association lifetime not reflected in configs and script was expected the lifetime
120 to be reflected while checking for output.
Conditions: security-association lifetime 120 was not reflected in sh run putout.
Workaround: DT need to fix the issue.
CSCua81565
Symptom: ASR1K/RP2/ESP40 on 15.1(3)S3 acting as L2TP BRAS.
Conditions: Periodically the ESP F0/F1 crashes with the reason: %CPPHA-3-FAULT: F0: cpp_ha:
CPP:0 desc:INFP_INF_SWASSIST_LEAF_INT_INT_EVENT0 det:DRVR(interrupt) class:OTHER
sev:FATAL id:2121 cppstate:RUNNING res:UNKNOWN
flags:0x7 cdmflags:0x0.
CSCua82440
Symptoms: FNF records do not get exported when a user reloads the router.
Conditions: This symptom occurs if a user configures a non-default export-protocol, that is,
anything other than "netflow-v9". If the user configures a non-default export-protocol such as IPFIX
or netflow-v5, after saving the configuration to the start-up configuration and reloading the router,
the exporter will not export any records.
62
OL-26698-16
Workaround: Either one of the following methods will fix this issue: 1. Remove and reconfigure the
exporter configuration after reload. 2. Change the export-protocol to the default value (netflow-v9).
CSCua87896
Symptom: qfp exmem is exhausted in the standby fp
Conditions: TCP is used for Sip signalling.
CSCua91473
Symptoms: Memory leak occurs during rekey on the IPsec key engine process.
Conditions: This symptom occurs after rekey, when the IPsec key engine does not release KMI
memory, causing the IPsec key engine holding memory to keep increasing.
Workaround: Clear crypto session for IPsec key engine to release memory.
CSCua94563
Symptom: Traceroute may return * * * instead of host.
Conditions: When going v4->v6 through NAT64 stateful on ASR1k.
CSCub05559
Symptom: on 1ru, after system booted rarely the bootflash (eUSB) gets disconnected. as a result,
the system will reboot as the system cannot stay up without eUSB storage.
Conditions: This can occurs randomly (no specific pattern, but usually after 2~3 days). so this is a
big issue for system stability.
CSCub13983
Symptom: There are 2 calls to mcp-sysinit.
Conditions: This issue is observed all the time.
CSCub19408
Symptom: Router may no longer be accessed through the console port. Power cycle is required to
recover.
Conditions: Console loss occurs randomly when console port is used to enter router configuration.
CSCub58775
Symptom: An ASR1000-system might see a crash of the stby-RP.
Conditions: This could be seen after an OIR of a power-supply and perhaps similar events.
CSCub65151
Symptom: ASR1K CPP crashes when shutting down core facing MPLS intf on NPE.
Conditions: Happens rarely.
CSCub68021
OL-26698-16
63
Symptom: A "show interface" on a SPA interface shows "0" for "unknown protocol drops", yet when
the same interface is polled for ifInUnknownProtocols, a value is returned.
Conditions: Normal polling.
CSCub69414
Symptom: Traceback at FreeUInt64 on booting up router.
Conditions: This symptom is observed on an ASR1006 running mcp_dev towards XE38. On booting
up the router a traceback is seen.
Workaround: Tracebacks are seen because of snmp-server enable traps entity-qfp mem-res-thresh.
Disable the snmp-server enable traps entity-qfp mem-res-thresh.
CSCub73484
Symptom: Standby ESP100 reloaded.
Conditions: 4K IKEv2 IPv6 static crypto map 4k VRF (ivrf = fvrf). Running bi-directional IMIX
CSCub76612
Symptom: the console reports "%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F0: fman_fp_image:
PFR TT Enable download to CPP failed" and prints traceback. also, ASR may reload with fman_fp
core file.
BR.
CSCub82275
Symptom: An ASR 1K may experience reloads on the ESP module due to a CPP driver fault during
an in-2-out NAT translation. Issue has been seen with IOS 15.2S, but not in 15.1S.
Conditions: NAT enabled. No other requirements known.
CSCub85608
Symptom: ASRNAT address leak may occur. This will show a larger number of allocated addresses
in 'sh ip nat stat', then the translations that exist for that address through 'sh ip nat trans'.
Conditions: This issue only occurs when a dynamic route-map configuration is used and the NAT
sub-drop code ESP_CREATE_FAIL is incrementing (there must be ESP traffic).
Workaround: The leaked addresses can be reclaimed periodically by executing a 'clear ip nat trans
*', but that will be disruptive to users so it should be scheduled for off-hours.
CSCub89150
Symptom: Pw with backup.
Conditions: Switch between active/standby pw.
Workaround: Reload the routers.
CSCub89157
Symptom: Message is dropped.
Conditions: This symptom is observed when cause is not equal to 128.
64
OL-26698-16
Workaround: Resend the message.
CSCub89711
Symptom: Atm keyword for the show command disappears.
Conditions: Perform a powered shutdown of the SPA card and bring it back up using no form of the
previous command.
CSCub91178
Symptom: ALG FTP44 doesn't work, and the data path fails to establish.
Conditions: Divide two networks into two vrf, both client and server reside in different network.
Topo: Client --- Gi 0/0/0 --- vasileft 1 --- vasiright 1 --- Gi 0/0/1 ---- Server
(inside)
(outside)
(outside)
(inside)
vrf_in
vrf_out for vrf_in, there's dynamic NAT access-list 10 permit 10.0.0.0 0.255.255.255
ip nat pool in 202.120.0.2 202.120.0.10 prefix-length 24 ip nat inside source list 10
pool in vrf vrf_in overload for vrf_out there's one inside static nat ip nat inside
source static 192.168.0.2 202.119.0.2 vrf vrf_out
Client runs FTP,active mode.
Workaround: Use dynamic NAT instead.
CSCub95141
Symptoms: FP Pending Refs are observed when "cypto map <> local-address loopbackX" is
removed from the configuration when the crypto map is applied on a subinterface.
Conditions: This symptom is observed with the following configuration: crypto map cry
local-address Loopback0 interface GigabitEthernet0/0/0.100 crypto map cry interface
GigabitEthernet0/0/0.200
crypto map cry.
Workaround: Remove "crypto map" from the subinterface first and then remove "crypto map <>
local-address loopbackX."
CSCub97641
Symptom: When netflow test is performed on NAT cgn mode, an abnormal netflow log was found.
This issue is not observed in the default mode.
Conditions: Config as cgn mode: ip nat log translations flow-export v9 udp destination
10.75.163.59 9995 ip nat settings mode cgn.
CSCuc00465
Symptom: Configured permit-error, for 3GPP RLS7&8 req/resp, sessions are created, but for those
unknown/unwanted IE, gtp counter doesn't work correctly.
Conditions: Turn on permit-error.
CSCuc02916
Symptom: IPv6 packet with Hop-By-Hop extension header is dropped when the packet is sent out
to L2TP Virtual-Access interface.
Condition: ASR is configured as L2TP LNS. At that time, EssUnsupPktType drop counter is
incremented.
CSCuc04837
OL-26698-16
65
Symptom: On serial interface the IOS counters for input packets, input errors and aborts increase
even after the interface is administratively shutdown.
Conditions: No specific condition.
Workaround: As this is a corner case situation, un-shutting and shutting down the interface may
resolve the issue.
CSCuc05671
Symptom: The console reports "[aom]: (ERR): Unable to find async context for AOM" and
traceback.
BR.
CSCuc07235
Symptom: When using the call-policy-set copy source x destination y command, the
Conditions: If you copy the policy to a set number that didn't previously exist, this problem does not
occur; it only seems to happen if you reuse a number that was removed previously.
Workaround: Copy to new set number which has not been used before.
CSCuc11853
Symptoms: T1 controller will stay DOWN after switchover.
Conditions: This symptom is seen when SATOP is configured on T1.
Workaround: Perform a shut and no shut.
CSCuc16716
Symptom: This is not a defect but an enhancement, so there are no symptoms.
Conditions: This is an enhancement, so there are no conditions.
Workaround: It is not an defect but only and enhancement.
CSCuc25529
Symptom: Static routes created by RRI are created with the wrong mask for subnet acls.
Conditions: This has been observed on an ASR1k and 7200 running IOS 15.2(4)S and 15.1(4)M.
CSCuc26232
Symptom: Reload indicating "stuck thread" may occur.
Conditions: On clear ip nat translations vrf <vrf-name> *
Workaround: Use clear ip nat trans * This issue exists only on XE3.7.1.
CSCuc31692
Symptom: ASR1K ucode crash with scaled MLPPP configuration with sustained high data rates
across most bundles.
Conditions: Highly scaled MLPPP configuration with sustained high data rates across most bundles.
Problem has only been seen with ESP40. instances of encountering this issue are small as this issue
has only been seen in a lab environment under extremely high data rate conditions.
66
OL-26698-16
CSCuc32543
Symptom: Changes in the configured ppp multilink fragment size or fragment delay are not pushed
down to the data path for Broadband MLPPP sessions. Note that this issue does not apply to MLPPP
over Serial connections.
Conditions: If ppp multilink fragmentation is enabled on a Broadband MLPPP bundle before the
resulting fragment size changes are not pushed down to the data path (that is, the original fragment
size configuration is retained). The IOS show ppp multilink command indicates that the new
fragment size was applied but in fact the new fragment size may not yet be active.
PPP session. This can be accomplished through the clear ppp interface
<Bundle-Virtual-Access-intf-name> command.
CSCuc34574
Symptoms: A pending-issue-update is seen at SSL CPP CERT on the Cisco ASR 1002, ESP-1000
platform.
object-manager fp active pending-issue-update
identifier: 117
Update identifier: 128
Description: SSL CPP CERT AOM show
Object
Number of retries: 0
Number
of batch begin retries: 0
CSCuc40585
Symptom: Ucode crashes when gtp aic inspect packets.
Conditions: GTP aic configured.
CSCuc42083
Symptom: fman_fp Core file seen.
Conditions: Config GreoIPsec with tunnel protection and configure more than 1k route-maps.
Workaround: There is no Workaround.
CSCuc44071
Symptom: GRE keep-alives are going out unencrypted if the Tunnel interface is in "up / protocol
down" state.
Conditions: ASR1K platform (reproduced on 3.4S through 3.7S). GRE/IPsec using tunnel
protection keep-alives configured on GRE/IPsec tunnel - Tunnel interface in protocol down state
because of previously missed GRE keepalives - PIM configured on Tunnel interface - "ip
multicast-routing distributed" configured globally.
Workaround: Disable "ip multicast-routing distributed" (possible performance impact) or remove
PIM configuration from Tunnel interface. The GRE keep-alives will be encrypted as long as there
is no CEF adjacency on the Tunnel interface when in protocol down state (that is, no output from
show adjacency tunnel <number> detail).
CSCuc45528
Symptoms: Incremental leaks are seen at :__be_nhrp_recv_error_indication.
Conditions: This symptom occurs when the NHRP error indication is received on the box. This issue
is seen only if CSCub93048 is already present in the image. CSCub93048 is available from Cisco
IOS Release 15.3M&T onwards.
OL-26698-16
67
CSCuc47399
Symptoms: IKEv2 STOP Accounting records show wrong counters for packets/octets, when the
sessions are locally cleared using clear crypto sa or clear crypto session.
Conditions: This symptom is observed with latest Cisco IOS XE Release 3.8S images when
IKEV2-Accouting is enabled. This issue is easily reproducible with a single session, and may be
service impacting as STOP Accounting records are usually used for billing purposes.
Workaround: The STOP records reflect the right counters when the disconnect is through the
remote-end.
CSCuc57822
Symptom: NBAR classification granularity reduced for some protocols or some protocols may be
classified as unknown.
Conditions: The following command can be used to clearly know if this is the bug at hand: test
platform hardware qfp active feature nbar function sui_gmc_show_chunks_brief. If the
"errors?" column has a non zero value, it is likely caused by the problem described here.
Workaround: Restarting NBAR will typically solve the problem. If a protocol pack is loaded, a
simple way to restart NBAR would be to unload and reload the protocol pack. In order to
workaround the problem and verify that the problem is resolved, use the following steps: 1. Clear
the above counters using the command: test platform hardware qfp active feature nbar function
sui_gmc_reset_counters 2. Verify that the number of errors has been cleared: test platform
hardware qfp active feature nbar function sui_gmc_show_chunks_brief 3. Enter configure
mode: config terminal 4. Unload the protocol pack: no ip nbar protocol-pack
<protocol-pack-filename> 5. Re-load the protocol pack: ip nbar protocol-pack
<protocol-pack-filename> 6. Verify the number of errors is 0: test platform hardware qfp active
feature nbar function sui_gmc_show_chunks_brief.
CSCuc58513
Symptom: Fp reload.
CSCuc60435
Symptom: Packets with single digit MNC are not matched in L7 class-map. Instead counters are
increasing in class class-default Service-policy inspect gtpv1 :
gtpv1_grx_inside_mcc_mnc Class-map: gtpv1_grx_inside_mcc_mnc (match-any) 0 packets,
0 bytes <<<< zero 30 second offered rate 0000 bps Match:
mcc xxx mnc 1 Match:
mcc
xxx mnc 1 Class-map: class-default (match-any) 543464 packets, 11565497 bytes <<<<
30 second offered rate 19000 bps, drop rate 0000 bps Match: any
Conditions: Match criteria in L7 class-map define single digit MNC as follows: class-map type
inspect gtpv1 match-any gtpv1_grx_inside_mcc_mnc
match mcc xxx mnc 1
match mcc
xxx mnc 1.
CSCuc65609
Symptom: During SIP attack, NAT causes ESP lock-up.
Conditions: SIP registration attack.
Workaround: Use ACL to block SIP attack.
68
OL-26698-16
CSCuc67468
Symptom: sh plat h q a f nat data dynbin output gets into a loop.
Conditions: When executed on ASR1K.
Workaround: Use sh ip nat trans and its filters for showing this information.
CSCuc71706
Symptoms: Execution of the show run command and other commands such as copy run start and
show access-list cause the router to stop for a few minutes before completing.
Conditions: This symptom is observed with Cisco ISR G2 routers. This issue is seen only with IPV6
configured and used.
CSCuc74857
Workaround: Add deny ACL to avoid NAT translation of unknown payload addresses in the DNS
PTR query. Turn off dns alg service if possible.
CSCuc75142
Symptom: ucode crash when h323 alg traffic passed through router.
Conditions: Seen with alg traffic.
Workaround: Remove hsl logging.
CSCuc76670
Symptoms: 2X1GE-SYNCE (metronome) SPA does not boot on a 2RU (Cisco ASR 1002).
Conditions: This symptom is observed with Cisco IOS XE Release 3.7S onwards, when metronome
SPA (2X1GE-SYNCE) fails to boot on a 2RU. An error message indicating that the SPA is not
supported is displayed on the RP console.
CSCuc77704
Symptoms: The GETVPN/GDOI Secondary Cooperative Key Server (COOP-KS) does not
download the policy (that is, when the show crypto gdoi ks policy command is issued on the
Secondary COOP-KS and the command output shows that no policy is downloaded) and Group
Members (GMs) registering to the Secondary COOP-KS fail to register without any warning/error
message.
has an IPsec profile configured with one of the following transforms in its transform-set:
esp-sha256-hmac - esp-sha384-hmac - esp-sha512-hmac
Workaround: Use esp-sha-hmac as the authentication transform instead.
CSCuc78320
OL-26698-16
69
Symptom: QFP crashes with icmpv4 error packets when ZBF debugs are enabled (debug platform
hardware qfp active feature firewall datapath global all detail)
Conditions: This condition is observed when ZBF debugs are enabled.
Workaround: Don't enable ZBF debugs with "detail" or "drop" keywords for all traffic. Instead
enable ZBF debugs only for the traffic you'd like to debug. See CSCtf45361 to see how to do it.
CSCuc78499
CSCuc81993
Symptom: Need ikev2 framed route support on server.
Conditions: Need ikev2 framed route support on server.
CSCuc93053
Symptom: WCCP stops working after adding ZBF. We see message of WCCP packets being
redirected but not leaving ASR.
Conditions: ASR with netflow anf ZBF enabled under the same interfaces.
CSCud01905
Symptom: Match not apn is not working.
Conditions: Basic gtp message flow.
CSCud03877
Symptom: After volume rekey, ipsec pd flow set both hard and soft limit of traffic limit to 0.
Conditions: Volume rekey set to 0.
Workaround: Clear crypto session recover volume rekey value.
CSCud16127
Symptom: CPC request message is passed by AIC and sent to another side.
Conditions: IMSI is invalid.
CSCud16274
Symptom: Cpp crash with core dump file and traceback.
Conditions: Session setup rate is 10.
CSCud21773
Symptom: DHCP reply message was dropped in dataplane after RPSO or clear ipv6 neighbor.
Conditions: 1. Setup DHCPv6 binding. 2. Clear ipv6 neighbor/ RPSO and without traffic before
adjacency convergence. The dhcp reply message is dropped in the dataplane.
70
OL-26698-16
Workaround: There are several workarounds: 1. Send downstream traffic to client which will relearn
the neighbor. 2. Clear ipv6 route X::X/prefix <dhcp installing route> to relearn the neighbor. 3.
Client can reconnect after the dhcp session timeout.

Release 3.7.1S
It contains the following topics:

3.7.1S
CSCtt01529
Symptom: A %SPA_CHOCX-3-FATAL_ERROR occurs on hard online removal of
SPA-1XCHSTM1-OC3 when controller of the SPA is configured as net-sync clock source on the
Cisco ASR1002-X router.
Conditions: This issue occurs when controller of SPA-1XCHSTM1-OC3 is configured as the active
network-clock input source.
Workaround: Avoid hard removal of the SPA when SPA-1XCHSTM1-OC3 is selected as the current
active clock input. However, insterting the SPA in the same subslot after the occurrence of this error
does not affect the netsync capability. Therefore, the error while SPA removal can be neglected.
CSCtt11188
Symptom: The BITS IN clock with RP switchover stays locked even with Alarms On link on
ASR1002-X.
Conditions: When BITS IN is active clock source for the system and RP switchover occurs, the BITS
IN with Active Alarms ON, is seen as active clock source.
CSCuc54129
Symptom: The request platform software package install rp 0 snapshot to harddisk command
saves subpackages to bootflash instead of hard disk.
Conditions: This issue is seen only on the ASR1002-X router.
Workaround: Use the bootflash instead for this option.
CSCuc15992
Symptom: Multiple cpp_cdm tracebacks occur while CPP microcode is being collected in a crash
dump file.
OL-26698-16
71
Conditions: These tracebacks occur while collecting a CPP microcode is being collected in a crash
dump file.
Workaround: There is no workaround. However, the cpp_cdm tracebacks do not have any impact on
the working of the router and can be ignored.
CSCtz08687
Symptom: When the command show platform hardware qfp active datapath utilization, is
execute on CSR1000v platform, te output always shows the Processing: Load (pct) as 100%.
Conditions: This issue occurs when show platform hardware qfp active datapath utilization is
executed.
Workaround: Use the show platform so status control-processor bri command. CPU 2 and CPU
3 form the data plane. For example:
VXE-21#sh pl so status control-processor bri
Load Average
Slot Status 1-Min 5-Min 15-Min
RP0 Healthy
1.15
0.59
0.44
Memory (kB)
Slot Status
RP0 Healthy
Total
3988596
CPU Utilization
Slot CPU
User System
RP0
0
0.50
2.30
1
0.50
0.70
2 22.50
7.10
3 23.30 21.20
Used (Pct)
2675940 (67%)
Nice
0.00
0.00
0.00
0.00
Idle
2.00
98.79
0.00
25.30
Free (Pct) Committed (Pct)

1312656 (33%)
2504260 (63%)
IRQ
17.90
0.00
0.00
0.00
SIRQ IOwait
77.30
0.00
0.00
0.00
0.40
0.00
30.20
0.00
CSCtw74124
Symptom: For a slot housing the Cisco ASR1000-SIP40, or on a Cisco ASR1002-X, the output of
the show platform hardware slot <slot#> plim buffer settings detail command always shows the
value of Max always as 0 in the "Fill Status Curr/Max" filed, even when the Rx buffers have been
utilized.
Conditions: When the SPA Aggregation ASIC has been flow controlled by the Network Processing
Unit, the buffers inside the SPA Aggregation ASIC will start filling up.
CSCtx89616
Symptom: The BITS output network clock configuration sends an invalid QL value when it is
configured for the first time on a back-to-back Cisco ASR1002-x setup.
Conditions: This issue is observed after the router reloads with configuration of the BITS e1 output
network clock source. The reloaded router sends QL-INV to the remote end.
Workaround: Reconfigure BITS e1 output network clock source.
CSCty21018
Symptom: Network boots from ROMMON may occasionally run very slowly. Sometimes, booting
from a "tftp:" device may appear to stall or run very slowly.
Conditions: This issue occurs when a user attempts to boot from a "tftp:" device.
Workaround: In nonautoboot situations where the console port is connected, and under user
supervision, perform a reset.
72
OL-26698-16
If the system is configured to auto boot, reconfigure the TFTP_TIMEOUT environment variable
from its present value to a value longer than the expected boot time, considering the network and
server load. If the system finds itself in this slow-booting mode while auto booting, the transfer will
time out, and autoboot will reset and attempt to net boot the file again.
A value of 300 seconds can be chosen as a suggested starting value. From the ROMMON prompt
run:
TFTP_TIMEOUT=300
sync
Note
This caveat pertains to the 15.2(4r)S1 ROMMON release.

CSCty49537
Symptom: When IPX traffic is introduced at 150 KPPS and the punt policer is changed from
40KPPS to the highest limit, which is 146 KPPS, lsmpi-rx consumes more CPU resources and tail
drops occur.
Conditions: This issue occurs when punt traffic is introduced at high rates while the punt policer is
modified from the default setting.
Workaround: Do not maintain a high punt packet traffic rate.
CSCtz64939
Symptom: Cisco ASR1000 RP2 and Cisco ASR1001 may report the following message:
%IOSXEBOOT-1-BOOTFLASH_FAILED_MISSING: (rp/0): Required Bootflash disk failed or
missing, reloading system.
The reload of the system recovers the device. There is no loss of data due to the device disconnect.
In a redundant hardware configuration, there is no loss of service, and the standby takes control
when the active system reloads. In a dual IOSd configuration, the platform reloads fully. If the eUSB
is inaccessible during boot, an additional reload may occur, resulting in a longer-than-expected boot
time.
Conditions: This error may occur when an embedded eUSB device is a part of the configuration.
Workaround: There is no workaround to avoid the disconnect of the boot flash device. Since the boot
flash device is monitored as a critical device for correct system operation, it is necessary to reload
the system to reset and recover the device.
CSCua10477
Symptom: The Cisco ASR1002-X router with large numbers of MLPPP bundles may experience a
crash preceded by the following message, followed by a traceback and eventual reload of the router:
%CPPOSLIB-3-ERROR_NOTIFY: SIP0: cpp_cp:
cpp_cp encountered an error
Conditions: This issue occurs on Cisco ASR1002-X router with large numbers of MLPPP bundles.
Workaround: Keep the number of single-link MLPPP bundles under 4000, and the total number of
multimember MLPPP bundles under 2000.
CSCua20029
Symptom: The show platform hardware qfp active feature epc client statistics 0 command does
not respond.
Conditions: This issues occurs while using command in multi terminal.
Workaround: Use one terminal.
OL-26698-16
73
CSCua82440
Symptom: FNF records do not get exported.
Conditions: The Cisco ASR 1002-X router boots with preconfigured FNF exporter when export
protocol is IPFIX and the platform is RP1 or ASR1002-X.
Workaround: Reconfigure exporter.
CSCub09099
Symptom: When BGP MDT address-family is configured with one or more VRF having mdt default
x.x.x.x with 4000 VRF, out of which 400 VRF have "mdt default x.x.x.x" and with 8000 BGP
neighbors in VRF (4K IPv4 & 4K IPv6), then router takes approximately 30 minutes to apply the
configuration.
Conditions: This issue occurs if configured neighbors are under BGP VRF address-family with
update-source command, that is neighbor X.X.X.X update-source interface.
Workaround: Do not use neighbor X.X.X.X update-source interface under BGP VRF
address-family.
CSCub17584
Symptom: IOSD crashes occur with 1000 MVPN sessions. When the sessions are cleared, all the
IGMP joins are released, then the sessions are brought up. When about 400 to 500 IGMP sessions
join, a crash is screen.
Conditions: This issue occurs when you clear 1000 MVPN sessions on LAC using the command
clear pppoe.
CSCub24053
Symptom: The BPS and PPS information shown in the output of show platform hard qfp active
data utilization is inaccurate for ASR1002-X and ESP100.
Conditions: There are no specific conditions under which this symptom occurs.
CSCub38910
Symptom: COOP failure messages are seen continuously on a standby RP. However, there is no
impact on the functionality of the standby RP. This is an erroneous messaging issue.
Conditions: This issue is seen on a HA setup.
CSCub70590
Symptom: Flapping BGP and IOSD crash occur during the LNS sessions.
Conditions: This issue occurs during the LNS sessions.
CSCuc16125
Symptom: Packet drops may occur and syslog errors may be displayed during ISSU.
Conditions: This issue is observed during ISSU.
CSCtz49200
74
OL-26698-16
CSCtz96167
Symptoms: QoS DSCP cases fail.
Conditions: The symptom is observed with a QoS profile, which has DSCP as 31 configured under
SBE and DSCP bit set as zero.
CSCua01641
Symptom: NAS-IP address appears as 0.0.0.0 in the RADIUS Accounting-on packet when the Cisco
ASR 1002-X router is restarted:
*May 17 14:34:22 JST:
*May 17 14:34:22 JST:
id 1646/1, len 48
*May 17 14:34:22 JST:
7B 92 4D
*May 17 14:34:22 JST:
*May 17 14:34:22 JST:
[7]
*May 17 14:34:22 JST:
<<======Here!!!
*May 17 14:34:22 JST:
*May 17 14:34:22 JST:
*May 17 14:34:22 JST:
seconds
*May 17 14:34:22 JST:
*May 17 14:34:23 JST:
*May 17 14:34:23 JST:
RADIUS(0000000C): Sending a IPv4 Radius Packet

RADIUS(0000000C): Send Accounting-Request to 172.16.100.231:1813
RADIUS:
authenticator F5 0C 46 BF 31 52 28 10 - 6D 9E B3 5A C8
RADIUS:
RADIUS:
Acct-Session-Id
Acct-Status-Type
[44]
[40]
10 "00000001"
6
Accounting-On
RADIUS:
NAS-IP-Address
[4]
0.0.0.0
RADIUS: Acct-Delay-Time
[41] 6
0
RADIUS(0000000C): Started 3 sec timeout
%SYS-6-BOOTTIME: Time taken to reboot after reload =
170
%ASR1000_OIR-6-INSSPA: SPA inserted in subslot 0/0

%CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF
%CRYPTO-6-GDOI_ON_OFF: GDOI is OFF
Conditions: This issue occurs when you restart the router.

CSCua20373
Symptom: After SSO, all the GRE tunnels show that the admin is down and stay down until the
SSC-600/WS-IPSEC-3 security module comes up. Complete traffic loss occurs during this time.
Conditions: This issue occurs when vanilla GRE tunnels are configured in the system where HA and
IPsec Module SSC-600/WS-IPSEC-3 card are present, and SSO is issued.
CSCua21049
Symptom: Recursive IPv6 route does not get installed in multicast RPF table.
Conditions: There are no specific conditions for the occurrence of this symptom.
CSCua21238
Symptom: IOSD crashes are observed when ipv6_address_set_tentative is run.
Conditions: This issue occurs while unconfiguring IPv6 subinterfaces.
CSCua29001
OL-26698-16
75
Symptom: When ANCP ports are brought up to the UP,SHOWTIME state, ANCP truncation occurs
only on Active RP. The downstream rate is not truncated on the standby RP, and the associated QinQ
interface policy map fails to be created on the standby RP.
Conditions: This issue occurs on the Cisco ASR1000 with "ancp truncate 32" configured.
CSCua31934
Symptoms: Crash occurs when the tunnel interface is removed from the hub and is added back again
using config replace nvram:startup-config.
It occurs one out of three times and is a timing issue.
DMVPN tunnel setup, where Cisco 2901 Integrated Services Router is a spoke and a Cisco ASR
1000 Series Aggregation Services Router is a hub.

Pass IPv4 and IPv6 traffic between the hub and the spoke for 5-10 minutes.
If you remove the tunnel interface on a Cisco ASR 1000 Series Aggregation Services Router
and add it again using conf replace nvram:startup-config command, a crash will occur.
Workaround: Use CLI to change configuration instead of the rollback feature.
CSCua46304
Symptom: A crash occurs at __be_nhrp_group_tunnel_qos_apply decode.
Conditions: This issue occurs when you flap a DMVPN tunnel on the hub in a scale scenario.
CSCua59573
Symptom: A CPP crash observed in VPLS setup.
Conditions: The issue is seen in VPLS setup.
CSCua64676
Symptom: The MVPNv4 traffic does not flow properly from the remote PE to the UUT.
Conditions: With Agilent traffic on, the removal or addition of MDT configurations for the MVRFs
configured on the UUT, MVPNv4 traffic does not flow properly from the remote PE to the UUT.
CSCua85239
Symptom: Flapping BGP sessions are seen when route-map is changed, before or after mpls-ip or
mtu is configured.
Conditions: The issue is seen between two BGP peers with matching MD5 passwords configured,
and can be triggered by either of the following conditions:
Removing and including again route-map with mpls-ip configuration for the BGP peering on
one side of the peering.

Removing and re-adding route-map with mtu configuration for the BGP peering on one side of
the peering.
CSCua91473
76
OL-26698-16
Symptom: A crypto_kmi_add_data_to_pyld memory leak occurs during the IPSEC key engine
process.
Conditions: This issue occurs when the IPSEC key engines holding memory is increased.
CSCub01494
Symptom: The AD in the route installed by a client is not updated to the configured value.
Conditions: When the ip route 0.0.0.0 0.0.0.0 dhcp 5 command is configured, AD is not updated
to 5.
CSCub04112
Symptom: The Cisco ASR 1002-X may lose OSPF routes pointing to the reconfigured OSPF
interface.
Conditions: This issue occurs during the quick removal and addition of the interface IP address.
Workaround: Insert a short delay in between the tasks of removing or adding the IP address. The
delay should be bigger than the wait interval for LSA origination, which is 500 ms by default.
Refresh routing table by running the clear ip route * command.
CSCub05559
Symptom: On Cisco ASR 1001 router, after the system boots, the bootflash (eUSB) gets
disconnected. As a result, the system reboots because the system cannot stay up without eUSB
storage.
CSCub07855
Symptom: A VRF error message occurs in the Cisco ASR 1002-X Router.
Conditions: This issue occurs during the bootup of the router.
CSCub23971
Symptom: An access request sent by a BRAS might not contain ANCP attributes.
Conditions: This issue is seen, if an ANCP-enabled subinterface is set up for the first time or gets
removed or included again.
Workaround: Reconfigure the ANCP neighbor name.
CSCub31477
Symptom: The ISG router configured for the Layer 2 connected subscriber sessions does not
respond to ARP replies, after a subscriber ARP cache has expired.
Conditions: This issue occurs when a router is configured with HSRP.
Workaround: Clear subscriber session. After the corresponding subscriber session is reintroduced,
this issue is resolved. Alternatively, configure the IP proxy ARP on the HSRP configured interface.
CSCub69764
Symptom: After router reload, all PADIs fail on QFP and autovc stays down.
Conditions: This issue occurs intermittently, approximately once every 50 reloads, after full chassis
reload.
OL-26698-16
77
Workaround: Reload the chassis.
CSCub73177
Symptom: The RP crashes.
Conditions: This issue occurs when the Cisco 1002-X Router reloads.
CSCub82275
Symptom: A Cisco ASR 1000 Series Aggregation Services Router may experience reloads on the
ESP module due to a CPP driver fault during an in-2-out NAT translation. This issue is seen with
IOS release15.2S, but not in release15.1S.
Conditions: This issue occurs when NAT is enabled.
Workaround: Disable NAT or downgrade to a release 15.1.
CSCub86296
Symptom: With OSPFv2 running between a Cisco ASR 903 router and a Cisco 7609 router, if you
reset OSPF on Cisco ASR 903 router with clear ip ospf process, multiple OSPF and BFD flaps
occurs, which last up to 3 minutes.
Conditions: This issue occurs when ASR903 has BFD and static routes as BFD client.
Workaround: Have a symmetric BFD client configuration.
CSCub86706
Symptom: After a multiple RP switchover, router crashes with the following message:
UNIX-EXT-SIGNAL: Segmentation fault(11), Process = BGP HA SSO
Conditions: This issue occurs when mVPN is with 500 VRF and multiple switchovers are performed
on PE1.
CSCub94825
Symptom: After a Cisco IOS-XE bootup, there are no static reverse routes inserted as a result of
applying or installing an HA crypto map. The same issue is present on the HSRP standby device,
that is, the static RRI routes do not get installed when a failover occurs. The show cry map command can be used to verify if RRI is enabled. The show cry route - command can be used to
determine if RRI has occurred and if its been done correctly.
Conditions: This issue occurs on Cisco IOS-XE 3.5 to 3.7 VRF-aware IPSec with stateless HA and
static RRI IPv4.
Workaround: Removing and re-entering the reverse-route static command into the configuration
triggers the route insertion.
CSCub99222
Symptom: Standby RP reloads continuously when a RP switchover is executed on a Cisco ASR 1000
Series Aggregation Services Router as PE with about 2500 BGP sessions with IPv4 or IPv6.
Conditions: This issue occurs on Cisco ASR 1000 Series Aggregation Services Router as PE with
2500 BGP sessions (IPv4 or IPv6).
CSCuc09483
78
OL-26698-16
Symptoms: Under certain conditions, running a TCL script on the box, may cause software
traceback and reload of the affected device.
Conditions: This issue occurs when privilege 15 user run TCL commands that may lead to an
affected device reloading.
CSCuc13708
Symptom: Cisco ASR 1000 Series Aggregation Services Router looses mapping for accounting
feature on ISG users.
Workaround: The command clear sss session all solves the issue.
CSCuc13992
Symptom: The IOSD process crashes because of segmentation fault: UNIX-EXT-SIGNAL:
Segmentation fault(11), Process = PPP Events.
Conditions: This issue occurs when BRAS functionality is configured, and the configuration
includes ISG and PPPoE session termination includes ISG and PPPoE session termination.
CSCuc26799
Symptom: A Cisco ASR 1000 Series Aggregation Services Router may reload when deployed as an
ISG.
CSCuc27343
Symptom: The multihop L2TP tunnel fails to establish after enabling the ISG control policy under
the virtual template interface for PPPoE users.
Conditions: If the ISG control policy is not empty and the service is configured, multihop L2TP
tunnel fails to establish.
Workaround: Remove the ISG control policy.
CSCuc33626
Symptom: 15.2(2)S2 local policy routing issue occurs from PE to CE.
Conditions: This issue occurs when MPLS Multi-VRF Selection with PBR is configured on PE.
CSCuc40448
Symptom: Audio fails on hair-pinned calls back from the CUBE to a SIP Provider.
Conditions: This issue is when you upgrade to IOS release 15.2.(2)S.
Workaround: Modify the diversion header on the transfer leg invite.
CSCuc40585
Symptom: Ucode crashes when GTP AIC inspects packets.
Conditions: This issue occurs when the GTP AIC is configured.
CSCuc42083
OL-26698-16
79
Symptom: The fman_fp Core file is displayed.

Conditions: This issue occurs when Config GreoIPsec is configured with tunnel protection and more
than 1000 route-maps are configured.
CSCuc51559
Symptom: The following message is displayed at startup:
IOSXEBOOT-1-OOTFLASH_FAILED_MISSING
Occasionally, upon system startup, the bootflash storage device may not be discovered by the system
software. A log message to that effect is shown on the console, and after a delay, the system will
reboot.
Conditions: This occurs during normal operations of the Cisco AS 1002-X Routers.
Workaround: No workaround is required. The system reboots itself after some delay, and the
bootflash device returns to service automatically.
Note
This caveat pertains to 15.2(4r)S1 ROMMON release.

CSCub58483
Symptom: The radius-server attribute 6 on-for-login-auth command is not configurable any
more.
Conditions: There are no specific conditions under which this issue occurs.
CSCuc03831
Symptom: The system does not save logs and the reset reason is displayed as LocalSoft.
Conditions: This issue occurs when combined architecture platforms (ASR 1001, 2KP & Overlord,
and so on) have the CC or FP sections reset the hardware.
CSCub64168
Symptom: On the Cisco ASR 1001 router, bootflash disconnects and reconnects. As a result, there
is loss of bootflash contents.
Conditions: This issue occurs after approximately 64 reloads of the Cisco ASR 1001 router.
CSCub01494
Symptom: The AD in the route installed by a client is not updated to the configured value.
Conditions: When the ip route 0.0.0.0 0.0.0.0 dhcp 5 command is configured, AD is not updated
to 5.
CSCuc40682
Symptom: The active RP crashes on the LNS with the Process SSS Mgr when the LAC is reloaded.
Conditions: This issue occurs when the LAC is reloaded.
80
OL-26698-16

Release 3.7.1S
Release 3.7.1S.
CSCua27722
Symptom: The Netflow TimeStamp may show time drift compared to NTP time. This effect is equal
to approximately 50 seconds of lost time per day.
Conditions: This issue occurs when the flexible Netflow runs on either an ESP40-based Forwarding
Processor or on a Cisco ASR 1001 router.
Workaround: There is no workaround, but when the time skew exceeds 10 minutes, Netflow
TimeStamp self-corrects.
Note
This caveat pertains to 15.2(4r)S1 ROMMON release.

CSCsz65576
Symptom: One or more linecards may fail to boot in a Cisco ASR 1000 router with an RP2 or there
may be an error with the EOBC. %CMFP-3-STANDBY_EOBC_LINK_ERROR: F0: cman_fp:
Standby EOBC link error detected.
Conditions: This issue is observed with certain combinations of RP2 and ESP10.
Workaround: There is no workaround, but the issue is not seen with an ESP20.
CSCti62247
Symptom: If a packet is sent to a null interface, an Cisco ASR 1000 router does not respond with an
ICMP packet.
Conditions: This issue occurs when a prefix is routed to the null interface.
CSCty05282
Symptom: After some reloads, the last reload reason in show version output is seen as LocalSoft.
Conditions: The conditions under which these symptom is observed is unknown.
CSCty55408
Symptom: Pending issues and acknowledgments are observed after unconfiguring and then
reconfiguring the same scale configuration while traffic is running.
Conditions: This issue occurs after configuring four overlays with 500 EFPs per overlay, setting up
the traffic as described in the DDTS start traffic, removing the overlay and EFP config, and copying
the same config back on one of the otv routers.
CSCtz70973
Symptom: Unexpected reload of Cisco ASR1002-X router or ESP100 occurs.
Conditions: This issue is typically observed when large numbers of interfaces are present.
OL-26698-16
81
CSCtz74060
Symptom: The output of the show platform hardware qfp active feature ess state command is
showed in XML format during ISSU subpackage downgrade from XE3.7.0 to earlier releases on
Cisco ASR 1004 router. This issue does not impact functionality.
Conditions: This issue occurs during an ISSU subpackage downgrade.
CSCua08206
Symptom: VCs that are configured with VPLS on the standby RP appear in down state.
Conditions: This issue occurs during core link flap.
Workaround: Run the clear xcon all command.
CSCua13418
Symptoms: RP-Announce packets are replicated across all the tunnel interfaces and the count of
replication is equal to the number of tunnel interfaces. For example, if there are 3 tunnel interfaces,
then each tunnel should forward 1 RP-Announce packet each minute (with the default timer
configured). However, in this case, each tunnel is forwarding 3 RP-Announce packets across each
tunnel interface. This issue is not specific to the number of interfaces. It can happen with any number
of tunnel interfaces.
boundary command. This issue is seen on the Cisco 3725 router too, where the incoming packets
are being replicated because of the filter-autorp command.
Workaround: Removing filter-autorp resolves the issue. However, you need to remove the pim and
boundary commands first and then reapply the pim and boundary list without the filter-autorp
keyword. Also, doing this might lead to redesigning of the topology to meet specific requirements.
int Tun X no ip pim sparse-dense mode no ip multicast boundary XXXXXX filter-autorp int TuX ip
pim sparse-dense mode ip multicast boundary XXXXXX.
CSCua27842
Symptoms: The Cisco ASR 1000 router crashes in Firewall code due to NULL l4_info pointer.
Conditions: This symptom occurs when the Cisco ASR 1000 router acts as the MPLS L3VPN UHP.
It crashes because FW/NAT requires the l4_info to be set.
CSCua49474
Symptom: Some TCP segments of particular length may be forwarded with wrong packet payload
if NAT is configured.
Conditions: This issue is caused by NAT-configured packets are TCP segments of particular length.
Workaround: configure ip tcp adjust-mss to a smaller value than the current tcp flow.
CSCua59268
Symptom: When an ESP switchover happens in an intra or inter box setup, sometimes the standby
ESP gets stuck and does not come up properly.
Conditions: The show redundancy application group <grp-number> command shows the RF state
as STANDBY COLD-BULK.
Workaround: This issue can be solved by reloading the standby.
CSCua68211
82
OL-26698-16
Symptom: Sub-classification of HTTP traffic (for example, by host or url) does not work on the first
transaction of the HTTP flow and matches on the second request.
Conditions: Only happens when all protocols or specific protocols on top of HTTP are enabled sharepoint, audio-over-http, video-over-http, windows-azure, oracle-ebsuite-unsecured, bittorrent
Workaround: If you are using subclassification on HTTP, avoid using protocol discovery, FNF or
specifically enabling other protocols which run over HTTP.
CSCua69725
Symptom: Pending objects and traffic loss occur on cell packed interfaces.
Conditions: This issue occurs during router reload.
CSCua72048
Symptoms: When configuring ipv6 vfr max-fragmentation in/out at no-default value, the ESP
reloads with traceback.
Conditions: This symptom is observed when ipv6 vfr max-fragmentation in/out is configured at
no-default value.
CSCua79516
Symptoms: SYN packets to establish ftp-data connections are sporadically dropped at the Cisco
ASR router.
Using the active mode FTP.
Using PAT.
The symptom is observed on Cisco ASR 1000 Series Aggregation Services Routers.
Workaround 1: Use the passive mode FTP. Workaround 2: Use the static NAT/dynamic NAT
configuration.
CSCua85116
Symptom: Under certain conditions, ESP may reload and ESP forced switchover may happen.
Conditions: This issue occurs on ESP20 and RP2 with 200 branches, and two BRs each with two
exits, and with delay-flap on over one of ISP link.
CSCua90577
Symptom: VRF-aware IP SLA with ICMP probes fail.
Conditions: The Cisco ASR 1000 Series Aggregation Services Router, which is PE, is configured to
send ICMP Ping probes to a certain mpls VPN destination. The Ping is received back from the
destination but ip-sla shows continues failures. Manual Ping via CLI fails as well.
Workaround: The workaround is to shut/unshut the ICMP source interface (Loopback) or
deconfigure and reconfigure the VRF on the loopback interface. If the router is being reloaded, the
same problem is seen again.
CSCua92557
Symptoms: The active FTP data channel sourced from the outside may not work as expected. Other
protocol inspections that expect pinhole or door for connections initiated from the outside may be
affected as well.
OL-26698-16
83
Conditions: This symptom was first identified on the Cisco ASR router running Cisco IOS Release
15.1(3)S3 with VASI VRF PAT FW. This issue is seen when the FTP client is on the inside and the
active FTP server is on the outside.
Workaround: To resolve this issue, use static NAT.
CSCua96209
Symptom: Dropped fragments are observed.
Conditions: This issue occurs with fragmented traffic in CGN mode.
CSCua99060
Symptom: Back to back FR is observed.
Conditions: This issue occurs when the router is reloaded.
Workaround: Perform shut/no shut the FR interface.
CSCua99409
Symptom: ESP reload with fman-fp error occurs.
Conditions: This issue occurs when crypto map from interface is unconfigured and there is double
ACL in the crypto map
CSCub00822
Symptom: Output of show sbc call-stats all current always shows as 15 minutes.
Conditions: This issue occurs when adjacencies are more in numbers with running calls.
CSCub01576
Symptoms: ESP reloads on the Cisco ASR 1000 Series Aggregation Services Routers due to ucode
crash.
Conditions: This symptom is observed on the Cisco ASR 1000 router where the Layer 4 Redirect
feature is configured. This problem was first introduced in Cisco Release 15.2(01)S. This issue may
be not seen at all in some customer environments to about once a week in medium-sized high CPS
ISG production networks.
CSCub07679
Symptom: The router may crash or generate datapath trace-back.
Conditions: This issue occurs when one of the following conditions is met: 1. MMON (Media
Monitoring) is enabled. 3. NBAR is enabled and NBAR is configured to look into IPv6 tunnels,
using the one or both of the following CLI commands: a. ip nbar classification tunneled-traffic
ipv6inip b. ip nbar classification tunneled-traffic teredo
Workaround: 1. Disable MMON. 2. Disable NBAR classification of tunneled traffic: # no ip nbar
classification tunneled-traffic ipv6inip # no ip nbar classification tunneled-traffic teredo
CSCub17585
Symptom: System crash and reboot occur with AVC1.0.
Conditions: This issue occurs when FNF collects HTTP fields such as host, for example, with
AVC1.0. The crash occurs infrequently in context of MSN traffic.
84
OL-26698-16
Workaround: Remove the HTTP fields from the FNF records.
CSCub18741
Symptom: Fragmented SIP packets may be dropped due to FirewallInvalidZone.
Conditions: This issue occurs when NAT and Firewall is configured in VASI interface. In such a case
SIP payload needs to be translated and the length of translated ip address is different from the prenat
address or PAT is configured.
CSCub19477
Symptom: Default sessions do not establish when you apply VRF as a service to the default policy.
VRF can only be applied to a default session by assigning a VRF on the access-interface. However
with dedicated sessions, one cannot apply a VRF on the access-interface and VRF transfer at the
same time. Thus if we require VRF transfer on dedicated sessions, we need VRF transfer on lite
sessions as well.
Conditions: This issue occurs when access-side interface is in the default VRF, VRF is applied as a
service to the default policy.
CSCub23298
Symptom: Multicast traffic over PVC Bundle always goes to prec 0 pvc.
Conditions: This issue occurs when multicast over PVC bundle is configured.
CSCub25362
Symptom: FP crashes with certain mulitcast config, on reloading the Cisco ASR 1000 router with
RP2.
Conditions: This issue occurs when the router is reloaded.
CSCub25419
Symptom: The Cisco ASR 1000 router ESP may crash at pfr_tt_ll_resp_cb when introduce delay
and flapping for TC, that is, clear pfr master border * on MC.
Conditions: Running PfR DMVPN setup with scaled number of branches, and clear pfr master
border * on MC.
Workaround: No PfR session flapping solves this issue.
CSCub27029
Symptom: The command sh ip nat trans causes error message or crash.
Workaround: Downgrading to any version earlier than XE3.6.0 release solves the issue.
CSCub34128
Symptom: Ucode crash occurs followed by FP crash seen on sending GTP traffic.
Conditions: This issue occurs while sending traffic from SGPRS simulator.
CSCub35526
OL-26698-16
85
Symptom: The plim qos input queue command reflects on all int of the same spa.
Conditions: The configuration reflects for all the interfaces on the spa.
CSCub36301
Symptom: BFD sessions go down during FP switchover.
Conditions: This issue occurs when the peer is a Cisco ASR 1000 router with large BFD sessions.
CSCub39131
Symptom: Packets are dropped.
Conditions: This issue occurs with 5 cps basic sip call.
Workaround: Reduce the traffic load from 5 cps to 2 cps.
CSCub51279
Symptom: The Cisco ASR 1000 router resets its FP with FW NAT feature combination.
CSCub53087
Symptom: High number of GTPv0 and GTPv1 packet drops occur with "GTP permit-error" OFF.
On ASA, this feature can be turned ON.
Conditions: This issue occurs with zone-based firewall for GTP traffic configured and GTP
permit-error OFF.
CSCub54686
Symptom: HS_logger crashes with IPFIX export of long URL
Conditions: This issues occurs when long URLs are present.
CSCub55948
Symptom: The Cisco ASR 1000 router crashes due to fragmented ICMP packets on BDI5.
Workaround: 1. Increase the MTU size at adjacent router which is connected with this ASR. 2.
Under the interface BDI, use access-list to deny those icmp packets destined to subnet broadcast
address.
CSCub58238
Symptom: FP crashes on loading ATM VC bundle configuration
Conditions: The issue is seen on configuration around 200 ATM VC bundles.
Workaround: There is no workaround. FP stabilizes after the initial crash.
CSCub62988
Symptom: Consecutive crashes occur.
Conditions: This issue occurs on a Cisco ASR 1000 router with ESP10 with IOS 15.2(2)S release.
86
OL-26698-16
CSCub66957
Symptom: ESP40 crashes when traffic hits the router.
Conditions: This issue occurs on basic LSM setup of PE-P-PE.
Workaround: Disabling LRE fixes the issue.
CSCub68200
Symptom: FP may crash while flapping sessions with ISG services, or flapping the ISG services
themselves.
Conditions: This behavior might be seen on a Cisco ASR 1000 router running 15.1(2)S images or
later. The ISG services involved must be Traffic Class services, and they may have any of L4R,
DRL/Policing, or accounting-based features applied. The behavior may be seen when such services
are quickly added and removed from a subscriber.
CSCub73403
Symptom: Bad voice quality is observed.
Conditions: This issue is observed on RP1, ESP10, or SIP10 when there are multiple spas present
and transcoding is active.
CSCub83960
Symptom: After the second RP switchover, mcast traffic stops forwarding by PE.
Conditions: This issue occurs in mVPN topology, during mcast traffic sending, while performing RP
switchover on PE1.
Workaround: Use clear ip mroute * command to make the global MDT mroute re-built can restore
mcast traffic before/after the second switch-over.
CSCub85159
Symptom: GTPv0 request drops and fails to create session.
CSCub91150
Symptom: Ping to SBC interface from a Cisco ASR 1000 router fails.
Conditions: This issue may occur in any of the following conditions:
SBC interface is created with netmask /32
SBC is activated
Workaround: Deactivate sbc, delete sbc interface, and re-create it again.
CSCub94985
Symptom: CHSTM (prowler) spas serial interface shows down due to C2 byte mismatch.
Conditions: This issue is seen in releases 15.2(01)S, 15.2(02)S and 15.2(04)S.
OL-26698-16
87
CSCub96576
Symptom: Reload may occur on a Cisco ASR 1000 router NAT.
Conditions: This issue may occur while removing static rmap mapping.
CSCub99205
Symptom: Mod F: Shaper becomes inactive when policy-map is removed and added back on a
subinterface.
Conditions: This issue occurs when policy-map is removed and added back on a subinterface.
Workaround: Changing shaper value reactivates shaper.
CSCuc10081
Symptom: Upgrade or downgrade ISSU fails.
Conditions: This issue is seen on devices with versions 3.7.x or later.
CSCuc13500
Symptom: CPP Crashes seen on Active and Standby FP following RP switchover.
Conditions: This issue occurs after RP switchover.
CSCuc16623
Symptom: After changing the grandparent shape rate through ANCP, traffic is not shaped to the new
rate.
Conditions: This issue occurs on PPPoE model F Qos.
CSCuc26434
Symptom: RP information is not learned when Auto-RP is configured and the MA and RP candidate
are on different PE.
Conditions: This issue occurs when MA and RP candidate are on different PE.
CSCsq83006
Symptoms: When some port-channels go down at the same time on a router, it can cause EIGRP SIA
errors.
Conditions: The symptom occurs with full mesh four routers which are connected via port-channels.
Additionally, it occurs with over five routers which are connected via a partial mesh port-channel.
Workaround: Use the following port-channel interface settings:
(config)# interface port-channel <port-channel interface number>
(config-if)# bandwidth <bandwidth value>
(config-if)# delay <delay value>
CSCtg47129
Symptoms: Memory leaks are observed on the Cisco CMTS router when NAT is configured.
Conditions: This issue is observed with packets that need NAT in a VPN Routing and Forwarding
(VRF) environment.
88
OL-26698-16
CSCto87436
Symptom: A Cisco device running IOS may crash due to a watchdog timeout with the following
error messages:
%SYS-3-CPUHOG: Task is running for (126004)msecs, more than (2000)msecs (30/1),process
= SSH Process. -Traceback= 0x63D827CCz 0x6496A670z 0x649774CCz 0x649776A0z 0x6497777Cz
0x6496BCFCz 0x6496BEA4z 0x6496BFF8z 0x61E122A0z 0x61DFC6CCz 0x61DFCF94z 0x61DFF270z
0x61DFC5F8z 0x61E980E0z 0x61E984ACz 0x61E3DF6Cz %SYS-3-CPUHOG: Task is running for
(128004)msecs, more than (2000)msecs (31/1),process = SSH Process. -Traceback=
0x63D7AA5Cz 0x62A47F68z 0x62A48500z 0x62A45F9Cz 0x649774E8z 0x649776A0z 0x6497777Cz
0x6496BCFCz 0x6496BEA4z 0x6496BFF8z 0x61E122A0z 0x61DFC6CCz 0x61DFCF94z 0x61DFF270z
0x61DFC5F8z 0x61E980E0z
%SYS-2-WATCHDOG: Process aborted on watchdog timeout,
process = SSH Process.
Conditions: This issue occurs when there the response from the client is slow.
Workaround: Close the connection.
CSCtr45287
Symptoms: Router crashes in a scale DVTI scenario.
Conditions: The symptom is observed when the IPsec tunnel count reaches around 2500.
Workaround: Use fewer tunnels or use a different platform.
CSCts54641
Symptoms: Various small, medium, or big VB chunk leaks are seen when polling EIGRP MIB or
during SSO.
Conditions: This symptom is observed when MIBs are being polled or SSO is done.
CSCtu28696
Symptom: The Cisco ASR 1000 router crashes at rip_process_mgd_timers decode.
Conditions: This issue occurs when 500 6rd tunnel and rip are configured, traffic is started and then
stopped, and configuration is cleared.
CSCtw88689
Symptoms: A crash is seen while applying the policy map with more than 16 classes with the Cisco
3900e platform.
Conditions: This symptom occurs when applying the policy map with more than 16 classes.
CSCtx54882
Symptoms: A Cisco ASR 1000 router may crash due to Bus error crash at
voip_rtp_is_media_service_pak.
Conditions: This symptom has been observed on a Cisco router running Cisco IOS Release
15.1(4)M2.
CSCtx75190
Symptom: Traffic from ixia 3 to ixia 1 and ixia 3 to ixia 2 on odd vlans (ED1 is the AED for odd
vlans) is dropped with UnconfiguredMplsFia counters incrementing.
Conditions: This issue occurs with scaled OTV config in a multihomed setup do a RP switchover.
OL-26698-16
89
CSCtx80535
Symptoms: DHCP pool that is configured for ODAP assigns the same IP to multiple sessions.
Conditions: PPP users receive pool via Radius. The pool is defined on the Cisco 10000 series router
to use ODAP. ODAP is receiving the subnets from Radius correctly, and assigns IPs to PPP sessions,
but sometimes two users end up having the same IP address.
Workaround: Clear both sessions sharing the same IP.
CSCty12312
Symptoms: Multilink member links move to an up/ down state and remain in this condition.
Conditions: This symptom occurs after multilink traffic stops flowing.
Workaround: Remove and restore the multilink configuration.
CSCty35726
Symptoms: The following message is displayed in the logs:
InterOp:Cube-NavTel : LTI: Video Xcode Call with plain Audio FAILS
Conditions: This symptom is seen when video Xcode call with plain audio fails.
CSCty64255
Symptoms: BGP L3VPN dynamic route leaking feature from the VRF to global export feature, the
prefix-limit is incorrect upon soft clear, or new prefix added, or prefix deleted.
Conditions: This symptom is observed when VRF to global export is enabled, and prefix-limit is
configured.
Workaround: Hard-clearing the BGP resolves the issue.
CSCty86039
Symptoms: Shut down the physical interface of tunnel source interface. The router crashes with
traffic going through some of the tunnels.
Conditions: This symptom is seen with tunnel interface with QoS policy installed.
CSCty89224
Symptom: IOS router may crash under certain circumstances when receiving a mvpnv6 update.
Conditions: This issue occurs while receiving a mvpnv6 update
CSCtz37164
Symptoms: The requests to the RADIUS server are retransmitted even though the session no longer
exists, causing unnecessary traffic to RADIUS, and RADIUS getting requests for an invalid session.
Conditions: This symptom occurs when the RADIUS server is unreachable and the CPE times out
the session.
Workaround: This issue can be avoided by making sure that the RADIUS server is always reachable.
CSCtz44989
Symptoms: An EIGRP IPv6 route redistributed to BGP VRF green is not exported to VRF RED.
Extranet case is broken for IPv6 redistributed routes.
90
OL-26698-16
Conditions: The issue is seen with IPv6 link-local nexthop. When the EIGRP route is redistributed
to BGP VRF, it clears the nexthop information (it become 0.0.0.0). Now this route becomes invalid
and BGP is not able to export to another VRF.
CSCtz48338
Symptom: A Cisco ASR 1000 router may crash.
Conditions: This issue is observed in a setup with configuration of BGP L3VPN VRF to global
export, NSR, and large scale, hard clear or link flap.
CSCtz50204
Symptoms: A crash is observed on EzVPN Server if VRF configuration under the ISAKMP profile
is modified.
Conditions: The crash is observed only if there are active sessions at the time of configuration
change.
Workaround: Prior to applying a configuration change, clear the sessions.
CSCtz58941
Symptoms: The router crashes when users execute the show ip route XXXX command.
Conditions: This symptom is observed during the display of the show ip route XXXX, when the
next-hops of "XXXX" networks are removed.
Workaround: The show ip route XXXX command (without "XXXX") does not have the problem.
CSCtz61556
Symptoms: ATM local switching segments do not come up after changing encap on both interfaces.
Conditions: This symptom is seen with ATM VC local switching. If the encap on both the ATM VC
segments are changed, the segments remain in DOWN state.
CSCtz71084
Symptoms: When the prefix from CE is lost, the related route that was advertised as best-external
to RR by PE does not get withdrawn. Even though the BGP table gets updated correctly at PE, RIB
still has a stale route.
Conditions: This symptom is observed with a topology like shown below, where CE0 and CE1
advertise the same prefixes.
Workaround: Hard-clearing the device solves this issue.
CSCtz83221
Symptoms: Active or standby route processor crashes.
Conditions: This symptom can be seen during the configuration or removal of ATM virtual circuits.
CSCtz92606
Symptoms: MFR memberlinks-T1 serial interfaces created under a CHOC12 controller, do not get
decoupled from MFR even after the MFR bundle interface is deleted. Once the MFR bundle
interface is reconfigured, the memberlinks do not appear under it.
OL-26698-16
91
Conditions: This symptom is seen with MFR with memberlinks as T1 serials from CHOC12 sonet
controller.
Workaround: Unconfigure and reconfigure the encap frame-relay MFRx under each memberlink
after reconfiguring the MFR bundle interface.
CSCtz94902
Symptom: Memory allocation failure occurs.
Conditions: This issue occurs while attaching to SIP-40 using a web browser.
Workaround: Reset the line card.
CSCtz96504
Symptom: Some of the backup VCs are down after SSO.
Conditions: It happens only on scale scenario, in this bug submitter created 500 primary and 500
backup VCs
Workaround: These backup VCs can be brought to SB state by issuing the following command
although it is not usually recommended, it is only way to recover: clear xconnect peerid <peerid
of the PW> vcid <vcid>.
CSCua06598
Symptoms: Router may crash with breakpoint exception.
Conditions: The symptom is observed when SNMP polls IPv6 MIB inetCidrRouteEntry and there is
a locally-sourced BGP route installed in IPv6 RIB.
Workaround: Disable SNMP IPv6 polling.
CSCua13322
Symptom: Routes for the converted dedicated P sessions are missing after a RP switchover.
Conditions: Converted dedicated IP sessions are not HA aware. Therefore after a RP switchover,
these sessions will be re-established at the new active RP. Routes are not installed for some of these
sessions. As a result, downstream traffic is dropped.
CSCua18542
Symptoms: When service change occur as ISG, in some particular conditions, the SCE is not ready
to accept the CoA, In that case the ISG resends an Update Session on the ISG-SCE Bus. The Update
Session is sent but it is not populated with the required attribute for SCE (policy, service-monitor)
CSCua19425
Symptoms: RP crashes at the far end, pointing to Watchdog Process BGP.
Conditions: This symptom is observed when doing an FP reload at the near end. This issue is seen
with EBGP sessions with BFD configured between near end and far end routers.
CSCua21166
Symptoms: IPSec tunnels fail to be formed due to error: ''RM-4-TUNNEL_LIMIT: Maximum tunnel
limit of 225 reached for Crypto functionality with securityk9 technology package license.''
92
OL-26698-16
Conditions: Even though the router does not have 225 IPsec SA pairs, error will prevent IPSec from
forming. Existing IPSec SAs will not be affected.
Workaround: Reboot to clear out the leaked counter, or install hsec9 which will disable CERM
(Crypto Export Restrictions Manager).
CSCua21201
Symptom: RP2 gets reloaded.
Conditions: This issue occurs when one dynamic crypto map with 8k tunnels running 700Mbps 64B
packets are processed.
CSCua27852
Symptoms: Traffic loss is seen in pure BGP NSR peering environment.
Conditions: The symptom is seen on a Cisco router that is running Cisco IOS Release 15.2(2)S, and
the BGP peerings to CEs and RR are all NSR enabled.
Workaround: Enable the bgp graceful-restart command for RR peering.
CSCua28346
Symptoms: A router crashes during second rekey.
Conditions: This symptom occurs with IKEv2 with RSA authentication.
CSCua30053
Symptoms: Authentication fails for clients after some time because the radius_send_pkt fails,
because it complains about the low IOMEM condition.
Conditions: In AAA, minimum IO memory must be 512KB to process the new request. If the
memory is less than this, AAA does not process the new authentication request. This is AAA
application threshold. This application barriers are not valid in dynamic memory case. Such
conditions are removed for NG3K platform.
CSCua33821
Symptoms: CPU utilization shoots up to 99% after configuring crypto maps.
Conditions: The symptom is observed after applying crypto maps.
CSCua34638
Symptoms: A crash is seen on RP2, when the show platform software shell command package
command is issued.
Conditions: This symptom is observed when the show platform software shell command package
command is issued. It impacts the RP2 (x86_64_*) image only.
Workaround: There is no workaround. Do not issue the show platform software shell command
package command.
CSCua35235
Symptoms: Trace route for TP does not work as expected.
Conditions: This symptom occurs with a TP setup.
OL-26698-16
93
CSCua37898
Symptoms: Memory leaks are observed.
Conditions: The memory leaks are seen when OSPFv3 authentication is enabled over virtual link,
and the OSPFv3 process is restarted.
CSCua39107
Symptoms: In a FlexVPN Spoke to Spoke setup, Resolution reply goes via the Tunnel interface to
the Hub.
Conditions: This symptom is only observed when NHO is added for the V-Access, overriding an
existing route. This issue is not seen when H route is added.
Workaround: Distribute the summarized address from the Hub, thus avoiding addition of NHO at
the Spokes. The Spokes will then add H route instead of NHO.
CSCua40790
Symptoms: Memory leaks occur when SNMP polling cbgpPeer2Entry MIB.
Conditions: This symptom occurs when BGPv4 neighbors are configured.
Workaround: There is no workaround if this MIB is to be polled.
CSCua41398
Symptom: The SUP720 crashes.
Conditions: This issue occurs when you issue the sh clns interface | i ^[A-Z]|Number of active
command multiple times via script with following error and decodes:
%ALIGN-1-FATAL: Corrupted program counter 00:53:22 EET Tue Jun 5 2012 pc=0x0 ,
ra=0x411514F4 , sp=0x55A8B080 c7600s72033_rp-adventerprisek9-m.122-33.SRE5.symbols.gz
read in Enter hex value: 0x407F5B70 0x407F612C 0x407E026C 0x42BCA588 0x407EDDFC
0x41A78BB8 0x41A78B9C 0x407F5B70:get_alt_mode(0x407f5b68) 0x8
0x407F612C:get_mode_depth(0x407f6118) 0x14 0x407E026C:parse_cmd(0x407ded18) 0x1554
0x42BCA588:parser_entry(0x42bca360) 0x228 0x407EDDFC:exec(0x407ed344) 0xab8
0x41A78BB8:r4k_process_dispatch(0x41a78b9c) 0x1c
0x41A78B9C:r4k_process_dispatch(0x41a78b9c) 0x0
CSCua43930
Symptoms: Checksum value parsed from GRE header does not populate, causing the GRE tunnel
checksum test case to fail.
Conditions: The issue is seen on a Cisco ISR G2.
CSCua45114
Symptom: Default sessions do not establish when you apply VRF as a service to the default policy.
VRF can only be applied to a default session by assigning a VRF on the access-interface. However
with dedicated sessions, one cannot apply a VRF on the access-interface and VRF transfer at the
same time. Thus if we require VRF transfer on dedicated sessions, we need VRF transfer on lite
sessions as well.
Conditions: This issue occurs when access-side interface is in the default VRF and VRF is applied
as a service to the default policy.
94
OL-26698-16
CSCua45122
Symptoms: Multicast event log preallocated memory space needs to be conserved on the low-end
platform.
Conditions: This symptom is observed with multicast even log.
CSCua45548
Symptoms: Router crashes when show ip sla summary command is run.
Conditions: The symptom is observed on Cisco 2900, Cisco 1900, and Cisco 3945 routers
configured with IPSLA operations. The router which was idle for one day crashes on issuing the
show ip sla summary command.
CSCua47570
Symptoms: The show ospfv3 event command causes the router to crash.
Conditions: The symptom is observed when "ipv4 address family" is configured and redistribution
into OSPFv3 from other routing protocols is configured.
Workaround: Do not use the show ospfv3 event command.
CSCua50961
Symptom: In the Pseudowire redundancy, secondary Pseudowire fails to come up that is also
configured as the backup on the other side.
Conditions: In the Pseudowire redundancy, cannot bring up the secondary Pseudowire that is also
configured as the backup on the other side. There are no issues in activating pseduwires that are
primary on the other side.
Workaround: Terminate these pseudowires on a different AC and make them as primary. If the
customer want to terminate on the same AC, there is no work around.
CSCua51991
Symptoms: An invalid SPI message is seen throughout the lifetime of IPsec SA.
Conditions: This symptom is observed with SVTI-SVTI with a GRE IPv6 configuration. When
bringing up Cisco ASR 1000 Series router sessions, an invalid SPI is seen. There is also
inconsistency between the number of child SAs in IKEv2 and the number of IPsec SAs on the same
box.
CSCua55691
Symptoms: A Cisco IOS memory leak is observed.
Conditions: This symptom is seen when unconfiguring/reconfiguring BGP AD VFIs.
CSCua56184
Symptom: Flexvpn server crashes after overnight RP switchovers in ASR1000.
Conditions: Multiple RP switchovers in ASR1000 and it fails to allocate an IPsec SPI.
CSCua56209
OL-26698-16
95
Symptom: PWs does not come up after an SSO.

Conditions: This is only a specific case where the primary pseudowire path is DN when the active
RP coming up, so the backup PW comes to UP state. Later when the primary path is available
pseudowire redundancy switchover happens the primary PW becomes UP. At this stage if the
Software Switchover happens the PWs on the newly active RP is DN. This is a very corner case and
the chance of happening in the real deployment scenarios is very low.
Workaround: Run the clear xconnect all command to bring up the PWs.
CSCua56802
Symptoms: QoS do not work on one of the subinterfaces/EVC.
Conditions: This symptom occurs when HQoS policy is configured on more than one
subinterface/EVC on ES and then add flat SG on them.
Workaround: Remove and reapply SG.
CSCua61814
Symptom: Overhead accounting configuration changes on XE37 image.
Conditions: This issue occurs in the following conditions:
XE34: overhead accounting configure at parent only XE35: overhead accounting configure at
parent only
XE37: overhead accounting need to be configured on both parent and child policy
CSCua63182
Symptom: Incorrect minimum bandwidth displayed when a 0k packet is received.
Conditions: Different behavior in ASR code when Min BW of 0 Kbit is received. 2.6.2 uses 10 Gbps
as Min BW in case Min BW = 0 received 3.4.3 uses 1 Kbit as Min BW in case Min BW = 0 received
CSCua67998
Symptoms: System crashes.
Conditions: This symptom occurs after adding or removing a policy-map to a scaled GRE tunnel
configuration.
CSCua69657
Symptoms: Traceback is seen when the show clock detail command is executed.
Conditions: This symptom is seen when executing the show clock detail command with Cisco IOS
interim Release 15.3(0.4)T.
CSCua70065
Symptoms: CUBE reloads on testing DO-EO secure video call over CUBE when SDP passthru is
enabled.
Conditions: The symptom is observed when running Cisco IOS interim Release 15.3(0.4)T.
CSCua71038
96
OL-26698-16
Symptoms: Router crashes.

Conditions: The symptom is observed with a Cisco router that is running Cisco IOS Release
15.2(3)T1. The router may crash during the failover test with OCSP and CRL configured.
Workaround: Configure OCSP or CRL but not both.
CSCua78782
Symptoms: Authentication of EzVPN fails.
CSCua80204
Symptoms: EoMPLS remote port shutdown feature does not work.
Conditions: This symptom is observed if xconnect and a service instance are configured under the
same interface.
CSCua84879
Symptoms: Crash at slaVideoOperationPrint_ios.
Conditions: The symptom is observed when IPSLA video operations are configured and show
running-config is issued.
CSCua84923
Symptoms: Following a misconfiguration on a two-level hierarchical policy with a user-defied
queue-limit on a child policy, the UUT fails to attach the QoS policy on the interface even when
corrected queueing features are used.
Conditions: This symptom is observed with the following conditions: 1) The issue must have the
user-defined queueu-limit defined. 2) This error recovery defected is confirmed as a side effect with
the c3pl cnh component project due to ppcp/cce infrastructure enhancement.
CSCua85934
Symptoms: A session provisioning failure is seen in the ISG-SCE interface. The deactivate or
disconnect request has the message authenticator wrongly calculated.
Conditions: This symptom is observed with the ISG-SCE interface.
CSCua86310
Symptoms: When relay is configured with unnumbered interface, it appears the packet is sent out of
the loopback interface (instead of the serial interface) to the server, which does not receive the
packet.
Conditions: The issue happens only when unnumbered loopback address is used on the relay
interface which connects to server. If an IPv6 address is used directly on the interface, it works fine.
Workaround: Use numbered interface instead of unnumbered interface.
CSCua87944
OL-26698-16
97
Symptoms: In an IPv6 snooping policy, the keyword "prefix-list" has no effect on control packet.
The keyword only affects the binding table recovery. In an "ipv6 nd raguard" policy, the
limited-broadcast keyword appears though it is deprecated. It should be hidden and is always on.
Conditions: These symptoms are observed in an IPv6 snooping policy and IPv6 and RA-guard
policy.
CSCua91104
Symptoms: ISIS adjacency process shows traceback messaging related to managed timer.
Conditions: This symptom is seen when configuring isis network point-to-point on LAN interface
with isis bfd or isis ipv6 bfd enabled. The traceback does not happen always. It depends on timing.
Workaround: Disable isis bfd or isis ipv6 bfd before issuing isis network point-to-point command.
Restore isis bfd or isis ipv6 bfd configuration on LAN interface.
CSCua93136
Symptoms: The switch crashes when sending the DHCPv6 packet with "ipv6 snooping" on VLAN
configurations.
Conditions: This symptom occurs when sending the DHCPv6 packet with "ipv6 snooping"
configured on VLAN configurations.
CSCua94947
Symptoms: RP crashes when downloading FreeRadius Framed-IPv6-Route on MLPPP sessions.
Conditions: This symptom occurs when downloading radius Framed-IPv6-Route.
CSCub07382
Symptom: NHRP cache entry for the spokes get deleted on NHRP timer expiry even though there is
traffic flowing through the spoke to spoke tunnel.
Conditions: This issue occurs on FlexVPN Spoke to Spoke setup.
Workaround: Configure the same hold time on both Tunnel interface and the Virtual-Template
interface.
CSCub07673
Symptoms: IPsec session does not come up for spa-ipsec-2g if ws-ipsec3 is also present. "Volume
rekey" is disabled.
Conditions: This symptom occurs if "volume rekey" is disabled.
Workaround: Do not disable the volume rekey.
CSCub09124
Symptoms: MDT tunnel is down.
Conditions: This symptom is seen in MVPN. If the ip multicast boundary command on non-current
RPF interface blocks the MDT group, it may cause MDT tunnel failure.
Workaround: Adding the static join command under PE loopback interface may work around the
problem temporarily.
CSCub15542
Symptoms: Configuring mpls lsp trace results in IOSD restart.
98
OL-26698-16
Conditions: This symptom occurs when configuring mpls lsp trace results in IOSD restart.
CSCub17985
Symptoms: A memory leak is seen when IPv6 routes are applied on the per-user sessions.
Conditions: This symptom is seen if IPv6 routes are downloaded as a part of the subscriber profile.
On applying these routes to the sessions, a memory leak is observed.
CSCub21340
Symptom: Segmentation fault crash and router reloads continuously.
Conditions: When router is reloaded with cfm over xconnect scale config (configuring 500 meps)
CSCub24355
Symptoms: IPv4 mVPN inactive (S,G) are not removed on egress PE.
Workaround: Remove entries manually.
CSCub32500
Symptom: Router crashes in EIGRP due to chunk corruption.
Conditions: This issue is seen on EIGRP flaps.
CSCub33877
Symptom: During the "issue loadversion", while downgrading from Texel (or later) to Yap
(v151_1_sg_throttle or earlier), the standby RP keeps reloading due to the out of the sync of
configuration.
Conditions: The issue occurs during issu loadversion operation. The newer version of image
supports the ipv6 multicast while the older version of image does not.
CSCub42920
Symptom: KS rejects rekey ACK from GM with message (from "debug crypto gdoi ks rekey all"):
GDOI:KS REKEY:ERR:(get:0):Hash comparison for rekey ack failed. The keys & policies in the
rekey packet are correctly installed by the GM, but the rekey ACK does not get processed by the KS.
This leads to rekey retransmissions, GM re-registration and potential disruption of communication.
Conditions: Rekey ACK validation in versions 15.2(4)M1 (ISR-G2) and 15.2(4)S/3.7S (ASR1000)
is incompatible with other software releases. A KS that runs 15.2(4)M1 or 15.2(4)S/3.7S will only
be able to perform successful unicast rekeys with a GM that runs one of those two versions.
Likewise, a KS that runs another version will only interoperate with a GM that also runs another
version.
Workaround: Use multicast rekeys.
CSCub46570
Symptoms: The image cannot be built with an undefined symbol.
Conditions: This symptom occurs as the commit error triggers the compiling issue.
OL-26698-16
99
CSCub49291
Symptom: Static tunnels between hubs and spokes fails to rebuild.
Conditions: Reload hub on the DMVPN ipv6 setup with DPD on-demand enabled on all spokes.
CSCub54872
Symptom: A /32 prefix applied to an interface (for example, a loopback) is not being treated as
connected. This can then prevent Half-Duplex VRFs for operating correctly.
Conditions: This issue occurs when the prefix is applied to an interface is for a host route (/32 for
Ipv4 or /128 for IPv6).
Workaround: Use a shorter prefix.
CSCub67101
Symptoms: The POS interface line protocol is down with encapsulation PPP in an MPLS setup.
Conditions: This symptom occurs when configuring encapsulation PPP on both ends of PE1 and
CE1, and then configuring xconnect in the customer-facing interface of PE1.
Workaround: Reconfigure the xconnect settings. Then, the interface will come up in the proper state.
CSCub73159
Symptom: IOSD crashes.
Conditions: This issue occurs while bringing up 8k PPP sessions with QOS and ebgp routes.
CSCub73430
Symptom: A Cisco ASR 1000 Series Aggregation router running IOS 15.2.(4)S ipBaseK9 feature
set crashes when a interface that a qos policy attached to it comes up.
Conditions: This issue occurs on an interface with a qos policy attached.
Workaround: Use other feature sets, AdvEnterpriseK9, for example.
CSCub81374
Symptom: A Cisco ASR1001 router Feature Navigator does not show correct image to license
mapping.
Conditions: This issue occurs on a Cisco ASR1001 router with or without licenses.
CSCub96074
Symptom: Software is forced to reload on a Cisco ASR 1000 Series Aggregation Router using the
ISG feature.
Conditions: ISG sessions cannot be authenticated/authorized whenever primary/secondary Radius
servers are marked as unreachable. This creates high load on ISG and may force a crash.
CSCub96743
Symptom: Packet drops are seen on Scaled Cisco ASR 1000 Series Aggregation Router during RP
switchover.
Conditions: This issue occurs during RP and FP switchover.
100
OL-26698-16
CSCub99756
Symptom: A Cisco ASR 1000 router running 15.2(4)S release acting as a GM in a GETVPN
deployment starts using the most recent IPSEC sa upon KS rekey instead of using the old key up to
30 seconds of expiration.
Conditions: This issue was observed only in 15.2.(4)S.
CSCub99778
Symptom: A Cisco ASR 1000 router being GM in a GETVPN deployment fails to start GDOI
registration after a reload. The following status is seen: Registration status : Not initialized in the
show crypto gdoi output after a reload.
Conditions: This issue occurs while running 15.2(4)S.
Workaround: Use an EEM script to issue a "clear crypto gdoi" a bit after boot time or issue this
manually.
CSCuc15548
Symptom: Subscriber session on LAC/LNS attempts state with "vpdn authen-before-forward"cli
configured and auto-service in the radius-profile.
Conditions: This issue occurs because of the command "vpdn authen-before-forward" and one
auto-service in the user's profile in radius.
Workaround: Configure and apply one policy-map with SESSION-START rule with at least one
action.

Release 3.7S
It contains the following topic:
Resolved CaveatsCisco ASR 1000 Series Aggregation Services Routers Release 3.7S, page 112

3.7S
CSCtx89616
Symptom: BITS e1 output network-clock source configuration sends QL-INV to remote end.
Conditions: This issue is observed when the configuration of BITS e1 output network-clock source
sends QL-INV to the remote end.
OL-26698-16
101
CSCty21018
Symptom: Occasionally, network boots from ROMMON may run very slowly. Booting from a
"tftp:" device may appear to stall or run very slowly.
Conditions: This issues is observed when attempting to boot from a "tftp:" device.
Workaround: In non-autoboot scenarios, where the console port is connected, issue a reset under
user supervision.
If the system is configured to autoboot, reconfigure the TFTP_TIMEOUT environment variable
from its present very long value to a value longer than the expected boot time considering the
network and server load. If the system finds itself in this slow booting mode while autobooting, the
transfer will time out, and autoboot will reset and attempt to netboot the file again.
A suggested starting value of 300 seconds can be provided from the ROMMON prompt:
TFTP_TIMEOUT=300
Sync
CSCtz74060
Symptom: The output of show platform hardware qfp active feature ess state command is not
working and is showed in XML format during ISSU sub-pkg downgrade from XE3.7.0 to lower
releases on 4RU. There is no functionality impact.
Conditions: This issue is observed during ISSU upgrade process with ESP and RP running at
different versions. There is no functional impact with this issue. The command work correctly after
the system upgrade is complete.
CSCua71731
Symptom: When configuring the maximum throughput on a Cisco ASR 1002-X router, a value of
40000000 kbps is indicated even though the actual limit is 36000000 kpbs. Several log messages
also indicates a value as 40000000 kbps when the license changes or is rejected. Actual product
license or throughput is not affected.
Conditions: This issue is observed in the configuration mode. Log messages would vary dependent
on action. But the output include message similar to the following message:
"*Aug 14 21:42:30.294: %IOSXE_THROUGHPUT-3-INVALID_CONFIG: No valid license found for
the configured throughput level: 40000000 kbps"
CSCtx81748
Symptom: A small amount of packet drop due to anti-replay failure may be seen when the IPSec
feature is configured.
Conditions: This issue is observed when the IPsec session is starting or when the IPSec SA lifetime
expires and a new SA is established.
CSCty55408
Symptom: Pending issues and acknowledgments are observed after unconfiguring and configuring
the same scale configuration while traffic is flowing.
Conditions: This issue is observed when four overlays are configured with 500 EFPs per overlay.
Remove the overlay and EFP configuration. Copy the same configuration back on one of the routers.
102
OL-26698-16
CSCtz24454
Symptom: POS interfaces are stuck in down state.
Conditions: This issue is observed while reloading a Cisco ASR1000 or a SPA.
Workaround: Reload the FP.
CSCtz34089
Symptom: Cisco ASR1000 devices displays traceback after RP switchover.
Conditions: This issue is observed with DMVPN HUB when scaled to 4000 spokes.
CSCtz69971
Symptom: High IPSec/QoS latency.
Conditions: This issue is observed when traffic with volume-based rekey is sent.
CSCtz71147
Symptom: IPv6 IPSec tunnel start up may be slow and pending objects may be seen in the show
platform software object-manager fp active statistics command output.
Conditions: This issue is observed when trying to start large number of IPv6 tunnels (500 tunnels
or more) after configuring them.
CSCtz74060
Symptom: The CLI output format of the show platform hardware qfp active feature ess state
command has changed.
Conditions: This issue was observed during ISSU sub-pkg downgrade from XE3.7.0 to lower
releases on 4RU while FP is running XE3.7.0 image and Active RP is running non-XE3.7.0 images.
CSCua08206
Symptom: VCs configured with VPLS on the standby RP is in down state.
Conditions: This issue is observed during a core link flap.
Workaround: Clear xcon all.
CSCua18917
Symptom: End to End Traffic fails in Port-channel QinQ Xconnect circuit.
Conditions: This issue is observed in a scaled configuration of 100 Port-channel subinterfaces
configured using a script.
CSCua30168
Symptom: IOSd restarts.
Conditions: This issue is observed during a mixed tunnel scaling test with high traffic.
CSCua40578
Symptom: mGREv6:IPv6 NHRP Shortcut switching not working for IPv6 transport.
OL-26698-16
103
Conditions: This issue is observed on a topology with two spokes registered to a Hub. Tunnel
interfaces in mGREv6 mode is configured on bob and spokes and NHRP shortcut and redirect
switching is configured on the tunnel interfaces.
CSCua49474
Symptom: TCP segments of specific length may be forwarded with wrong packet payload if the
NAT feature is configured on Cisco ASR 1000 Series Aggregation Services Routers.
Conditions: This issue is observed when NAT is configured on the device and the TCP segments are
of specific length.
CSCua55495
Symptom: BGP entries fail to return to the original value within 600 seconds.
Conditions: This issue is observed on DMVPN networks.
CSCua59573
Symptom: CPP crashes after modifying scaled VPLS configuration and changing the loop back
address.
Conditions: This issue is observed only in scaled VPLS setup and on doing a negative test by
changing the loop back address.
CSCua69725
Symptom: Pending objects and traffic loss.
Conditions: This issue is observed on cell packed interfaces.
CSCua75088
Symptom: The OSPF relationship between PE & P routers disappears after reloading carrier card
several times.
Conditions: This issue is observed if the carrier card is reloaded multiple times.
CSCua77720
Symptom: cpp_svr restarts on an optimised edge router (OER) border router.
Conditions: This issue is observed during a tunnel flap on external interfaces or while replacing a
configuration.
CSCua81608
Symptom: IOSd crashes and router reloads multiple times after the ISSU upgrade.
Conditions: This issue is observed while running 4RURP1 ISSU sub package forwarding with all
features from Cisco IOS XE 3.5.2 and Cisco IOS XE 3.6.
CSCua87736
104
OL-26698-16
Symptom: End to End ping and Traffic Fails.

Conditions: This issue is observed on IP internetworking with port-channel Xconnect QINQ ANY
encapsulation.
CSCua87896
Symptom: qfp exmem is exhausted on the standby FP.
Conditions: This issue is observed when TCP is used for SIP signalling.
CSCub01576
Symptom: The ESP reloads on a Cisco ASR1000 router due to ucode crash.
Conditions: This issue is observed an Cisco ASR1000 router where Layer 4 Redirect feature is
configured. This problem was first observed in 15.2(01)S release. This issue may not occur in some
customer environments to about once a 1 week in medium sized high CPS ISG production networks.
CSCub03744
Symptom: ESP 100 crashes.
Conditions: This issue is observed while removing a hierarchical QoS policy-map from a
port-channel member link.
CSCub10859
Symptom: The following symptoms are observed:
Cisco ASR 1006 turns unresponsive unexpectedly; even on both console ports.
After the router processor is reset, other modules remain down and do not recover.
Performing a soft OIR on failed modules does not work.
After the SIP is reset, the interfaces remain down and you need to run shut and no shut
commands to restart the interfaces.

No coredump or crashinfo is generated.
One power supply shows zero volt.
Conditions: This issue is observed on only on two Cisco ASR 1006 devices with 2x RP2, 2x ESP40,
SIP40 and 2x ASR1013/06-PWR-DC
Workaround: Power cycle the chassis.
CSCua13561
Symptom: Clients fail to get the IP address through the PPP IPCP from DHCP pool.
Conditions: This issue occurs after upgrading a Cisco ASR 1000 Series Aggregation Services
Router from Cisco IOS XE 12.2(33) XNF2 to Cisco IOS XE 15.2(2)S without any configuration
changes.
CSCua26487
Symptom: The SNMP loops at OID 1.3.6.1.4.1.9.9.645.1.2.1.1.1, and as a consequence, the SNMP
walk fails.
OL-26698-16
105
Conditions: This issue is observed only during an SNMP getbulk request on OID
1.3.6.1.4.1.9.9.645.1.2.1.1.1.
Workaround: Exclude the MIB table from the SNMP walk using the SNMP view. For details on
excluding the MIB table from the SNMP walk, see the following configurations:
snmp-server view <view name> iso included
snmp-server view <view name> ceeSubInterfaceTable excluded
snmp-server community <community> view <view name>
CSCua40273
Symptom: The Cisco ASR 1000 Series Aggregation Services Router crashes when displaying
MPLS VPN MIB information.
Conditions: This issue occurs on the Cisco ASR 1000 Series Aggregation Services Routers running
IOS XE 15.1(02)S.
Workaround: Avoid changing the VRF while querying for MIB information.
CSCua58100
Symptom: The syslog is flooded with traceback message similar to the following message:
Jun 20 10:05:23.961 edt: %SYS-2-NOTQ: unqueue didn't find 7F3D26BDCCD8 in queue
7F3CA5E4A240 -Process= "RADIUS Proxy", ipl= 0, pid= 223
-Traceback= 1#e0ee0ce60492fdd11f0b03e0f09dc812 :400000+873623 :400000+2547652
:400000+20F9217 :400000+6C70C9C :400000+6C69C71 :400000+6C682BC :400000+6C68183

You establish 36 k EAPSIM sessions using a RADIUS client on server A.
You establish 36 k roaming sessions using a RADIUS client on server B.
The roaming sessions have the same caller-station-id but use an IP address that is different from
the EAPSIM sessions.

CSCtw72855
Symptom: The router does not pass traffic towards the access side on the VCs configured with QoS
shaping output policy.
Conditions: This issue occurs when you configure a QoS shaping output policy.
CSCty28986
Symptom: A configuration with a high number of down MEPs does not function properly.
Conditions: This issue occurs when you configure 500 or more down MEPs with 500 or more
Xconnect configurations between service instances.
Workaround: Configure no more than 200 CFM sessions.
CSCty34054
Symptom: The router displays CPU utilization traceback messages and drops all multicast traffic
for 2050 seconds.
Multicast is enabled with more than 500 multicast groups.
The router is using RSP1B in SSM mode.
BDI is configured on the access side of the router.
106
OL-26698-16
There are 24 EFPs on each bridge domain.

You enter a shutdown command on the access interface.
CSCty51990
Symptom: The router may crash or restart, with the console displaying a SW_WDOG: expired
message.
The router is configured with 63 or more instances of a unique EVC configured with a unique
BDI.
The router is sending IGMP joins to one multicast group.
You perform a shutdown or no shutdown on the interface sending IGMP join messages.
You perform an OIR on the router.
CSCty70119
Symptom: Port shaper rate changes do not take effect.
Conditions: This issue occurs when QoS policies attached to EVCs on an interface do not include
a shaper configuration; issue does not occur on EFP policies that include a shaper in a class.
Workaround: Include a shaper in one class of EFP policies.
CSCty73362
Symptom: The router experiences CPP download failures when sending IGMP join messages.
Conditions: This issue occurs when the router is configured with a trunk EFP in SM mode on the
access side, and is sending IGMP join messages to more than 1970 multicast groups.
CSCty74115
Symptom: The router displays traceback and CPU error messages.
Conditions: This issue occurs when you configure a large number of MAC address table entries
while REP is enabled. The router displays errors during an REP topology change, REP pre-emption,
or when you perform a shutdown/no shutdown on an interface.
Workaround: Reduce the MAC scale.
CSCty79987
Symptom: The Connectivity Fault Management (CFM) up Maintenance End Points (MEPs) and
down MEPs fails to scale to 1000 CFM sessions.
Conditions: This issue occurs when you configure CFM on a trunk Ethernet Flow Point (EFP).
CSCtz20087
Symptom: The router applies the class-default QoS policy to all outgoing traffic.
You configure multiple egress QoS policies on a Gigabit Ethernet interface.
You configure a multilink interface with no ingress QoS policy.
OL-26698-16
107
CSCtz32327
Conditions: This issue occurs when you have an OC-3 IM installed, and perform a soft OIR or SSO
(when HA is configured).
Workaround: There is no workaround; reload the router.
CSCtz40690
Symptom: Traceroute to a remote MEP fails.
You configure a EVC bridge domain MEP on a remote device.
You configure a MIP on a trunk EFP on an intermediate device.
You issue the traceroute command to the remote MEP.
CSCtz49927
Symptom: Traffic floods an EFP interface.
Conditions: This issue occurs when you configure a multicast static MAC on a bridge domain and
add more than 24 EFPs.
Workaround: Remove the extra EFPs from the bridge domain.
CSCtz55979
Conditions: This issue occurs when you configure CFM, SCE over MPLS, VPLS, or G.8032
services while running SNMP polling.
CSCtz77491
Symptom: The router stops passing traffic and crashes.
Conditions: This issue occurs when you remove a QoS policy applied to a trunk EFP.
CSCtz82725
Symptom: The router intermittently drops packets.
Conditions: This issue occurs on 10-Gigabit Ethernet core links when the router passes traffic for
an extended period while running a VPLS-TP configuration.
CSCtz87262
Symptom: The routers convergence time is greater than 90 seconds when you clear the multicast
routing table.
Conditions: This issue occurs with a ring topology with two parallel paths from the FHR to the LHR
receivers.
CSCtz90273
108
OL-26698-16
Symptom: The router duplicates multicast traffic when configured as a static rendezvous point (RP)
node.
Conditions: This issue occurs under either of the following conditions:
You remove Auto RP announce configurations on all the routers.
You configure the router as a static RP and enable multicast traffic.
Workaround: Select an RP mode: static, auto, or bootstrap router (BSR) and avoid switching
dynamically between RP modes.
CSCtz92857
Symptom: MAC learning fails and the router displays FIFO table overflow messages.
Conditions: This issue occurs with a MAC security configuration running at high scale.
CSCtz92914
Symptom: L3 multicast replication fails on some of the EFPs.
You configure a group of EFPs and map each EVC to a different bridge domain.
You create a QoS policy map on each EVC.
All the BDI send IGMP joins to a single multicast group.
The router initiates multicast data traffic.
You remove and reconfigure some of the EFPs.
Workaround: Configure the EFPs and bridge domains, and initiate the traffic flow before attaching
QoS policies.
CSCua12366
Symptom: An interface module crashes after an interface module OIR.
Conditions: This issue occurs when you perform an OIR after the router has been passing traffic for
more than 6 hours.
Workaround: There is no workaround; the IM recovers after the crash and resumes the task of
passing traffic.
CSCua16143
Symptom: IPv6 BFD sessions drop after you perform an SSO.
Conditions: This issue occurs when you perform an SSO on the router while running an IPv6 BFD
configuration. Note that this issue does not occur with an IPv4 BFD configuration.
Workaround: After SSO, perform a shutdown and no shutdown on the physical interface.
CSCua16492
Symptom: Some IPv6 multihop BFD over BGP sessions flap.
Conditions: This issue occurs on port channel interfaces running IPv6 multihop BFD over BGP
sessions after you perform an SSO.
CSCua33453
Symptom: A CFM configuration crashes after passing traffic for several hours.
OL-26698-16
109
Conditions: This issue occurs when you create the following configuration:
A port channel interface configured with an EVC and applied to a bridge domain.
A physical interface configured as a trunk EFP.
The offload sampling command is configured on both interfaces.
CSCua33788
Symptom: The router does not pass multicast traffic consistently; only some traffic passes.
Conditions: This issue occurs when you configure 255 EVCs spanning across different slots on the
router.
CSCua36065
Symptom: The router forwards multicast traffic on 63 out of 255 multicast OIFs.
Conditions: This issue occurs when you configure the following:
255 EVCs on a single port mapped to 255 BDIs (one EVC for each BDI) using rewrite tagging.
255 BDIs that send IGMP v2 Joins to a single multicast group.
255 EVCs configured as a routed ports with the port a member link of a port channel.
255 EVCs configured on a port channel and sending multicast traffic to a multicast group
CSCua38675
Symptom: The router displays a QoS Stats Stalled error message and stops applying QoS
configurations.
Conditions: This issue occurs when you apply a flat VLAN policy to a trunk EFP interface.
CSCua41400
Symptom: QoS classification does not function properly.
Conditions: This issue occurs when you create QoS class containing a policy that classifies traffic
based on both ACLs and DSCP values.
CSCua43843
Symptom: QoS classification fails when you configure the match vlan command under a class map.
Conditions: This issue occurs when the router is configured with an EVC with the encapsulation
default command.
Workaround: Change the encapsulation to dot1q.
CSCua52162
Symptom: The router does not learn remote CFM MEPs on an EFP interface.
Conditions: This issue occurs when you configure rewrite push operation on an EFP interface.
CSCua52187
Symptom: The router crashes when you attach a QoS policy.
110
OL-26698-16
Conditions: This issue occurs when you apply a QoS class map that:
Matches traffic based on an ACL.
References an ACL that is not present in the running configuration.
Is referenced in a policy with a DSCP marking action.
CSCua54547
Symptom: The router does not learn remote CFM MEPs.
The router is connected to the remote MEPs via a pseudowire connection.
The router is configured with MPLS on a bridge-domain interface
Dot1q encapsulation is configured on an EFP.
Workaround: Configure the EFP encapsulation as untagged.
CSCua55122
Symptom: The OC-3 interface module crashes when you create a large number of ATM IMA
interfaces.
Conditions: This issue occurs when you configure multiple ATM IMA interfaces with fewer than
16 links per bundle.
Workaround: Perform a hard OIR on the interface module.
CSCua56761
Symptom: Gigabit Ethernet port 0/5/1 does not timestamp Ethernet OAM Y.1731 packets.
Conditions: This issue occurs when you configure Ethernet OAM on port 0/5/1 of a copper or SFP
Gigabit Ethernet interface module.
CSCua61909
Symptom: Changes to the police QoS command do not take effect.
You create a QoS policy with a policer and attach the policy to an interface.
You make a dynamic change to the police action, such as altering the policer value, the
conform-action value, or the exceed-action value.

Workaround: Remove the policy from the interface, make the necessary changes, and reattach the
policy.
CSCua67795
Symptom: The router does not transmit Y.1731 Delay Measurement Message (DMM) values using
QinQ encapsulation.
Conditions: This issue occurs with the following configuration:
An EFP is configured and applied to a bridge-domain.
The EFP is configured with QinQ encapsulation.
A Y.1731 Delay Measurement Message (DMM) value is applied.
The Y.1731 traffic uses a CoS value other than 0.
OL-26698-16
111
CSCua70585
Symptom: The router does not update the Gigabit Ethernet interface bitmaps after you remove an
EFP from a multicast group. However, the router can display CPU hog messages.
You create an EFP on a single BDI.
The router receives IGMP v2 or IGMP v3 SSM joins to the BDI.
You create a second EFP on the same BDI.
You delete either the first or the second EFP.
CSCua72298
Symptom: The router stops passing traffic on the 10-15 HDLC interfaces.
Conditions: This issue occurs when you configure a large number of HDLC interfaces: 84 for each
port or 336 for each interface module.
Workaround: Remove and reconfigure the interface.
CSCua73104
Symptom: The router does not increment QoS port shaper policy counters displayed by the show
policy interface command.
Conditions: This issue occurs when you configure:
A class default policy on a physical interface
A class-based policy on an EVC interface
Workaround: There is no workaround. However, the router applies the QoS policy normally.

Release 3.7S
Release 3.7S.
CSCtz47706
Symptom: IOSD may crash while adding route information for PPP-IP-P2P neighbor
(ppp_ip_p2p_neighbor_route_add)
Conditions: This symptom may occur during session churning of L2TP with BGP.
CSCtx23593
Symptom: Some virtual circuit (VC) information is missing in the Simple Network Management
Protocol (SNMP) MIB object cAal5VccEntry from the output of the snmpwalk router configuration
command. For example, The ATM VCs 4/0.120 exist on the router but are missing in the MIB.
Conditions: This symptom is observed on a Cisco 7204VXR (NPE-G2) router that is running
12.2(33)SRE5 (c7200p-advipservicesk9-mz.122-33.SRE5.bin) image in customer network. The
symptom may also occur in other releases.
112
OL-26698-16
Workaround: - Enter the show atm vc privileged EXEC command on the same device to obtain a
complete list of all the VCs. OR - Do the SNMPWALK suffixing the ifIndex of the interface to get
the value. $ snmpwalk -v 2c -c fwwrcmn na-salerno-ar011 .1.3.6.1.2.1.2.2.1.2 | grep "4/0.120"
IF-MIB::ifDescr.253 = STRING: ATM4/0.120-atm subif IF-MIB::ifDescr.254 = STRING:
ATM4/0.120-aal5 layer
$ snmpwalk -v 2c -c fwwrcmn na-salerno-ar011 .1.3.6.1.4.1.9.9.66.1.1.1.1.3 | grep
9.9.66.1.1.1.1.3.254 ===> Got no entry of ifindex here in complete snmpwalk $ $ snmpwalk -v 2c
-c fwwrcmn na-salerno-ar011 .1.3.6.1.4.1.9.9.66.1.1.1.1.3.254 ===> When done the SNMPWALK
suffixing the ifindex, then getting the value which can be one workaround.
SNMPv2-SMI::enterprises.9.9.66.1.1.1.1.3.254.200.106 = Counter32: 403633041
CSCtz12525
Symptom: Accounting stop send without Acct-Input-Packets Acct-Output-Packets
Acct-Input-Octets Acct-Output-Octets when service stop is performed
Conditions: Service stop is issued
CSCua24676
Symptom: VRF to global packets length corrupted by -1.
Conditions: Issue seen when the next-hop in vrf is global and recursive going out labeled. Issue is
seen from 150-1.S3a onwards not seen on 150-1.S2.
Workaround: use next hop interface ip instead of recursive next hop.
CSCua29001
Symptom: ANCP truncated line rate not seen on standby and hence the policy application will differ
from that on active
Conditions: ancp truncate <value> CLI enabled and port ups received on BRAS
CSCua84147
Symptom: Router crashes during "sh run | format" CLI execution
Conditions: This crash is seen only during "sh run | format" execution. All other CLI executions are
fine.
Workaround: Avoid executing "sh run | format". Instead "sh run" can be executed.
OL-26698-16
113
114
OL-26698-16

Note
For information about the caveats pertaining to earlier releases, see Cisco IOS XE 3S Release Notes.
This chapter contains the following section:
Caveats describe unexpected behavior. Severity 1 caveats are the most serious caveats. Severity 2 caveats
are less serious. Severity 3 caveats are moderate caveats. Only select severity 3 caveats are included in
this chapter.
In this section, the following information is provided for each caveat:
Note
Cisco Systems, Inc.

www.cisco.com
This section contains the following topic:

3.6.1S
CSCtu95951
Symptom: The router crashes when scale sessions are cleared or closed when some other actions,
such as service-apply, unapply, and timeouts, occur simultaneously.
Conditions: This issue is observed when multiple actions and session-clear occur simultaneously in
a scale scenario.
Workaround: Avoid clearing sessions when multiple actions such as the ones specified above are
taking place.
CSCtx44508
Symptom: During initial bulk synchronization, a peer on which IBGP nonstop routing (NSR) is
enabled takes a long time to synchronize. Depending on the scale of the setup and the number of
routes and paths received from the IBGP peer, synchronization could take up to a few minutes.
Conditions: This issue is observed when NSR is configured for an IBGP peer and the standby route
processor (RP) comes up in an asymmetric startup scenario, triggering bulk synchronization.
CSCty10285
Symptom: The Web Cache Communication Protocol (WCCP) redirections do not take place on a
router that is running Cisco IOS XE Release 3.5S.
Conditions: This issue is observed when Group Encrypted Transport (GET) VPN is configured on
a router on which Cisco ASR1000-RP1 is installed.
CSCtz37863
Symptom: If IP Control Protocol (IPCP) negotiation fails, an interim update is not sent.
Conditions: This issue is observed when the IPCP configuration is in the dual-stack and IP-saving
mode.
OL-26698-16
CSCtz71804
Symptom: A drop in performance is observed when the Dynamic Multipoint Virtual Private
Network (DMVPN) is configured with BGP, OSPF, or EIGRP for specific packet sizes.
Conditions: This issue is observed when the DMVPN is configured with Border Gateway Protocol
(BGP), Open Shortest Path First (OSPF), or Enhanced Interior Gateway Routing Protocol (EIGRP)
for specific packet sizes.
CSCtz80342
Symptom: A drop in performance is observed on multicast VPN (mVPN) configured on Cisco
ASR1000-RP1 and Cisco ASR1000-ESP10 when the packet size is 1500 bytes or more.
Conditions: There are no specific conditions under which this issue is observed.

Release 3.6.1S
CSCts40043
Symptoms: The router may ungracefully restart due to a segmentation fault.
Conditions: This issue is observed while modifying the fail-close access control list (ACL) when the
same Group Domain of Interpretation crypto map (GDOI CM) is applied to two interfaces and the
registration is in the fail-close state in the GETVPN configuration.
Workaround: Remove the crypto map from the interface before modifying the ACL.
CSCtw46061
Symptom: The IPsec status shows irremovable IPSec sessions. Use the show crypto eli command
to view the IPSec status.
Conditions: This issue is observed when the router keeps flapping a large number of IPsec sessions.
CSCtw78451
Symptoms: The router may reload automatically when multiple users run show commands
simultaneously.
Conditions: This issue is observed when the router is used as a DMVPN headend router and there
are hundreds of tunnels flapping at the same time. It is a timing-related issue that occurs only when
there is instability in a large-scale environment.
CSCtw87716
Symptom: XML code is displayed in the output of the show platform hardware qfp {active |
standby} system state command.
Conditions: This issue is observed when the show platform hardware qfp {active | standby}
system state command is run.
Workaround: There is no workaround. Note that this issue has no impact on the functionality of the
router.
OL-26698-16
CSCtx15650
Symptom: The Cisco Performance Routing (PfR) dynamic route map is not downloaded to the
FMAN-RP process and the FMAN-FP process.
Conditions: This issue is observed when the Cisco PfR feature is used under scale conditions.
CSCtx49073
Symptoms: The free space check fails, and the core dump process is not completed.
Conditions: This issue is observed when there is insufficient storage space for the core dump.
Workaround: Ensure that there is enough storage space for the core dump.
CSCtx77643
Symptom: The embedded services processor crashes and then reloads automatically.
Conditions: This issue is observed when a tunnel interface is configured with a policy map that has
only a class default configured on it. The crash may occur under conditions that cause the tunnel to
move from one Gigabit Ethernet interface to another.
CSCtx81689
Symptom: The router fails to establish Protocol Independent Multicast (PIM) neighbors when IPv6
MVPN is configured.
Conditions: This issue is observed on routers on which Cisco ASR 1000-ESP40 is installed.
Workaround: Disable the Multicast Long-Reach Ethernet feature by running the platform multicast
lre off command.
CSCtx84948
Symptoms: The router stops working correctly after consecutive crashes of the embedded services
processor. The interfaces are in the Up/Up state, but they do not send traffic.
Conditions: This issue is observed on a router that has redundant embedded services processors.
Workaround: Shut down and restart the disabled interface.
CSCtx94393
Symptom: The embedded services processor crashes.
Scaled IKEv2 4k IPsec sessions with the FlexVPN dVTI server.
Scaled IKEv1 1k IPsec sessions with the dVTI server.
CAC (50) enabled on both the server and the clients.
DPD (60/15/on-demand) enabled.
Crypto sessions are cleared from the server every 20 minutes using the clear crypto session
command.
Presence of 20 M bidirectional traffic.
OL-26698-16
CSCty02385
Symptom: A drop in traffic is observed when EoMPLS VLAN interworking is configured.
Conditions: This issue is observed only when a VLAN rewrite takes place.
Workaround: Ensure that the same VLAN ID is used on both the PE-facing end and the CE-facing
end.
CSCty19713
Symptom: The embedded services processor crashes.
Conditions: This issue is observed in the NAT Application Layer Gateway for DNS packets.
Workaround:
Disable the DNS Application Layer Gateway by using the following commands:
no ip nat service dns tcp
no ip nat service dns udp
Note
After the DNS Application Layer Gateway is disabled, the embedded IP addresses in the
DNS packets will not be translated.
CSCty32548
Symptom: The embedded services processor may reload automatically.
Conditions: This issue may be observed when the CGN mode is in use with a dynamic (that is, not
PAT) configuration and you try to run the clear ip nat trans inside ig il forced command to clear a
dynamic bind that has active child elements.
CSCty43302
Symptom: The CPU hog traceback messages may be displayed while the Cisco ASR1000-ESP10 is
starting up.
Workaround: There is no workaround. Note that the occurrence of this issue does not affect the
working of the router.
CSCty46022
Symptoms: The CPU utilization level of the embedded services processor is constantly high.
Conditions: This issue is observed when the Intelligent Services Gateway (ISG) sessions with a
DHCP initiator encounter fragmented traffic whose packet size is small. These packets are punted
to the CPU of the embedded services processor.
CSCty52047
Symptom: Internet Key Exchange (IKE) security associations (SAs) are not automatically deleted
by the Dead Peer Detection (DPD) feature.
Workaround: Use the clear crypto isakmp conn-id command to manually delete the Internet
Security Association and Key Management Protocol (ISAKMP) session that is not responding. The
conn-id value can be obtained by running the show crypto isakmp sa command.
OL-26698-16
CSCty54885
Symptoms: The standby RP crashes when the active RP is removed to force a failover.
Workaround: Perform a switchover by running the redundancy forced-switchover command
instead of physically removing the RP.
CSCty58633
Symptom: The router fails to remove broadband sessions with traffic class features.
To view the Pending-ACK traffic class batch details, use the following commands:
show platform software object-manager fp active statistics
show platform software object-manager fp active pending-ack-batch
Conditions: This issue is observed when the router is subject to high CPU load on embedded
services processor, which could be the result of high call per second or RP switch-over.
CSCty61212
Symptom: When the GDOI crypto map configured on an interface is removed, the router stops
responding.
Conditions: This issue is observed when the GDOI crypto map configured on an interface is
removed.
CSCty62559
Symptoms: The embedded services processor may crash while a SPA is being reloaded after a RP
switchover.
Conditions: This issue is observed when there are approximately 8000 xconnects.
CSCty62887
Symptoms: When more than 1024 DTL requests are processed by the SIP ALG, the router may
crash.
CSCty63356
Symptom: A memory leak is observed on the embedded services processor.
Conditions: This issue is observed when all the following conditions are met:
Scaled 1000 IKE,1 Vrf , 4 IPSec, and a total of 4K IPSec sessions
Multi-SA enabled
CAC is 50
DPD is 60/15/periodic
CES (Cisco 7200 platform) is reloaded approximately every 20 minutes
Presence of approximately 60 M bidirectional traffic
OL-26698-16
CSCty68402
Symptom: The dropped packet counter fails. In the show policy-map interface command output,
the Account QoS statistics field displays a value 0 and the same field is displayed multipe times.
Conditions: This condition is observed with the following policy-map interface configuration:
policy-map sub-interface-account
class prec1
police cir 4000000 conform-action transmit
exceed-action drop
account
class prec2
police cir 3500000 conform-action transmit
exceed-action drop
account
class prec3
account
class class-default fragment prec4
bandwidth remaining ratio 1
account
policy-map main-interface
class prec1
priority level 1
queue-limit 86 packets
class prec2
priority level 2
class prec3
random-detect
class prec4 service-fragment prec4
shape average 200000
class class-default
CSCty69631
Symptom: Multicast forwarding fails due to RPF failures.
Conditions: This issue is observed when the multicast traffic flows through the GRE interface.
CSCty91888
Symptom: The standby database may not synchronize correctly.
Conditions: This issue is observed when running the Carrier-grade NAT (CGN) feature and the
traffic reaches a high setup or teardown rates.
OL-26698-16
CSCtz00728
Symptom: The downstream latency for MLPPPoE traffic and MLPPPoLNS traffic is higher than
expected due to an internal queuing delay.
Conditions: This issue is observed with MLPPPoE traffic and MLPPPoLNS traffic.
CSCtz01063
Symptom: The embedded services processor crashes if a transcoding call made using the Cisco
Unified Border Element (Enterprise Edition) is released immediately after the call is answered.
Conditions: This issue is observed if the transcoding call is released immediately after it is
answered.
CSCtz13468
Symptom: Auto-RP fails on the POS and ATM interfaces.
Conditions: This issue is observed when the POS SPA or ATM SPA is used with the Auto-RP
enabled.
CSCtz23514
Symptom: The FMAN-FP process crashes due to memory corruption.
Conditions: This issue is observed when a large number of BBA sessions are opened and closed and
the Lawful Intercept feature is enabled on some of these sessions.
CSCtz23638
Symptom: The following error message is displayed on the console:
PLIM driver informational error txnpTooLittleData
Condition: This issue is observed when Cisco ASR 1000-SIP40 is installed on the router.
CSCtz44330
Symptom: The following error message is displayed in the syslog:
Uncontrolled due to Exit Mismatch
PfR is enabled on a scale setup using DMVPN as external interface to a large number of remote
sites.
Cisco ASR 1000 is configured as border router.
All the traffic classes are application prefixes that are controlled using PBR.
OL-26698-16
CSCtz69986
Symptom: The amount of free memory on the router decreases slowly over time. The rate of
decrease is approximately 7 MB a day.
Conditions: This issue is observed when the Web Cache Communication Protocol (WCCP) is
configured on the interfaces.

3.6S
CSCtr63443
Symptom: The multicast forwarding plane entry and control plane entry are not consistent with each
other.
Conditions: This issue is observed when the BGP local peering interface is changed while active
traffic is flowing on the default MDT and data MDT.
Workaround: Clear the forwarding plane entry.
CSCtr73680
Symptom: The multicast data plane forwarding entry is incomplete. This may result in data getting
dropped.
Conditions: This issue is observed under stress testing conditions when BGP sessions and multicast
routes are cleared multiple times while running MVPNv6.
CSCtt65336
Symptom: When the primary path fails, a degradation of approximately 10 percent is observed in
the time that it takes for the traffic to converge to an alternative path.
Conditions: This issue is observed when the router is processing multicast traffic and there are more
than 1000 multicast routes.
CSCtt94440
Symptom: The route processor may reload automatically.
Conditions: This symptom is observed when the etoken is in use and the show crypto eli all
command is run.
Workaround: Use the show crypto eli command instead of the show crypto eli all command.
OL-26698-16
CSCtu22167
Symptom: The standby route processor crashes.
Prefixes are unicast through local labels.
A tunnel is the next hop for these prefixes.
The standby route processor crashes when you modify the topology by, for example, removing or
shutting down the physical interface leading to the destination address of the tunnel becoming
reachable via the tunnel.
Workaround: Ensure that the tunnel endpoint peer does not advertise the prefixes that must be known
to reach the tunnel endpoint.
CSCtu33110
Symptom: The embedded services processor may crash.
Conditions: This issue is observed when MLPPPoBB is configured and the traffic traversing the
subscriber contains fragments that are reassembled into packets larger than 9216 bytes in size.
CSCtw47123
Symptom: IPv6 packets that have extension headers are not forwarded on IPsec SVTI tunnels.
Instead, they are punted to the CPU. This causes an increase in the CPU utilization level.
Conditions: This issue is observed when IPv6 packets with the hop-by-hop extension header,
fragmentation extension header, or authentication extension header are sent over secure IPsec SVTI
tunnels.
CSCtw59780
Symptom: BGP dynamic neighbor structures at the hub are not cleaned up after the spokes change
to the Down state. The output of the show ip bgp all sum command continues to display dynamic
neighbors.
The scale environment for dynamic neighbors contains several thousand peers.
The peers are brought up and then removed before they can transition into the Established state.
CSCtw61192
Symptom: Routes in EIGRP are in the stuck-in-active condition.
Conditions: This issue is observed when routes in EIGRP are withdrawn. When this happens, the
router sends the query to the source of routes originated by the advertising router. The routes then
change to the stuck-in-active condition and do not return to the normal condition.
CSCtw91913
Symptom: For MPLS interworking on the port channel, if port mode xconnect is configured on one
end of the pseudowire and VLAN mode xconnect is configured on the other end, the pseudowire
goes down.
10
OL-26698-16
Port mode (that is, main interface) xconnect is configured on the port channel.
The port channel subinterface is configured with the encap dot1q command.
Workaround: Remove the port channel subinterface, and then shut down and restart the main
interface.
CSCtw98158
Symptom: When two ATM VPs are configured with cell packing and MCPT timers and connected
locally (that is, they are configured for ATM local switching by using the connect command), the
router may crash while defaulting the ATM interfaces.
Conditions: This issue is observed when cell packing and MCPT timers are configured along with
local switching.
CSCtw99035
Symptom: The multicast control plane does not repopulate the BGP auto-discovery route.
Conditions: This issue is observed when the clear bgp ipv6 mvpn * command is run on an
MVPNv6-only configuration (that is, MVPNv4 is not configured).
CSCtx05726
Symptom: The standby route processor may crash while configuration information is being copied
from a TFTP server.
Conditions: This issue is observed while configuration information is being copied from a TFTP
server.
Workaround: There is no workaround. Note that when the standby route processor reboots after the
crash, the configurations on the active route processor are correctly synchronized to the standby
route processor.
CSCtx13741
Symptom: The crashinfo file cannot be generated.
Conditions: This issue is observed when the router crashes due to a software issue.
CSCtx32935
Symptom: The permanent license automatically changes back to the evaluation license.
Conditions: This issue is observed when the router is reloaded after the installation of the permanent
license.
CSCtx42223
Symptom: The connection with an FRR client that is registered for a BFD session is lost after an
SSO. The FRR client is not notified when the BFD session detects the failure.
Conditions: This issue is observed after an SSO, when the FRR client is registered for a BFD
session.
OL-26698-16
11
CSCtx44508
Symptom: There is a delay in route processor synchronization after an SSO.
Conditions: This issue is observed when IBGP NSR is enabled, and under scale conditions.
CSCtx48753
Symptom: In Release 3.6.0, configurations that contain PPP sessions use more memory when
compared with earlier releases.
Conditions: This issue is observed in configurations that contain PPP sessions.
CSCtx50202
Symptom: The ERSAN multilink range and description are lost.
Conditions: This issue is observed after a route processor switchover.
CSCtx52042
Symptom: The PMIP crashes when IPv6 bindings on a peer router are cleared.
Conditions: This issue is observed on IPv6 mobile nodes.
CSCtx53391
Symptom: uCode may crash when the router is reloaded or when interfaces are shut down and
restarted.
Conditions: This issue may be observed when more than 200 VC bundles are configured under an
interface that also has more than 200 PVCs with IPv6 configured.
Workaround: There is no workaround. Try to avoid configuring VC bundles and PVCs with IPv6
addresses under the same main interface.
CSCtx60094
Symptom: Type 1 MVPN routes are not created.
Conditions: This issue is observed when the IP address of a loopback interface is changed.
Workaround: Create a dummy neighbor under the address-family ipv4 mvpn configuration or the
address-family ipv6 mvpn configuration. Alternatively, unconfigure and reconfigure the MDT
group under the VRF configuration.
CSCtx64813
Symptom: After the crypto map is deleted, the configuration under the crypto map does not get fully
cleaned up. Because this standalone configuration is created by the nonvolatile generation
(NVGEN) process, the standby route processor resets automatically due to configuration
synchronization failure.
Conditions: Delete the incomplete crypto-map having one of the command set security-association
lifetime kilobytes.
12
OL-26698-16
CSCtx75609
Symptom: The AToM virtual circuit does not come up in the standby route processor.
Conditions: This issue is observed when xconnect is configured on the CEM circuit.
CSCtx75661
Symptom: The MTU value for a virtual token ring interface changes when a subinterface is created
on the virtual token ring interface.
Conditions: This issue is observed after a subinterface is created.
CSCtx80446
Symptom: When the no authentication command is run on one BFD template, other MHOP BFD
sessions on which authentication has been configured may change to the Down state.
Conditions: This issue is observed when there are multiple sessions using different maps and
templates.
CSCtx87332
Symptom: The gshut command either modifies the loc_pref property for all the nets or does not
modify the loc_pref property for any net.
Condition: This issue is observed when more than one customer edge router in a VRF belongs to the
same autonomous system.
CSCtx92716
Symptom: The router crashes when service policies are removed and added on port-mode
cell-packed interfaces.
Conditions: This issue is observed when service policies are removed and added on port-mode
cell-packed interfaces.
CSCtx96605
Symptom: An ISSU support message is displayed after the router is reloaded.
Conditions: This issue is observed after the router is reloaded.
CSCty02385
Symptom: A drop in traffic is observed when EoMPLS VLAN interworking is configured.
Conditions: This issue is observed only when a VLAN rewrite takes place.
Workaround: Ensure that the same VLAN ID is used on both the PE-facing end and the CE-facing
end.
OL-26698-16
13
CSCty09535
Symptom: Some BGP IPv4 packet loss may be observed after an ISSU upgrade from Release 3.5.0
to Release 3.6.0 on a Cisco ASR 1004 Router on which RP2 is installed.
Conditions: This issue is observed after an ISSU upgrade from Release 3.5.0 to Release 3.6.0 on a
Cisco ASR 1004 Router on which RP2 is installed.
CSCty13699
Symptom: When the L2VPN Pseudowire Stitching feature is configured between a static segment
and a dynamic segment, both segments may move to the Down state.
Conditions: This issue is observed when the L2VPN Pseudowire Stitching feature is configured
between a static segment and a dynamic segment.
CSCty16620
Symptom: The backup pseudowire in SVIEoMPLS does not come up after the router is reloaded.
Conditions: This issue is observed when both the following conditions are met:
The remote router on the backup pseudowire does not support the TLV pseudowire status.
The no status TLV command is not run on the pseudowire class used in the pseudowire that
does not support the TLV pseudowire status.

Workaround: To avoid this issue, if the remote side does not support the pseudowire TLV status, run
the no status TLV command on the pseudowire class that is used. If this issue does occur,
reprovision the backup pseudowire after the reload operation.
CSCty24937
Symptom: Ternary content-addressable memory (TCAM) may get exhausted, and the embedded
services processor may crash.
Conditions: This issue is observed when more than 300 class maps, each matching 64 security tags,
are configured as part of Cisco TrustSec ID Firewall (IDFW) on a Cisco ASR 1002 Router or on any
Cisco ASR 1000 Series Aggregation Services Router on which Cisco ASR 1000-RP1 and Cisco
ASR 1000-ESP10 are installed.
CSCty25773
Symptom: A traceback message may be displayed after a route processor switchover.
Conditions: This issue is observed when MPLS TE configuration is applied over pseudowire
configuration.
CSCty28813
Symptom: If the default MDT address configured for one VRF is the same as the data MDT address
of another VRF, a CPU hog message may be displayed or the router may crash.
Conditions: This issue is observed when the default MDT address configured for one VRF is the
same as the data MDT address of another VRF.
14
OL-26698-16
CSCty29277
Symptom: The Cisco Flexible NetFlow exporter continues to export information about deleted
interfaces.
Conditions: This issue is observed when subinterfaces are deleted while an active Cisco Flexible
NetFlow exporter is in use.
CSCty30886
Symptom: The standby route processor may crash when you try to bring up a PPPoE session.
Conditions: This issue is observed when both the following configurations are set up on the active
route processor:
An invalid IP address pool is configured under the virtual template.
The aaa authorization network default group radius-server command is used to configure
remote authentication and authorization. However, the local AAA server is used for this purpose
under the virtual template.
CSCty32548
Symptom: The embedded services processor may reload automatically when the clear ip nat trans
inside ig il forced command is run to clear a dynamic bind that has active elements.
Conditions: This issue is observed in the CGN mode with a dynamic configuration, that is, not a PAT
configuration.
CSCty35391
Symptom: The router may take a long time to boot and to complete bulk configuration
synchronization.
Conditions: This issue is observed when a large number of VPLS VCs and EVCs are configured.
CSCty43302
Symptom: CPU hog traceback messages may be displayed while the Cisco ASR1000-ESP10 is
starting up.
CSCty46058
Symptom: Shutting down a static multisegment VFI causes traffic to flow in one direction.
Conditions: This issue is observed when you configure a point-to-point VFI with two static
neighbors and then shut down the VFI by using the shutdown command.
CSCty52524
Symptom: Traffic may fail when a route map is configured on an IPv6 interface.
Conditions: This issue is observed when a route map is configured on an IPv6 interface.
OL-26698-16
15
CSCty54187
Symptom: The following error message is displayed:
%IPSEC-3-RECVD_PKT_NOT_IPSEC:Rec'd packet not an IPSEC packet.
Conditions: This issue is observed when the IKEv2 profile is configured with IVRF.
CSCty54702
Symptom: The embedded services processor may crash during a route processor switchover.
Conditions: This issue is observed when ISG DHCP sessions are present during the SNMP lawful
intercept process.
CSCty55118
Symptom: Pending issues and tracebacks are observed.
Conditions: This issue is observed when a neighbor router reloads.
CSCty55408
Symptom: Pending issues and acknowledgments are observed after unconfiguring and then
reconfiguring the same scale configuration while traffic is running.
Conditions: This issue is observed after unconfiguring and then reconfiguring the same scale
configuration while traffic is running.
CSCty78454
Symptom: The configured or default DNS timeout interval in the parameter map is not used for DNS
sessions. Instead, the UDP timeout interval is used for the DNS sessions.
Conditions: This issue is observed when a UDP timeout interval is configured for DNS sessions.
Workaround: Configure a new class map to match the DNS traffic that is affected, and then configure
a new parameter map for this class map. Ensure that the UDP timeout interval specified in the new
parameter map is the same as the required DNS timeout interval.
CSCto58710
Symptoms: Certificate validation fails when the CRL is not retrieved.
Conditions: This issue is observed when a Cisco ASR 1000 Series Aggregation Services Router
attempts to retrieve a CRL using LDAP, and the LDAP server is in a VRF.
Workaround: Use a certificate map to revoke certificates or publish the CRL to an HTTP server and
configure CDP override to fetch the CRL.
16
OL-26698-16

Release 3.6.2S
CSCtz77171
Symptoms: Subscriber drops are not reported in mod4 accounting.
Conditions: This symptom is observed on checking policy-map interface for accounting QoS
statistics on a port-channel subinterface.
CSCtz13465
Symptoms: High CPU is seen on Enhanced FlexWAN module due to interrupts with traffic.
Conditions: This symptom is observed in an interface with a policy installed.
CSCua07228
Symptoms: Locally generated traffic is not encrypted when crypto map is applied to LISP interface.
Conditions: GET VPN or static crypto map is configured on LISP interface to encrypt traffic
between LISP E-IDs.
CSCty41336
Symptoms: Forward-alarm AIS does not work on CESoPSN circuits.
Conditions: This symptom occurs when you create SAToP and CESoPSN circuits and configure
forward-alarm ais.
CSCua26487
Symptoms: SNMP loops at OID 1.3.6.1.4.1.9.9.645.1.2.1.1.1, and as a result, SNMP walk fails.
Conditions: This symptom is observed only on the SNMP getbulk request on
1.3.6.1.4.1.9.9.645.1.2.1.1.1.
Workaround: Exclude the MIB table from SNMP walk using SNMP view. See the following
configurations:
snmp-server view view name iso included snmp-server view view name ceeSubInterfaceTable
excluded snmp-server community community view view name interfaceTable excluded
snmp-server community community view view name
CSCtz89485
Symptoms: NAT traffic passes through the new standby router following HSRP switchover.
Conditions: This symptom is observed with HA NAT (NAT with HSRP) mappings with inside global
addresses that overlap a subnet owned by a router interface.
Workaround: Each of the following actions must be performed:
Force a HSRP switchover so that the initial standby router takes activity.
Remove and re-add HSRP NAT mappings on the newly active router.
Force a HSRP swtichover back to the initially active router.
OL-26698-16
17
CSCua13418
Symptoms: RP-Announce packets are replicated across all the tunnel interfaces and the count of
replication is equal to the number of tunnel interfaces.
For example, if there are 3 tunnel interfaces, then each tunnel should forward 1 RP-Announce packet
each minute (with the default timer configured). However, in this case, each tunnel is forwarding 3
RP-Announce packets across each tunnel interface. This issue is not specific to the number of
interfaces. It can happen with any number of tunnel interfaces.
boundary command. This issue is also seen on the Cisco 3725 router, where the incoming packets
are replicated because of the filter-autorp command.
Workaround: Removing filter-autorp command resolves the issue. However, you need to remove
the pim and boundary commands first, and then reapply the pim and boundary list without the
filter-autorp keyword. Also, doing this might lead to redesigning of the topology to meet specific
requirements.
To remove the filter-autorp command, perform the following configuration:
int Tun X
no ip pim sparse-dense mode
no ip multicast boundary XXXXXX filter-autorp
int TuX
ip pim sparse-dense mode
ip multicast boundary XXXXXX
CSCtz82716
Symptoms: ESP crashes on changing the tunnel mode from IPSec v4 to IPSec v6.
Conditions: ESP crashes on changing the tunnel mode from IPSec v4 to IPSec v6 with online traffic
Workaround: Shutdown the tunnel before changing the tunnel mode.
CSCub08714
Symptoms: Poor performance for multicast on ASR 1000 router over DMVPN.
Conditions: This symptom is observed in the following conditions:
Multicast packet has to come on a Tunnel interface (not a physical interface).
NS (negate signaling) flag has to be set on one of the interfaces in the MFIB (S,G) entry.
If both these conditions are met, then the packet is punted to control plane and forwarded in both
the software and the hardware, thus causing duplicates. The NS punts are periodic or throttled, and
not all multicast packets are punted because of NS. Thus the duplication is intermittent or periodic.
CSCua77720
Symptoms: cpp_svr restart is seen on Optimized Edge Routing (OER) border on tunnel flap
(external interface) or configuration replace.
Conditions: Performance Routing (PfR) external i/f flapping or MC/BR session flapping.
18
OL-26698-16
CSCub01576
Symptoms: Embedded Services Processor (ESP) reloads on the Cisco ASR 1000 router due to ucode
crash.
Conditions: This symptom is observed on the Cisco ASR 1000 router where the Layer 4 Redirect
feature is configured. This problem was first introduced in Cisco Release 15.2(01)S. This issue may
not be seen in some customer environments to about once-a-week in medium-sized high CPS ISG
production networks.
CSCua87877
Symptoms: A crash occurs in ucode.
Conditions: This symptom is observed with 160 cps SIP calls.
CSCua66308
Symptoms: Classification-related error messages and tracebacks are seen on the CLI console, and
the configuration is not downloaded to the data path.
Conditions: This symptom is observed in large configurations with multiple deny statements.
Workaround: Observe caution when using deny statements in a configuration.
CSCua10815
Symptoms: FP Memory is leaking and after sometime, the memory will crash.
Conditions: If IPSec + WCCP is configured, then due to large number of debug log messages in the
cpp_cp_F0-0.log file, there is a memory leak in CPP and FP is crashed.
CSCua77466
Symptoms: NBAR does not work after subpackage ISSU on a single RP1, although the CLI shows
that NBAR is up.
Conditions: This is a timing issue and may or may not appear depending on configuration and
system hardware and so on. This issue seems to happen consistently with the upgrade of 3.5.2S to
3.7S on an ASR 1004 router with RP1.
Workaround: Restart the router after ISSU.
CSCua79516
Symptoms: SYN packets, which are required to establish FTP-data connections, are sporadically
dropped at the Cisco ASR 1000 router.
Conditions: This symptom is observed under the following conditions on ASR 1000 router:
Using the active mode File Transfer Protocol (FTP).
Using Port Address Translation (PAT).
Workaround: Each of the following work arounds must be performed:

Use the passive mode FTP.
Use the static Network Address Translation (NAT) or dynamic NAT configuration.
OL-26698-16
19
CSCua66250
Symptoms: After Locator Identifier Separation Protocol (LISP) encapsulation, in certain conditions,
if the packet size is greater than the path MTU size, then the packets could end up getting fragmented
and the inner header may not be copied correctly to all the fragments, causing the packets to be
dropped.
Conditions: The LISP Ingress Tunnel Router (ITR) encapsulating a packet is not setting the Don't
Fragment bit in the outer IP header. Therefore, ICMP Destination Unreachable message with bigger
error code datagram is not returned to the encapsulating ITR.
Workaround: Configuring IP MTU less than the path MTU on the LISP0 interface or the egress
interface on a LISP ITR causes the packets to be fragmented by the LISP ITR and then LISP
encapsulated to the destination.
CSCua27842
Symptoms: The Cisco ASR 1000 router crashes in firewall code due to NULL l4_info pointer.
Day 1 issue.
Conditions: This symptom occurs when the Cisco ASR 1000 router acts as the MPLS L3VPN UHP.
It crashes because FW/NAT requires the l4_info to be set. To trigger this issue, the following
features must be configured:
MPLS L3VPN (PE)
Zone Based FW/NAT
MPLS and MP-BGP load balance configured towards upstream router.
CSCty10285
Symptoms: WCCP redirection does not happen with a Cisco ASR 1000 router running Cisco IOS
XE Release 3.5 RP1.
Conditions: This symptom occurs when GetVPN is used.
CSCua23997
Symptoms: Continuous ESP crash is seen after dropping packets due to unsupported OCE.
Conditions: This symptom is observed when OCE is unsupported.
CSCtu33110
Symptoms: While configuring or running virtual fragmentation reassembly on the virtual template
that serves MLPPPoBB calls, the FP crashed in /ip_reass/frag_info.c.
Conditions: Device configured for virtual fragmentation reassembly on the virtual template that
serves MLPPPoBB calls.
PSIRT Evaluation: The Cisco PSIRT has evaluated this issue and does not meet the criteria for
PSIRT ownership or involvement.
This issue will be addressed using normal resolution channels. If you believe that there is new
information that would cause a change in the severity of this issue, please contact psirt@cisco.com
for another evaluation.
20
OL-26698-16
CSCtz26658
Symptoms: The Cisco ASR 1000 router acts as GET VPN GM. Small UDP fragments (21 to 25
bytes, IP header included) coming in through the IPsec are dropped.
Conditions: This symptom occurs when the Cisco ASR 1000 router acts as GET VPN GM and
TBAR is enabled for the group.
Workaround: There is no workaround. Disabling TBAR is not recommended as a workaround
because of the operational impact of the change on a live GET VPN network.
CSCtz38558
Symptoms: The traceback may be seen on an ASR 1000 router when processing some IPv6
malformed packets.
Conditions: IPv6 packet is malformed.
Additional Information: Packet will be dropped.
CSCtz82711
Symptoms: Datapath session would not open for PDP create.
Conditions: This symptom is observed when SGSN sends echo request before PDP_CREATE_REQ.
CSCtz67785
Symptoms: The Cisco ASR 1000 router may experience a Control Plane Policing (CPP) crash.
Conditions: This symptom occurs when the router is configured for Session Border Controller
(SBC). During periods of high traffic, FP reports a lot of media up events to RP, which can crash FP.
Workaround: If ip nbar protocol-discovery command is enabled, it may exacerbate the crashes.
Removing it may provide some stability.
CSCtz92658
Symptoms: Continuous QMOVESTUCK error messages on console for multilink frame relay
(MFR) interface.
Conditions: Either on controller shut/noshut or router reload with MFR configurations.
CSCtz38394
Symptoms: FP (cpp_cp_svr anf fman_fp_image) crash.
Conditions: MFR member link delete or add is followed by bundle delete or add.
OL-26698-16
21
22
OL-26698-16
MIBs Used in Cisco ASR 1000 Series Aggregation

Services Routers
To locate and download MIBs for selected platforms, Cisco IOS and Cisco IOS XE releases, and feature
sets, use the Cisco MIB Locator at the following location:
http://tools.cisco.com/ITDIT/MIBS/servlet/index
If the Cisco MIB Locator does not support the MIB information that you need, you can also obtain a list
of supported MIBs and download MIBs from the Cisco MIBs page at the following location:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
To access the Cisco MIB Locator, you must have an account on cisco.com. If you have forgotten or lost
your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will
verify whether your e-mail address is registered with cisco.com. If the check is successful, account
details with a new random password will be e-mailed to you. Qualified users can create an account on
cisco.com by following the directions provided at the following location:
http://tools.cisco.com/RPF/register/register.do
MIBs for Cisco ASR 1000 Series Aggregation Services Routers

The Cisco ASR 1000 Series Routers support the following MIBs:
ATM-MIB
BGP4-MIB (RFC 1657)
CISCO-AAA-SERVER-MIB
CISCO-AAA-SESSION-MIB
CISCO-AAL5-MIB
CISCO-ATM-EXT-MIB
CISCO-ATM-PVCTRAP-EXTN-MIB
CISCO-ATM-QOS-MIB
CISCO-BGP4-MIB (updated to support IPv6 addresses)
CISCO-BULK-FILE-MIB
Cisco Systems, Inc.

www.cisco.com
CISCO-CBP-TARGET-MIB
CISCO-CDP-MIB
CISCO-CEF-MIB
CISCO-CLASS-BASED-QOS-MIB
CISCO-CONFIG-COPY-MIB
CISCO-CONFIG-MAN-MIB
CISCO-CONTEXT-MAPPING-MIB
CISCO-DATA-COLLECTION-MIB
CISCO-DYNAMIC-TEMPLATE-MIB
CISCO-EMBEDDED-EVENT-MGR-MIB
CISCO-ENHANCED-MEMPOOL-MIB
CISCO-ENTITY-ALARM-MIB
CISCO-ENTITY-EXT-MIB
CISCO-ENTITY-FRU-CONTROL-MIB
CISCO-ENTITY-PERFORMANCE-MIB
CISCO-ENTITY-QFP-MIB
CISCO-ENTITY-SENSOR-MIB
CISCO-ENTITY-VENDORTYPE-OID-MIB
CISCO-FLASH-MIB
CISCO-FRAME-RELAY-MIB
CISCO-FTP-CLIENT-MIB
CISCO-HSRP-EXT-MIB
CISCO-HSRP-MIB
CISCO-IETF-ATM2-PVCTRAP-MIB
CISCO-IETF-FRR-MIB
CISCO-IETF-ISIS-MIB
CISCO-IETF-NAT-MIB
CISCO-IETF-PPVPN-MPLS-VPN-MIB
CISCO-IETF-PW-ATM-MIB
CISCO-IETF-PW-ENET-MIB
CISCO-IETF-PW-MIB
CISCO-IETF-PW-MPLS-MIB
CISCO-IF-EXTENSION-MIB
CISCO-IGMP-FILTER-MIB
CISCO-IMAGE-MIB
CISCO-IP-LOCAL-POOL-MIB
CISCO-IPMROUTE-MIB
CISCO-IPSEC-FLOW-MONITOR-MIB
MIBs Used in Cisco ASR 1000 Series Aggregation Services Routers
OL-26698-16
CISCO-IPSEC-MIB
CISCO-IPSEC-POLICY-MAP-MIB
CISCO-IP-TAP-MIB
CISCO-IP-URPF-MIB
CISCO-MVPN-MIB
CISCO-NBAR-PROTOCOL-DISCOVERY-MIB
CISCO-NETFLOW-MIB
CISCO-NTP-MIB
CISCO-OSPF-MIB (draft-ietf-ospf-mib-update-05)
CISCO-OSPF-TRAP-MIB (draft-ietf-ospf-mib-update-05)
CISCO-PIM-MIB
CISCO-PING-MIB
CISCO-PPPOE-MIB
CISCO-PROCESS-MIB
CISCO-PRODUCTS-MIB
CISCO-QINQ-VLAN-MIB
CISCO-RF-MIB
CISCO-RTTMON-MIB
CISCO-SESS-BORDER-CTRLR-CALL-STATS-MIB
CISCO-SESS-BORDER-CTRLR-EVENT-MIB
CISCO-SESS-BORDER-CTRLR-STATS-MIB
CISCO-SONET-MIB
CISCO-SUBSCRIBER-SESSION-MIB
CISCO-SYSLOG-MIB
CISCO-TAP2-MIB
CISCO-USER-CONNECTION-TAP-MIB
CISCO-UNIFIED-FIREWALL-MIB
CISCO-VLAN-IFTABLE-RELATIONSHIP-MIB
CISCO-VLAN-MEMBERSHIP-MIB
CISCO-VOIP-TAP-MIB
CISCO-VPDN-MGMT-MIB
DS1-MIB (RFC 2495)
DS3-MIB (RFC 2496)
ENTITY-MIB (RFC 4133)
ENTITY-SENSOR-MIB (RFC 3433)
ETHERLIKE-MIB (RFC 3635)
ETHER-WIS
EVENT-MIB (RFC 2981)

OL-26698-16
EXPRESSION-MIB
FRAME-RELAY-DTE-MIB (RFC1315-MIB)
HC-ALARM-MIB
IF-MIB (RFC 2863)
IGMP-STD-MIB (RFC 2933)
IP-FORWARD-MIB (RFC 4292)
IP-MIB (RFC 4293)
IPMROUTE-STD-MIB (RFC 2932)
MPLS-L3VPN-STD-MIB (RFC 4382)
MPLS-LDP-GENERIC-STD-MIB (RFC 3815)
MPLS-LDP-STD-MIB (RFC 3815)
MPLS-LSR-STD-MIB (RFC 3813)
MPLS-TE-MIB
MPLS-VPN-MIB
MSDP-MIB
NHRP-MIB
NOTIFICATION-LOG-MIB (RFC 3014)
OSPF-MIB (RFC 1850)
OSPF-TRAP-MIB (RFC 1850)
PIM-MIB (RFC 2934)
RFC1213-MIB
RMON-MIB (RFC 1757)
RSVP-MIB
SNMP-COMMUNITY-MIB (RFC 2576)
SNMP-FRAMEWORK-MIB (RFC 2571)
SNMP-MPD-MIB (RFC 2572)
SNMP-NOTIFICATION-MIB (RFC 2573)
SNMP-PROXY-MIB (RFC 2573)
SNMP-TARGET-MIB (RFC 2573)
SNMPv2-MIB (RFC 1907)
SNMP-VIEW-BASED-ACM-MIB (RFC 2575)
SONET-MIB (RFC 2558)
TCP-MIB (RFC 4022)
TUNNEL-MIB (RFC 4087)
UDP-MIB (RFC 4113)
OL-26698-16
The Cisco ASR 1000 Series Routers support the following unverified and supported MIBs:
ATM-FORUM-ADDR-REG-MIB
ATM-FORUM-MIB
CISCO-ATM-QOS-MIB
For information about Cisco ASR 1000 Series Aggregation Services Routers product implementation of
the MIB protocol, see Cisco ASR 1000 Series Aggregation Services Routers MIB Specifications Guide
at the following location:
http://www.cisco.com/en/US/docs/routers/asr1000/mib/guide/asr1kmib.html

OL-26698-16
OL-26698-16
Software Licenses for Cisco ASR 1000 Series

This chapter provides information about Open Source Licences and Software Activation for Cisco ASR
1000 Series Aggregation Services Routers.
Open Source License Notices

For a listing of the license notices for open source software used in Cisco ASR 1000 Series Aggregation
Services Routers releases, see the documents accessible from the License Information page at the
following location:
http://www.cisco.com/en/US/products/ps11174/products_licensing_information_listing.html
Software Activation Overview

The Cisco IOS Software Activation feature is an orchestrated collection of processes and components to
activate Cisco software feature sets by obtaining and validating Cisco software licenses.
Acquiring and Managing Software Licenses

To acquire and manage software license on your router use one of the following methods:
Cisco Product License Registration Portalallows you to manually acquire and register individual
software licenses through a registration portal.
Product Authorization Keyto interact with the Cisco Product License Registration portals you
might require a PAK, which is provided when you order and purchase the Right-To-Use a feature
set for a particular platform.
Unique Device Identifierperforms license verification checks by comparing a stored unique

device identifier (UDI)-a unique and unchangeable identifier assigned to all Cisco hardware
devices--with the UDI of the device.
Cisco Systems, Inc.

www.cisco.com
Software Activation Overview
Cisco Software License Validationuses a system of validation keys to provide a simple

mechanism for deploying new feature sets that offers Cisco customers increased functionality for
upgrading and maintaining their software.
Cisco License Managersoftware application that lets you acquire, register, install, and manage
software licenses on multiple devices on your network.
For more information on obtaining and validating Cisco software licenses, see
http://www.cisco.com/en/US/docs/ios-xml/ios/csa/configuration/xe-3s/csa-xe-3s-book.html
Cisco License Call Homeinteracts with the Cisco Product License Registration portal directly
from your router to get, install, and manage your license.
For more information on obtaining and validating Cisco license for Call Home, see
http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/csa_callhome.html
Right-To-Use (RTU) Migrationmigrates to an Existing or Lifetime RTU release and recommends

steps you must perform before upgrading.
For more information on obtaining and validating Cisco license for RTU, see
http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/csa_rtu.html
Software Licenses for Cisco ASR 1000 Series Aggregation Services Routers
OL-26698-16
Related Documentation for Cisco ASR 1000

Series Aggregation Services Routers
The following sections describe the documentation available for Cisco ASR 1000 Series Aggregation
Services Routers. These documents consist of hardware and software installation guides, system error
messages, and other documents.
Documentation is available as printed manuals or electronic documents, except for feature modules,
which are available online on cisco.com.
Cisco ASR 1000 Series Aggregation Services Routers Documents, page 1
Error Message Documentation for Cisco ASR 1000 Series Aggregation Services Routers, page 2
Cisco ASR 1000 Series Aggregation Services Routers

Documents
The platform-specific documents for Cisco ASR 1000 Series Aggregation Services Routers are divided
into the following sections on cisco.com:
Release and General Information

Provides a description of new features, system requirements, limitations, restrictions, caveats, and
troubleshooting information for Cisco ASR 1000 Series Aggregation Services Routers releases.
http://www.cisco.com/en/US/products/ps9343/tsd_products_support_general_information.html
Reference Guides
Provides information about the software commands used to configure Cisco products, including
command syntax, default value, value range, command mode, usage guidelines, and examples.
Technical reference documents provide a wide range of technical information as it pertains to Cisco
products and services, including system test reports and MIB reference information.
http://www.cisco.com/en/US/products/ps9343/tsd_products_support_reference_guides.html
Cisco Systems, Inc.

www.cisco.com
Error Message Documentation for Cisco ASR 1000 Series Aggregation Services Routers
Install and Upgrade

Provides instructions for installing and upgrading Cisco ASR 1000 Series Aggregation Services
Routers. Also includes shipping documents, safety information, and quick start guides for
experienced users.
http://www.cisco.com/en/US/products/ps9343/tsd_products_support_install_and_upgrade.html
Configure
Provides instructions for configuring Cisco ASR 1000 Series Aggregation Services Routers, and
includes configuration examples, network diagrams, and technical concepts.
http://www.cisco.com/en/US/products/ps9343/tsd_products_support_configure.html
Error Message Documentation for Cisco ASR 1000 Series

Information about error messages for Cisco IOS XE Release 3S and later IOS XE releases can be found
in the following locations:
Cisco IOS XE System Message Guide

Documents non-IOS messages specific to Cisco ASR 1000 Series Aggregation Services Routers.
http://www.cisco.com/en/US/docs/ios/system/messages/guide/xemsg01.html
Cisco IOS Release 12.2SB System Message Guide

Documents all messages available in Cisco IOS Release 12.2SB, which is a parent release for the
Cisco IOS subpackage in Cisco IOS XE Release 2.
http://www.cisco.com/en/US/docs/ios/system/messages/guide/consol_smg.html
Cisco IOS Release 12.2SR System Message Guide

Documents all messages available in Cisco IOS Release 12.2SR, which is a parent release for the
Cisco IOS subpackage in Cisco IOS XE Release 2.
http://www.cisco.com/en/US/docs/ios/system/messages/guide/consol_smg.html
Cisco IOS Error Message Decoder

The Cisco IOS Error Message Decoder is an online tool available to all registered cisco.com users
for researching and resolving error messages. This tool provides you with an explanation of the error
message, a recommended action, and links to suggested online Cisco technical support resources.
http://www.cisco.com/pcgi-bin/Support/Errordecoder/index.cgi
Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional
information, see the monthly Whats New in Cisco Product Documentation, which also lists all new and
revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the Whats New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed
and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free
service and Cisco currently supports RSS version 2.0.
Related Documentation for Cisco ASR 1000 Series Aggregation Services Routers
OL-26698-16
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of
Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The
use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
20082013 Cisco Systems, Inc. All rights reserved.
OL-26698-16
OL-26698-16

Asr1k RN Rel Notes

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Asr1k RN Rel Notes

Uploaded by

Copyright:

Available Formats

Cisco ASR 1000 Series Aggregation Services

Routers Release Notes

About Cisco ASR 1000 Series Aggregation Services Routers

Cisco Systems, Inc.

Cisco ASR 1000 Series Aggregation Services Routers Release Notes

Cisco IOS XE 3StoCisco IOS Release Number Mapping

Cisco IOS XE 3S Release

Cisco IOS Release

Cisco ASR 1000 Series Aggregation Services Routers Release Notes

Cisco IOS XE 3StoCisco IOS Release Number Mapping (continued)

Cisco IOS XE 3S Release

Cisco IOS Release

Cisco ASR 1000 Series Aggregation Services Routers Release Notes

System Requirements for Cisco ASR 1000 Series

Software Packaging, page 1

Hardware Supported, page 32

ROMmon Release Requirements, page 32

Determining the Release Number of the Installed Software, page 38

Upgrading to a New Software Release, page 43

Individual software subpackages within a consolidated package

Optional software subpackages outside the consolidated packages

Cisco Systems, Inc.

the rest of the platform.

RPAccess: Provides components to manage enhanced router access functionality.

QuantumFlow Processor client, driver, and ucode.

(SPA FPGA images)

Cisco ASR 1000 Series Aggregation Services Routers RP1 IP BASE

The following are the RP2 consolidated packages:

Cisco ASR 1000 Series Aggregation Services Routers RP2 IP BASE

Cisco ASR 1000 Series Aggregation Services Routers Software

Fields in the ISSU Compatibility Tables

C&T (SSO Tested)

ISSU Compatibility of Cisco IOS XE 3.1S-Based Releases

Target Cisco IOS XE

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.1S-Based Releases (continued)

Target Cisco IOS XE

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.1S-Based Releases (continued)

Target Cisco IOS XE

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.2S-Based Releases

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.2S-Based Releases (continued)

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.2S-Based Releases (continued)

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.3S-Based Releases

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.3S-Based Releases (continued)

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.3S-Based Releases (continued)

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.4S-Based Releases

Target Cisco IOS XE

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.4S-Based Releases (continued)

Target Cisco IOS XE

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.5S-Based Releases

Target Cisco IOS XE Release

Deployed Cisco IOS XE Release

ISSU Compatibility of Cisco IOS XE 3.5S-Based Releases (continued)