About Cisco ASR 1000 Series Aggregation Services Routers
Note |
Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.
Get started with the Content Hub at content.cisco.com to craft a personalized documentation experience. Do provide feedback about your experience with the Content Hub. |
Cisco ASR 1000 Series Aggregation Services Routers are Cisco routers deployed as managed service provider routers, enterprise edge routers, and service provider edge routers. These routers use an innovative and powerful hardware processor technology known as the Cisco QuantumFlow Processor.
Cisco ASR 1000 Series Aggregation Services Routers run the Cisco IOS XE software and introduce a distributed software architecture that moves many operating system responsibilities out of the IOS process. In this architecture, Cisco IOS, which was previously responsible for almost all of the internal software processes, now runs as one of many Cisco IOS XE processes while allowing other Cisco IOS XE processes to share responsibility for running the router.
New Features and Important Notes
New and Changed Information
The following sections list the new hardware and software features that are supported on the Cisco ASR 1000 Series Aggregation Services Routers.
New Hardware Features in Cisco IOS XE Everest 16.6.2
No new hardware features were introduced for Cisco ASR 1000 Series in Cisco IOS XE Everest 16.6.2.
New Software Features in Cisco IOS XE Everest 16.6.2
The following are the new software features introduced in Cisco ASR 1000 Series Aggregation Services Routers for Cisco IOS XE Everest 16.6.2.
ASR1000: EPA 2x40G Support
Effective Cisco IOS XE Everest 16.6.2, Cisco ASR 1000 2x40GE Ethernet Port Adapter (EPA-2X40GE) is supported on the following Cisco ASR 1000 Series Aggregation Services Routers:
-
ASR 1006-X
-
ASR 1009-X
-
ASR 1013
-
ASR 1002-HX
Encrypted Traffic Analytics
For detailed information, see the following Cisco documents:
New Hardware Features in Cisco IOS XE Everest 16.6.1
No new hardware features were introduced for Cisco ASR 1000 Series in Cisco IOS XE Everest 16.6.1.
New Software Features in Cisco IOS XE Everest 16.6.1
The following are the new software features introduced in Cisco ASR 1000 Series Aggregation Services Routers for Cisco IOS XE Everest 16.6.1.
10GBase AOC SFP+ Cable support
Effective with Cisco IOS XE Everest 16.6.1, the following transceiver models are supported on Cisco 1001-X Router, Cisco ASR 1001-HX Router, and Cisco ASR 1002-HX Router:
-
SFP-10G-AOC1M
-
SFP-10G-AOC1M
-
SFP-10G-AOC2M
-
SFP-10G-AOC3M
-
SFP-10G-AOC5M
-
SFP-10G-AOC7M
-
SFP-10G-AOC10M
-
SFP-10G-SR-S
-
SFP-10G-LR-S
For detailed information, see the following Cisco document:
BGP - SR: BGP Prefix SID Redistribution
For detailed information, see the following Cisco document:
BGP Feature Monitoring
Effective with Cisco IOS XE Everest 16.6.1, the Cisco IOS XE YANG models are supported for Border Gateway Protocol (BGP).
Broadband Smart Licensing
For detailed information, see the following Cisco document:
CPAK-100G-SR4 Transceiver Support
For detailed information, see the following Cisco document:
Extensible Authentication Protocol - Transport Layer Security (EAP-TLS) method support for MACsec Key Agreement (MKA)
The Extensible Authentication Protocol - Transport Layer Security (EAP-TLS) method support for MACsec Key Agreement (MKA) feature uses 802.1X port-based authentication with Extensible Authentication Protocol – Transport Layer Security (EAP-TLS) to carry certificates for router ports where MACsec encryption is required. EAP-TLS mechanism is used to do the mutual authentication and to get the master session key (MSK) from which the connectivity association key (CAK) is derived for the MACsec Key Agreement (MKA) protocol.
For detailed information, see the following Cisco document:
Gx Monitoring
For detailed information, see the following Cisco document:
IPSec Anti-Replay Should Work When QoS is Enabled
For detailed information, see the following Cisco document:
ISIS - SR OAM: ISIS FEC
For detailed information, see the following Cisco document:
ISIS - SR: uLoop Avoidance
For detailed information, see the following Cisco document:
IWAN Application Group IWAN Harmonization
An attribute “application-set” is added, which shares the existing features of all other attributes. This attribute can be used in QoS/PfR configurations and protocol customizations. The limitation of this attribute is that the “application-set” and “application-group” attributes must not be configured simultaneously with match protocol attribute statements.
Multiple HSL (N44 & N64) destinations over IPv6Multiple HSL (N44 & N64) destinations over IPv6
For detailed information, see the following Cisco document:
NAT-Serviceability
For detailed information, see the following Cisco document:
OSPFv2: SR-OAM LSP Support
For detailed information, see the following Cisco document:
Patch for x86
For detailed information, see the following Cisco document:
PBR Named Ordering Rules Support for Yang
For detailed information, see the following Cisco document:
PfRv3 Remote Prefix Tracking
For detailed information, see the following Cisco document:
PfRv3 Per Interface Probe Tuning
For detailed information, see the following Cisco document:
PfRv3-Inter-DC-Optimization
For detailed information, see the following Cisco document:
PnP:SMU/Patching Support
For detailed information, see the following Cisco document:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/pnp/configuration/xe-16-6/pnp-xe-16-6-book.html
RESTconf Programmable Interface
For detailed information, see the following Cisco document:
SCP Performance Improvement
For detailed information, see the following Cisco document:
SD-Access Phase 2
For detailed information, see the following Cisco document:
SD-AVC Auto-update Capability
For detailed information, see the following Cisco document:
SD-AVC NBAR Export Capability
For detailed information, see the following Cisco document:
Software Maintenance Upgrade
For detailed information, see the following Cisco document:
SR TE OAM
For detailed information, see the following Cisco document:
SR:OAMIGPFEC, BGPFEC
For detailed information, see the following Cisco document:
SXP Enhancements for Filtering (IP prefix and SGT) and Fail-open
For detailed information, see the following Cisco document:
UDF ACL Enhancement
For detailed information, see the following Cisco document:
Web Server Enhancements
For detailed information, see the following Cisco document:
WEB User Interface
Supports an embedded GUI-based device-management tool that provides the ability to provision the router, simplifies device deployment and manageability, and enhances user experience. The following features are supported on Web User Interface from Cisco IOS XE Everest 16.6.1:
-
Cisco Umbrella Branch—The Cisco Umbrella Branch feature enables cloud-based security service by inspecting the Domain Name System (DNS) query that is sent to the enterprise DNS server through the Cisco 4000 Series Integrated Services Routers (ISR). The security administrator configures policies on the Cisco Umbrella Branch cloud to either allow or deny traffic towards the fully qualified domain name (FQDN). Cisco 4000 Series ISR acts as a DNS forwarder on the network edge, transparently intercepts DNS traffic, and forwards the DNS queries to the Cisco Umbrella Branch cloud.
-
Dynamic Multipoint VPN—The Dynamic Multipoint VPN feature allows users to better scale large and small IP Security (IPsec) Virtual Private Networks (VPNs) by combining generic routing encapsulation (GRE) tunnels, IPsec encryption, and Next Hop Resolution Protocol (NHRP).
-
Snort IPS/IDS—The Snort IPS feature enables Intrusion Prevention System (IPS) or Intrusion Detection System (IDS) for branch offices on Cisco 4000 Series Integrated Services Routers and Cisco Cloud Services Router 1000v Series. This feature uses the open source Snort solution to enable IPS and IDS.
-
Zone-Based Firewall—Allows you to easily manage Cisco IOS unidirectional firewall policy between groups of interfaces known as zones.
YANG Data Models
For the list of Cisco IOS XE YANG models available with this release, navigate to https://github.com/YangModels/yang/tree/master/vendor/cisco/xe/1661. Revision statements embedded in the YANG files indicate if there has been a model revision. The README.md file in the same github location highlights changes that have been made in the release
Zero Touch Provisioning
Supports HTTP file downlaod with TFTP file download. For detailed information, see the following Cisco document:
Important Notes
The following sections contain important notes about Cisco ASR 1000 Series Aggregation Services Routers.
Encrypted Traffic Analytics and Embedded Services Processors
Because of CSCvg38872 Cisco ASR 1000 Series Aggregation Services Routers with ESP100 or ESP200 is not supported in .
Deferrals
Cisco IOS software images are subject to deferral. We recommend that you view the deferral notices at the following location to determine whether your software release is affected:
http://www.cisco.com/en/US/products/products_security_advisories_listing.html
Field Notices and Bulletins
-
Field Notices—We recommend that you view the field notices to determine whether your software or hardware platforms are affected. You can find the field notices at the following location:
http://www.cisco.com/en/US/support/tsd_products_field_notice_summary.html
-
Bulletins—You can find bulletins at the following location:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5012/prod_literature.html
Caveats
Open and Resolved Bugs
The open and resolved bugs for a release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about bugs and vulnerabilities in this product and other Cisco hardware and software products. Within the Cisco Bug Search Tool, each bug is given a unique identifier (ID) with a pattern of CSCxxNNNNN, where x is any letter (a-z) and N is any number (0-9). The bug IDs are frequently referenced in Cisco documentation, such as Security Advisories, Field Notices and other Cisco support documents. Technical Assistance Center (TAC) engineers or other Cisco staff can also provide you with the ID for a specific bug. The Cisco Bug Search Tool enables you to filter the bugs so that you only see those in which you are interested.
In addition to being able to search for a specific bug ID, or for all bugs in a product and release, you can filter the open and/or resolved bugs by one or more of the following criteria:
-
Last modified date
-
Status, such as fixed (resolved) or open
-
Severity
-
Support cases
You can save searches that you perform frequently. You can also bookmark the URL for a search and email the URL for those search results.
Using the Cisco Bug Search Tool
For more information about how to use the Cisco Bug Search Tool, including how to set email alerts for bugs and to save bugs and searches, see Bug Search Tool Help and FAQ.
Before You Begin
You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one, you can register for an account.
Procedure
Step 1 |
In your browser, navigate to the Cisco Bug Search Tool. |
||||||||||||
Step 2 |
If you are redirected to a Log In page, enter your registered Cisco.com username and password and then, click Log In. |
||||||||||||
Step 3 |
To search for a specific bug, enter the bug ID in the Search For field and press Enter. |
||||||||||||
Step 4 |
To search for bugs related to a specific software release, do the following: |
||||||||||||
Step 5 |
To see more content about a specific bug, you can do the following:
|
||||||||||||
Step 6 |
To restrict the results of a search, choose from one or more of the following filters:
Your search results update when you choose a filter. |
Cavin Cisco IOS XE Everest 16.6.10
Resolved Caveats—Cisco IOS XE Everest 16.6.10
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability |
|
Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability |
|
IOS and IOS XE Software UDLD Denial of Service Vulnerability |
|
High CPU usage caused by "TCP Timer" process |
|
Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability |
|
Cisco IOS XE Software Zone-Based Policy Firewall ICMP and UDP Inspection Vulnerability |
|
Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability |
|
Cisco IOS XE Software Rate Limiting Network Address Translation Denial of Service Vulnerability |
Open Caveats—Cisco IOS XE Everest 16.6.10
All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
Crash in SNMP Engine process while polling chassis id in lldp |
|
Cisco ASR 900 and ASR 920 Series Aggregation Services Routers Access List Bypass Vulnerability |
Cavin Cisco IOS XE Everest 16.6.9
Resolved Caveats—Cisco IOS XE Everest 16.6.9
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
Traffic passed with port unauthorized |
|
ASR1k Process = TUN ETHER Thread crash |
|
Crash due to NBAR classification |
|
With CRL fetch failed, stuck at Failed to send the request. There is another request in progress |
|
Hub router crashed when run test_mpol_policy_qos_policy_template testcase |
|
Arkenstone boot fail in ISR4221 |
|
Cisco IOS XE Software Arbitrary Code Execution Vulnerability |
|
Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities |
|
ISR G3 router crashes when rtp-nte DTMF packet arrives at MTP + BDI |
|
ASR1k:Router stops forwarding traffic with MPLS TE & FRR |
|
ASR1002-X ESP crash in multikey_hash_ager_tw_timer_to() |
|
ASR1001-X: 'show environment' is no longer monitoring R0 voltage sensors |
|
Unexpected reload when UC wsapi CLI is enabled. |
|
Cisco IOS XE Software for Cisco ASR 1000 Series ESP-20 IP ARP DoS Vulnerability |
|
IOS-XE MTP Fails to Interwork DTMF RFC2833 from Payload 100 to Payload 101 |
|
Calls going through T1 are rejected with "no dsps found" Analog/TDM Hairpin calls |
|
NIM-1GE-CU-SFP/NIM-2GE-CU-SFP: Show interface output reports incorrect bandwidth |
|
ISR 4K SER parity error checks continuing till router crashes |
|
APPNAV CFT Crashes |
|
ASR1k crashes in ipv6 mgd timer code when removing vrf config |
|
Duplicate entries seen in MAC filter table. |
|
Duplicate Bytes and Packet when Q in Q is configured |
|
BGP IPv6 link-local session doesn't come up |
Open Caveats—Cisco IOS XE Everest 16.6.9
All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
e2e ping is failed after configuring profiles qos-de and aaaauth1 |
|
Packet-tracer error message % Error: Failed to collect packet info |
|
NIM-SSD: Inventory of disk0 and disk1 are interchanged on Polaris 16.x |
|
FRR feature not working in ESP100 and ESP200 |
|
There is unexpected packets lost TCA reported on ISR4331 platform |
|
isr44xx crashes in o2_cavm_pci_unlock when forwarding large packets for VPLS |
|
CDP over EVC is not working |
|
Input CRC counter increasing on Tengi interface |
|
Incomplete arp in management interface |
|
CDETS to follow up fix "P-bit Sev Err Secs" increasing in patterns of 256 in SM-X-1T3/E3 in ISR4451 |
|
ASR1000-RP2/ASR1000-RP3: OIR after clock set doesn't save the time in RTC |
|
NIM interfaces go into shutdown after router bootup |
|
Crash observed in QFP in ASR1001-X running 16.06.05 when GPM is running low |
|
Console port goes unresponsive, reboot required to restore it |
|
Dataplane QFP crash with CAPWAP traffic when CAPWAP stripping is enabled |
|
C1111 HSRP preempt worked even though HSRP's preempt is not configured |
|
CRC increasing on down int Te0/0/20 |
|
IGMP snooping table not populated on ISR4k |
|
ASR1K configured with 'no ip unreachables' sending ICMP Type 3 Code 13 |
|
erspan classify ucode crash |
|
Stuck SGT pending-issue-update objects with CTS configured and NIM installed |
|
Crash at the moment of calculating tcp header |
|
ISR4K crashes with scaled QOS after applying QOS configuration to sub-interfaces |
|
ISR4321 reloading once NIM-1MFT-T1/E1 module is installed |
Caveats Cisco IOS XE Everest 16.6.8
Resolved Caveats—Cisco IOS XE Everest 16.6.8
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
IOS PKI: trustpoint doesn't rollover regenerated RSA keys. |
|
Polaris 16.3.1 : Machine and bus error failures in ESP20 |
|
Byte counters for physical interface and subinterface don't match |
|
ASR1k ESP200 is missing suite B support when ESP200 is put into slot 1 only |
|
Self-signed certificates expire on 00:00 1 Jan 2020 UTC, cannot be created after that time |
|
Router fails to reserve necessary ports for VPN traffic (UDP 500 & 4500) for ISAKMP |
|
ASR1k node in HA pair might crash due to punt-keepalive failures |
|
ESP200X:ucode Crash seen with PR2650((URPF+QOS+ACL+Netflow Multicast)- with IMIX traffic) |
|
path-id discovery failure with "CENT throttle check fails, throttle type:0" |
|
OBS: ping stop working on replacing MIP100 ->>> SIP40 >>>>>>MIP100 |
|
IOS: Prevent crypto ACL change if already mapped with crypto map configuration |
|
Error messages seen when configuring "logging persistent protected" on ASR1K routers |
|
cpp_bqs_srt_yoda_csr_tree_seid_initialize:1744 is not in "placed" state |
|
ESP reload due to cpp_cp_svr exception at cpp_bqs_exponent_cnt_validate |
|
Router crashes with ZBF HA sync. |
|
NHRP process crash on using same tunnel address on multiple spokes |
|
Gi0/0/0 interface stays up/up and LED green after cable removed |
|
incorrect Total number of translations on show ip nat translations |
|
Punt fragment crash when receive EoGRE packets which have many fragments |
|
ASR1K/ISR4K Calls fade to no-way audio due to media inactivity detection after 20 minutes |
|
High memory utilization under "ezman" due to excessive parity error logging |
|
ASR1k - Egress byte count is innacurate |
|
16.6.7 UTD: Signature download failure |
|
"sh macsec statistics int <>" and "sh macsec status interface <>" does not show output |
|
ASR1K DSP MIB cdspTotalChannels not responding |
|
While signalling forking the CUBE is not Sending Re-INVITE for T.38 with the Authorized header. |
|
ISR4k : Crash seen at Process Exec |
|
IOSXE - ucode crash in ZBF during flow creation for TCP subflows |
|
CFT crashed frequently |
|
Process = Exec crash seen on dmap longevity testbed with clear cry sa peer several times |
|
Portchannel stats not working on ASR1002-HX |
|
ASR1K OTV: Incorrect MAC address count on EFP/BD QFP stats |
|
IOS-XE memory leak seen in 16.3.7 in IOSd due to update_sn_ao_state not deleting TDL bucket. |
|
ISR4331/K9 Dialer cannot make calls suddenly |
|
Connect message is never forwarded to the calling side |
|
Virtual address not reachable: "mac:0000:0c07:xxxx download to DP failed" for HSRP / VRRP over BDI. |
Open Caveats—Cisco IOS XE Everest 16.6.8
All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
Memory leaks at __be_PKI_keypair_name_get |
|
CME SIP: BE4000 Smart Licensing - Extension Assigner temp registration uses endpoint license |
|
Crash when running show crypto map |
|
Inband to OOB DTMF Fails to Be Passed On CUBE If Media Inactive Comes During Digit Processing |
|
ASR 1000 crash in NAT code when processing PPTP traffic |
|
qfp ucode crash with media monitor |
|
ESP ucode crashed when running NAT with bpa (CGN) |
|
ASR 1000 router crashed due to Crypto IKEv2 memory leaks |
|
ASR1002-X ESP crash in multikey_hash_ager_tw_timer_to() |
|
ASR 1000 RP3 crash due to CpuCatastrophicError |
Caveats in Cisco IOS XE Everest Release 16.6.7
Resolved Caveats—Cisco IOS XE Everest 16.6.7
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
C3650 traffic will not be block although hit deny ACL entry |
|
AAA always reports server down with non-management VRF also |
|
"show interface port-channel" falsely reports output drops when there are no actual output drops |
|
Crash on OPF_CSR32_OPF_LOGIC_ERR_LEAF_INT__INT_START_OF_BURST_MARKER_ERR |
|
CSR1000v HA vCUBE IP-4-DUPADDR detected after Active router goes down. |
|
FNF monitor download to DP failed after changing netflow record |
|
Change the punt cause of packets whose destination is virtual IP from SUBNET_BCAST to FOR_US |
|
BFD flaps everytime with dynamic tunnel creation in DMVPN |
|
T38 Packets are dropped by CUBE on ISR G2 in Multi VRF Scenario |
|
Crash when IOS is adapting shaping with Adaptive QoS over DMVPN configured |
|
Memory leak VOIP *MallocLite* |
|
ASR1001-X: interface LED remains amber after shut/no shut on the interface |
|
High CPU due to Alignment Corrections - SMEF & IWAN |
|
memory leak @ CCSIP_SPI_CONTR |
|
Partial Power Failure in Stack Causes Interfaces to Become "shutdown" |
|
Rekey Timer are same for both the Server and Client |
|
ISR4K crashed in FXS-FXS non-hairpin call |
|
SSS Manager Traceback observer when test MLPPP |
|
Driver code improvement for debug-ability of XAUI link issues |
|
Crash after CPUHOG in ISDN L2D SRQ Process |
|
Addition/Edits to numbered OG ACL using "access-list <>" command does not re-expand the ACL. |
|
ASR-CUBE: Crashes with call spike configuration changes |
|
Software crash due to memory corruption after packet trace was enabled. |
|
ISR not re-calculating the hash value correctly after payload change |
|
Router crashes when the calls doesn't establish after making 2 calls when we set "max-conn 2" |
|
SR: CFLOW input intf index is 0xffffffff for Service-engine DSP module interface |
|
DHCP Server sends Renew ACKs to Clients with 00:00:00:00:00:00 MAC in L2 frame |
|
pending objects seen which fp reload with OGACL config |
|
Device crashing if we unconfigure the NTP on the device |
|
High Memory utilization due to Wireless Manager IOSD process |
|
ISR4k - 'control-plane host' feature was moved to APPX feature set. |
|
IOS-XE routers cannot boot due to a bootflash problem |
|
Subscribers cannot re-login due to CoA time-out (lite-sessions in routed mode) |
|
PKI "revocation check crl none" does not fallback if CRL not reachable |
|
DataPlane (DP) crash observed in MMOH call flow |
|
Router crash while executing show commands using '|' (pipe) to filter the output. |
|
TCP 3WAY handshake fail for redirected packet using PBHK |
|
Memory overlay crash when using include-cui |
|
PnP Agent should detect image upgrade scenario and configure dialer to bring up cellular interface |
|
SCCP Application does not clear failed sockets leading to leak and socket pool exhaustion |
|
Packet drop occurs after acl permit configurations |
|
Call is not getting connected in Forking Re-INVITE scenario |
|
ASR1001-X crashed upon receiving Radius Access-Accept message |
|
Memory leak at hman process |
|
WSMA crash formatting show command output |
|
Stuck CPP Thread while processing H323 packet |
|
qfp ucode crashed with sRTP traffic - chunk memory corruption |
|
Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability |
|
After RSP switchover label imposition was not programmed in Software on APS standby router |
|
NetFlow issue 3850 switch not sending TCP flags |
|
FXS - no busy tone is generated on remote-onhook condition with call pickup scenario |
|
ASR1k crashes by handling DHCP packet |
|
IPSec-Session count in "show crypto eli" reaches max causing VPN failure |
|
Missing Calling-Station-ID in Accounting Ticket for Web-Tal locations |
|
When sending account-logon ISG do not reply with ACK nor NACK. |
|
[SDA] [PI changes] No audio during first few seconds of voice call between 2 Fabric Edge |
|
ASR1001-HX: Excessive pause frames (IEEE802.3x compliant) affect traffic on other interfaces |
|
IOS-XE ACL port information preserved after encapsulation |
|
Ping failure on Port-channel sub interface when is using EVC in main port channel |
|
Crash when polling IPForwarding MIB |
|
Wrong label programming leading to traffic drop |
|
SDP attribute list corruption causes voice gateway crash |
|
Traffic stops flowing on Xconnect tunnel when upgraded to 16.9.2 |
|
Add ERROR message over IOS console when HSPRDA TCAM region gets full |
|
Hierarchical QoS stops working on GRE tunnel if dest route flaps between 2nd tunnel and physical int |
|
Router crash after adding macsec reply-protection command on an interface |
|
SRTP ROC Stress: CPP crash with 6000+ concurrent calls - g729 |
|
When FQDN used for APN, IOS DNS resolves FQDN to IP, but GTP stays in DNS pending and IP 0.0.0.0 |
|
ISR4K: Router crash due to twice memory release |
|
Tail drops on IPSLA sender when using scaled udp-jitter probes |
|
Router Running IOS-XE 16 Crashes when Stopping EPC with ACL |
|
CHUNKBADROOTCHUNKPTR: Bad root chunk pointer in chunk header post SSO - ASR1K |
|
Crash at the moment of deleting a DVTI |
|
CUBE HA - Global bind is removed during interface flap |
|
MGCP GW doesn't reset SSRC/ROC on receiving MDCX with new IP/port/SDP parameter for SRTP call. |
|
On-Prem DMVPN fails to establish a dynamic tunnel between Spoke nodes. |
|
[SDA] 1st ARP getting dropped due to stale SISF IP-MAC binding |
|
Crashes with GRE tunnels configured with QOS over Multilink Frame-relay interfaces |
|
ISR44xx NO_PUNT_KEEPALIVE kernel crash due to CP drivers stuck punt and IPC rings |
|
QoS counter didn't generate at ASR1001-X |
|
ISR4K CME no way audio on calls across E1/PRI, reboot resolves for sometime |
|
ISR4K crashes after voice register reset command is applied |
|
Counters of interfaces are reporting inexistent peaks |
|
ASR1001-x crash while configuring policy-map |
|
Crash due to too many DSPs |
|
CPP Stuck thread when processing IPv6 traffic |
|
Corrupt free block of memory with high availability config for Session Initiation Protocol |
|
Router crashes after snmpget to OID related to NHRP |
|
isdn cause-location command support for switch-type primary-ntt |
|
crash at sisf_show_counters after entering show device-tracking counters command |
|
ip dns primary command does not get removed |
|
QoS fails to apply to tunnel2 when underlying tunnel1 reachability change |
|
ASR1k: Crypto Engine remains in stuck state post dataplane crash |
|
name-ip_address mapping is bypassed when the ip domain command is configured on Cisco C1111X Router |
|
Router ucode crash with NAT with interface flap |
|
no login on-success log CLI does not persist across device reloads |
|
Crash after Media monitor look up. |
|
ISR4k BRI ping failure with WIC-1B-S/T-V3 with ISDN 128 leased line |
|
CUBE not passing History-Info header in 181 Call is being forwarded |
|
Device crashed @ radius_io_stats_timer_handler due to dynamic-author |
|
ASR1002-X High Platform CPU for process mcpcc-lc-ms |
|
ASR1K-X WATCHDOG crashes while printing to console |
|
VRF aware reverse DNS lookup not working |
|
ASR1006-X: cpp_cp_svr: QFP0.0 CPP Driver LOCKDOWN encountered due to previous fatal error |
|
NAT SIP Contact Header changed to port 512 |
|
DPDK: Performing Shut/No-Shut with traffic running can cause packets to silently drop on TX |
|
NIM-2FXS/4FXOP crashing due to DSP failed to reply properly |
|
Egress shaping on port-channel sub-intf tail dropping traffic long before rate |
|
ASR 1k sub-interface counters wrong. |
|
BRI leased line can't come up automatically after remove/insert one side's cable |
|
Voice gateway crash due to segmentation fault in process CCSIP_DNS |
|
IOSXE: IOMD / TDL leak seen with tdl_response_xcode_stat_side_t |
|
AppNav: Optimization failed with Asymmetrical traffic, VRF, FNF and NBAR |
|
ARM - Marvell 7040 SoC Hardware Erratum - Kernel Driver Fix |
|
Router is on Bootloop after QoS configuration. |
|
ISR4k crash during packet inspection due to stuck thread |
|
asr1k BDI not working properly for packet fragmentation - very small fragments are getting dropped |
|
Supervisor reloaded due to cpp_cp_svr process crashing |
|
Class-attributes duplicated after EAP reauthen. in ISG radius proxy scenario |
|
Recording failures with XMF media forking and SIP preservation timer |
|
cable-detect command not reflecting proper status in Analog ports on IOS-XE platforms |
|
cpp_cp_svr crash in cpp_bqs_rm_yoda_select_sch_exponent |
|
Supervisor reload due to cpp_cp_svr crash. |
|
ASR1K BGP PIC Repair path broke after link flap |
|
Crash after exiting RADIUS server configuration mode. |
|
after reload dial-peers with ports that have the 'signal did' command show operational state none |
|
More connections are getting passthrough with reason SNG_OVERLOAD |
|
connectivity is broken on ingress-replication L2DP/VXLAN |
|
IWAN router crash after upgrading to 16.3.8 |
|
VG450: SCCP crashing router while shutdown the process |
|
ASR1000-RP3: Punt Keepalive Failure (Punt LINK DOWN) or RP FREEZE |
Open Caveats—Cisco IOS XE Everest 16.6.7
All open bugs for this release are available in the Cisco Bug Search Tool through the Resolved Bug Search.
Caveat ID Number |
Description |
---|---|
Polaris 16.3.1 : Machine and bus error failures in ESP20 |
|
IOSd crashed when dialer disconnect the ISDN call |
|
NDSSO vrf ha table to be populated correctly |
|
[1661]- Switch number is missing in stack merged logs. |
|
ESP Crash with FP Switchover |
|
CTS PAC download fails with VRF config on non-managenent interface |
|
Byte counters for physical interface and subinterface don't match |
|
standby rp crash on removing member link from port-channel |
|
isr44xx crashes in o2_cavm_pci_unlock when forwarding large packets for VPLS |
|
Memory leaks at __be_PKI_keypair_name_get |
|
CDP over EVC is not working |
|
netconf/yang or telemetry retrieval of /trustsec-state/cts-rolebased-policies breaks |
|
Ping failing due to missing address resolution entry on the XTR |
|
ISIS: system crashed when we configure ISIS on the interface. |
|
Input CRC counter increasing on Tengi interface. |
|
CME SIP: BE4000 Smart Licensing - Extension Assigner temp registration uses endpoint license |
|
Crash when running show crypto map |
|
Device-tracking tracking 0.0.0.0 mask ignored after Legacy IPDT to SISF conversion |
|
Error messages seen when configuring "logging persistent protected" on ASR1K routers |
|
Inband to OOB DTMF Fails to Be Passed On CUBE If Media Inactive Comes During Digit Processing |
|
Need to check qfp ucode crash with RTCP traffic - chunk memory corruption in RTCP path |
|
C1111-4P doesn't restart authentication for "clear authen session" if "authen open" the port |
|
Cat3k crash in IGMP code due to invalid source count in DNS lookup |
|
ESP reload due to cpp_cp_svr exception at cpp_bqs_exponent_cnt_validate |
|
HSRPv2 crash whilst retrieving group from received packet |
|
TLS connections in WebEx between CUBE and iCP/CUSP breaks intermittently |
|
Crash due to watchdog after adding a prefix-list/ Route-map entry to existing route map. |
|
mGRE L3VPN broken after reload |
|
Router crashes with ZBF HA sync. |
|
FlexVPN with password encryption -- after MasterKey change password in profile is not working |
|
NHRP process crash on using same tunnel address on multiple spokes |
|
ASR1k crash in NAT code when processing PPTP traffic |
|
"DHCPD Receive" process crash |
|
Gi0/0/0 interface stays up/up and LED green after cable removed |
|
Unrecoverable Error with PVDM in 0/4 and Thule+dreamliner in 1/0 on ISR4300 |
|
LISP Map-cache not updated correctly after wired Host-mobility |
|
ASR1K/ISR4K Calls fade to no-way audio due to media inactivity detection after 20 minutes |
|
Router Crashes while Parsing and Printing Voice Packet IEs |
|
High memory utilization under "ezman" due to excessive parity error logging |
|
qfp ucode crash with media monitor |
|
The ISR4331 crash and lost all config files |
|
3850 switch crashes on Process "DHCPD Receive" (16.6.6) |
|
Router may crash due to segmentation fault after running EEM script |
Caveats in Cisco IOS XE Everest Release 16.6.6
Resolved Caveats—Cisco IOS XE Everest 16.6.6
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
SNMP with Extended ACL |
|
BGP event crash@bgp_afpriv_imp_is_imported_path |
|
CUBE:ASR1004:sRTP-RTP (No TLS) calls failed at an input of 27CPS |
|
Virtual-access interface MTU wrongly set when using ipsec ipv4 |
|
APPNAV - Overlapping Loopback Interface Causes Incorrect Forwarding Decision with AppNav and PfR |
|
NAT MIB not populated when using traditional NAT |
|
cEdge: not enough space when SSHing to bootflash having more than enough space |
|
ASR1002-X router crashed in cpp_qm_event_collapse_hl_node |
|
QoS stats process crash |
|
IKE Fragmentation payload incorrectly marked as critical |
|
Quick RP3 recovery after the Punt Path XAUI link goes down |
|
Standby switch crashes when adding a host name to an object-group |
|
Router crash when clearing ip nat translations |
|
"clear crypto sa vrf MyVrf" triggers crash after updating pre-shared-keys |
|
ACL dropping packets after updating it - %CPPEXMEM-3-NOMEM |
|
[EIGRP] a summary route is updated by an external route |
|
Active RP crash at __be_datagram_done |
|
'hw-module subslot 0/2 reload' CLI does not activate the container after harddisk format |
|
MPLSoVPN: Change behavior of default route in NHRP. Must insert 0.0.0.0/0 instead of /32 |
|
IPSec background crash while sending SNMP trap |
|
ASR1001-X throwing: ETH_SPA_MAC-3-SPI4_ERROR: SIP0/1: Marvel MAC |
|
CUBE Crash in sipSPIAppAddCallInfoUI |
|
ASR 1006-X RP2 : Standby RP Crashed after running command "license boot level adventerprise" |
|
Device running IOS-XE 16 Polaris Sees Crash When Performing NAT ALG on FTP Packet |
|
Ethernet FRR switchover takes more than 200ms on EPA10 and EPA100 if remote Rx fiber is pulled |
|
Router Crashes When PKI-CRL-IO_0 Runs out of Stack Space During Failed DNS Lookup for CA Server |
|
Cube crash with %SDP-3-SDP_PTR_ERROR |
|
NHRP process is crashing |
|
PBR doesn't work for dialer intf when it doesn't have fixed ip address |
|
CUBE doesn't forward INVITE with "midcal-signalling passthru media-change" during a video escalation |
|
ASR1002-HX crashed after huge traffic is transmitted over it |
|
QFP crashes with a HW interrupt |
|
Crash while processing ISIS updates when DiffServ-TE is enabled |
|
In some cases non AppNav Configuration cause AppNav-XE Token changes |
|
Static Nat fails to translate SIP Trying L7 header |
|
Modified EIGRP timers on Virtual-Template put all associated Vi interfaces into passive mode |
|
ASR1000-2T+20X1GE interface speed change from 100 to 1000 after switchover |
|
TACACS group server is not seen, when "transport-map type console test" is configured. |
|
RP3 Punt Interface May Drop Traffic Due to VLAN Filter Hardware |
|
class-attributes support in ISG radius proxy scenario |
|
FlexVPN with password encryption - keyring aaa LIST password 6 xxxxx encrypted again upon reload |
|
Router reloads on 'show track' command when there is track object for deleted serial sub-interface. |
|
SNG_AO unavailable alarms are not clearing after removing the monitor-load feature under policy |
|
Split DNS in case of UDP query to WAN interface IP via LAN interface |
|
Correction to Quick RP3 recovery after the Punt Path XAUI link goes down |
|
SIP global binding disappears when the interface to which SIP is bound flaps. |
|
CLI "nat force-on" in voice service voip not working as expected |
|
Router crashes when removing a crypto map |
|
FMAN crash due to Flexible Netflow (fnf) |
|
Crash due to chunk corruption in ISIS code |
|
PKI incorrect fingerprint calulation during CA authentication |
|
Crash at NAT clear |
|
When roaming to another AP, services received from RADIUS are not applied to the session |
|
Memory leak in CENT-BR-0 process |
|
IOSXE - firewall corrupts half open list |
|
Crash at Process = SCCP Auto Config |
|
DHCP discover packets were being dropped at firewall since UDP source port as 0. |
|
Software crash in btrace routines due to division by NULL. |
Open Caveats—Cisco IOS XE Everest 16.6.6
All open bugs for this release are available in the Cisco Bug Search Tool through the Resolved Bug Search.
Caveat ID Number |
Description |
---|---|
SSS Manager Traceback observer when test MLPPP |
|
ISR not re-calculating the hash value correctly after payload change |
|
ASR1001-X crashed upon receiving Radius Access-Accept message |
|
ASR1000: RP3 crash due to punt-keepalive failures |
|
Crash noticed when routes are getting imported twice(from vpnv4 to vrf to evpn) with route churn |
|
IOS-XE Router may crash when attempting to Fragment Corrupted IPv4 Packet |
|
ASR1k crashes by handling DHCP packet |
|
ESP100 - ucode crash in encryption routines with Illegal Instruction |
|
Crash at mpass_restore_nonbl_persist_state due to invalid vector |
|
After Configuring a New VRF Routes Are Not Imported From WAN Into l2vpn EVPN For Unrelated VRF |
|
Memory leak happens at CCSIP_SPI_CONTR process for every trunk out-of-dialog message with "contact" header in it. |
Caveats in Cisco IOS XE Everest Release 16.6.5
Resolved Caveats—Cisco IOS XE Everest 16.6.5
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Resolved Bug Search.
Caveat ID Number |
Description |
---|---|
Watchdog crash after "% AAA/AUTHEN/CONT: Bad state in aaa_cont_login()." |
|
SNMP Error: OID not increasing: @ipAddressIfIndex.ipv6z |
|
Catalyst switch crashes when editing wireless controller settings through web interface on c3650 |
|
ESP crash with cpp-mcplo-ucode core file |
|
asr1k: Gec 5 tuple feautre not working in IOS-XE releases post 16.4.1 |
|
QoS Overrides loadbalancing to per prefix even with only session level policing applied |
|
Standby RP Reloads due to Config Sync Failure When Applied Service-insertion WAAS on Physical Int |
|
CLI show aaa clients detailed command triggered SSH to crash |
|
Standby RP crashes due to shortage of memory when running OSPF |
|
ASR1k | Segmentation fault in dhcp_sip process |
|
Memory leak seen when having same src mac -address with different src ip address |
|
CPP 0 failure Stuck Thread resulting in Unexpected Reboot |
|
Crash with IOSXE-WATCHDOG: Process = IPv6 RIB Event Handler |
|
Router crash when removing route-target and with hard clear |
|
ZBFW HA: Configuring redundancy RII on virtual template auto-tunnel does not take effect |
|
Router crashed when lsp-mtu is changed |
|
Reload removing ipv6 VRRP group |
|
Standby switch crashes when flow-exporter destination configured with Hostname |
|
ASR1k unexpected crash when appNav holds a stale pointer. |
|
EPA-1X100GE/CPAK-100G-SR4 stays in a down/down state after a reset. |
|
Crash in XDR process: "fib_rp_table_broker_encode_buf.size <= FIB_RP_TABLE_BROKER_ENC_BUF_SZ" |
|
16.10 ASR1K: IOSd crash @SSS Manager during sessions teardown |
|
QFP CGM Memory depletion during ISG session churn |
|
ASR1K crash in tplus_handle_req_timeout |
|
Backup path incorrect for ring topology where high ISIS cost is configured on 1 link. |
|
Snmp v2 breaks due to Authentication failure, bad community string, 16.03.06 |
|
subscriber template not cleared after idle time exceed as well as traceback generation |
|
Shimming have some issue over selecting idb |
|
ASR1001X @incorrect traffic statistics reported of port-channel sub interface using SNMP. |
|
mtu cli is disappeared from show run when interface dialer sh/no shu |
|
Missing interface source template model |
|
sgt-map gets cleared for some of the end points for unknown reason |
|
SISF crash in IPV6 neighbor discovery packets |
|
ASR1K - No kernel/coredump generated with watchdog reload event |
|
Zero Touch Provisioning (ZTP) fails to apply certain service instance configuration. |
|
Observing bmalloc smd leaks at OBJ_WEBAUTH_LOGOUT_URL with webauth |
|
bgp crash while running show command and same time bgp peer reset |
|
ASR1001-HX crashed due to critical software exception on operation group-object add/remove |
|
ESP crash due to fatal error |
|
SSH V2 crash |
|
ASR1k PWLAN: Cisco-AVPair = remote-id-tag=5 missing after roaming |
|
ASR1001-X crash due to free block at tty_handle |
|
Traffic fails after changing Copper SFP to Fiber SFP on 1GE built-in interface. |
|
3850 crash with smd fault on rp_0_0 |
|
DNA Center SWIM Upgrade fails and unable to upgrade manually |
|
Device Tracking - Memory leak observed with IPv6 NS/NA Packets . |
|
500~600 secs Increase in boot time when "ip domain lookup" configured. |
|
Crash in xoslib code for onepk process when using yang-netconf |
|
WAAS Policy Configuration push may caused AppNav Class-maps programming issue in TCAM |
|
ASR1000-6TGE / ASR1000-2T+20X1GE in status Unknown after Active RP3 OIR |
|
Crash observed on ASR1002-X @ fnf_age_recalculate_record_len with AVC performance monitor config |
|
Memleak (IP: RIB Alternate Preference): provides fix for CSCvk68355 |
|
Crash on Running "show vpdn tunnel summary" command. |
|
ASR1K: ipv6 telnet session with vrf is failing |
|
16.6 and 16.9: cannot OIR harddisk on ASR1000-RP2 |
|
CFD: PNP DNS discovery with trust pool flow uses IP address in PNP profile instead of FQDN |
|
[IBNS 2.0] aaa-available event is not being triggered when using authentication/authorization list |
|
ASR1001-HX 10GE SFP+ ports may operate as 1000Mbps |
|
2nd phase fix for CSCvk45142 |
|
SNMP v3 discloses password in the parser warning syslog trap |
|
BGP updates missing ISIS advertising-bits led to LDP label purge on peer. |
|
ASR1002-X crash due to ccp_cp_svr going into lockdown state. |
|
"autoroute announce" and "loose" path not working on intra-area TE tunnel |
|
ASR1k crash due to QoS in case of 4k subscribers per subinterface |
|
100FX OPNEXT SFP does not come up on ASR1001-X |
|
POLARIS: HOLE is not created when 'acl default passthrough' configured |
Open Caveats—Cisco IOS XE Everest 16.6.5
All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
IOS-XE - RSA key-gen: Error in generating keys:no available resources |
|
IOSd crashed when dialer disconnect the ISDN call |
|
Traceback@cpp_mlp_bundle_stats_query_all_cmn on fp reload |
|
NDSSO vrf ha table to be populated correctly |
|
[1661]- Switch number is missing in stack merged logs. |
|
CTS PAC download fails with VRF config on non-managenent interface |
|
ASR1k: 16.5 and later: tracelogs/punt_debug.log* missing when punt keepalive timeout / crash occurs |
|
NAT MIB not populated when using traditional NAT |
|
Byte counters for physical interface and subinterface don't match |
|
ESP100: wrong show platform software ipsec fp active encryption-processor 1 registers result |
|
standby rp crash on removing member link from port-channel |
|
ASR1002-X router crashed in cpp_qm_event_collapse_hl_node |
|
Complete content for interface templates |
|
Quake-sessmgrd Huge Mem Leak After Master switchover |
|
Modification to ZBFW access-lists do not reflect in TCAM |
|
BGP Traceback/Crash seen with 20k IPv4 BGP scale after reload/clearing bgp |
|
QoS stats process crash |
|
Quick RP3 recovery after the Punt Path XAUI link goes down |
|
netconf/yang or telemetry retrieval of /trustsec-state/cts-rolebased-policies breaks |
|
ATOM CW is not exchanged after node reload |
|
Signaling interface inactive on "show snmp mib ifmib ifindex de" on IOS 16.6.3 |
|
ASR 1001-X reboots when clearing ip nat translations |
|
"clear crypto sa vrf MyVrf" triggers crash after updating pre-shared-keys |
|
ACL dropping packets after updating it - %CPPEXMEM-3-NOMEM |
|
'hw-module subslot 0/2 reload' CLI does not activate the container after harddisk format |
|
IPSec background crash while sending SNMP trap |
|
config-sync failure 'aaa authorization commands' |
|
Crash after issuing "no ip dhcp snooping VLAN <VLAN #>" command |
|
ASR1K throwing: ETH_SPA_MAC-3-SPI4_ERROR: SIP0/1: Marvel MAC |
|
ASR 1006-X RP2 : Standby RP Crashed after running command "license boot level adventerprise" |
|
Router crash occurs while running Dell software update |
|
Ethernet FRR switchover takes more than 200ms on EPA10 and EPA100 if remote Rx fiber is pulled |
|
Removing ip flow monitor from an interface caused ESP crash |
|
Crash after comparing tunnel FIB entries |
|
show interface output reports incorrect bandwidth |
|
DHCP Server sends Renew ACKs to Clients with 00:00:00:00:00:00 MAC in L2 frame |
|
No MPLS label after SSO with ISIS segment routing |
|
ASR1000 Flexible NerFlow ucode crash |
|
ASR1002-HX crashed after about 40G traffic is transmitted over it |
|
Traceback: crash on load/store transfer error |
|
Policy-map on GEC suspended even if total required BW is below interface BW |
|
ASR1k crashes when reconfiguring netflow, getting FMFP-3-OBJ_DWNLD_TO_DP_FAILED logs |
|
Unexpected flood in case of MVPN profile 0 with BiDir in VRF |
|
Stuck thread crash after executing 'clear ip nat translation vrf <VRFNAME>' |
Caveats in Cisco IOS XE Everest Release 16.6.4
Open Caveats—Cisco IOS XE Everest 16.6.4
All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
Lots of chunk memory leak about SNMP SMALL CHUN and SNMP MEDIUM CHU |
|
show ipv6 neighbor statistics not updated post RPSO for entries synced |
|
OSPF BGP LS: When seg mpls is disabled on the nbr, the unnumbered links not withdrawn from LSLIB. |
|
Polaris 16.4: Traceback @mpls_ldp_cfg_interface while enabling isis |
|
IOSd crashed when dialer disconnect the ISDN call |
|
e2e ping is failed after configuring profiles qos-de and aaaauth1 |
|
ISDN switch-type configure issue for BRI leased-line |
|
ISIS SRTE: When one of ECMP path for prefix is not enabled for SR, SRTE tunnel does not come up. |
|
IKEv2 CoA does not work with ISE |
|
Traceback@cpp_mlp_bundle_stats_query_all_cmn on fp reload |
|
OSPF SROAM: “%ARP-3-ARPADJ: Internal software error during updating CEF Adjacency” when box comes up |
|
BGP net should have inlabel if bgp mpls-local-label is configured |
|
NDSSO vrf ha table to be populated correctly |
|
[1661]- Switch number is missing in stack merged logs. |
|
Observing memory leak in AAA_MALLOC_LITE |
|
OSPF SR/SIDredistribute: when SID configured > avbl SRGB, that sid should not be advertised in EPL. |
|
Show details soft key is not functioning in a conference call |
|
ESP Crash with FP Switchover |
|
License synchronized to SSMS despite being removed from SL Portal |
|
Crash due to Stack overflow |
|
Packet-tracer error message % Error: Failed to collect packet info |
|
dns-a-override CLI not working due to breakage since 16.4 IOS |
|
Combination of add-path, backup path and advertised-to leaves is not giving expected netconf values |
|
Remove “dns-vrf-aware” CLI and make DNS vrf aware by default. |
|
Virtual-access interface MTU wrongly set when using ipsec ipv4 |
|
CTS PAC download fails with VRF config on non-managenent interface |
|
asr1k: Gec 5 tuple feautre not working in IOS-XE releases post 16.4.1 |
|
ASR1k: 16.5 and later: tracelogs/punt_debug.log* missing when punt keepalive timeout / crash occurs |
|
FRR feature not working in ESP100 & ESP200 |
|
VRF import config missing ipv4 unicast after no router bgp |
|
PFRv3 Incorrect time-stamp in traffic-class router change history |
|
NAT MIB not populated when using traditional NAT |
|
ESP100: wrong show platform software ipsec fp active encryption-processor 1 registers result |
|
IPSLA ICMP-jitter stats reporting some of the received packets as lost. |
|
Branch MC crashed@cent_send_syslog_on_violated_policies under stress test |
|
SIP stack matching the dial-peer when processing NOTIFY message causing call routing issues |
|
EXEC process stuck vty line where “no exec” is set |
|
Call failure after Bye-Also blind transfer from CUE requires failure indication |
|
standby rp crash on removing member link from port-channel |
|
%NHRP-3-PAKERROR loop detected Pak sanity failure |
|
ASR1k Segmentation fault in dhcp_sip process |
|
Memory leak seen when having same src mac -address with different src ip address |
|
Router crash when removing route-target and with hard clear |
|
Switch reloads when kron job scheduled in 0 minutes |
|
IKEv2 CoA does not work with ISE (coa-push=TRUE instead of true) |
|
MWI info is not preserved on CME SIP phone after a reboot for unsolicited method |
|
IWAN versions with prefix tracking only allow prefix splitting for internet and not enterprise |
|
CME radius accounting does not generate complete called number for EA |
|
ASR 1K Running 16.6.x Code Experiences CPP Crash When Processing Packet Through NBAR / MTP |
|
SNMPwalk of cipslaPercentileLatestStatsTable does not give all the cipslaPercentileTypeVar types |
|
slow convergence when configuring ha-mode sso for IPv6 peers |
|
nbar2: resource exhaustion might occur in FNF with vmware-vsphere and flow monitors |
|
ASR1k with stateful nat conf, mapping ID got locked after vrf delete |
|
Ti-LFA Repair Path is not Loop-Free |
|
Ringback stops on REFER based xfer when CUBE receives 180 followed by 183 w/SDP media change |
|
QFP CGM Memory depletion during ISG session churn |
|
IKEv2 sessions cannot establish due to CAC leakage |
|
Crash after service-policy APPNAV change on WAAS instance |
|
Out of order ESP packets triggering IPSEC replay error message |
|
OSPF TILFA: tilfa repair path computation ALGORITHM fails with reason code BAD FH NBR |
|
OSPF TILFA: tilfa repair path computation ALGORITHM uses incorrect firsthop router-id |
|
Evaluation of all for May CPU Side-Channel Information Disclosure Vulnerabilities |
|
OSPF TILFA: tilfa ALGORITHM fails to get repair node n-sid label when vertex is beyond PGW node |
|
Standby switch crash whem removing kron scheduler command |
|
initial SNMP traps take agent-addr from shutdown interface |
|
DNS ALG will not work when trying to match specific destination hosts |
|
ASR1K crash in tplus_handle_req_timeout |
|
FlexVPN DHCP entries not flushing for ikev2 timed out reconnect sessions |
|
Router crash due to NHRP process Segmentation fault(11) |
|
Kernel OOPS reporting ECC error |
|
Device crash after execute command “show lldp neighbor [int] detail” |
|
Snmp v2 breaks due to Authentication failure, bad community string, 16.03.06 |
|
subscriber template not cleared after idle time exceed as well as traceback generation |
|
GetVPN TBAR failure does not generate syslogs |
|
“Disabled” counter increase after enter “interface Async1” |
|
CUBE: FPI Hung Sessions and Provisioning Failures observed in Standby CUBE |
|
ASR: SCH Diagnostic Signature Feature is missing in IOS XE 16.x releases |
|
IPv6 AAA Prefix Support for 3rd party PPP clients no password for -dhcpv6 Access-Request |
|
nbar mismatch cisco video traffic |
|
SISF crash in IPV6 neighbor discovery packets |
|
PLR channel is not muted for some time |
|
PfRv3: BR May Crash due to Channel Creation/Modification and Next-Hop State |
|
ASR1K - No kernel/coredump generated with watchdog reload event |
|
AVC license should be activated only in case of smart licensing model |
|
Crash while doing a conference call |
Resolved Caveats—Cisco IOS XE Everest 16.6.4
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Resolved Bug Search.
Caveat ID Number |
Description |
---|---|
%SEC_LOGIN-4-LOGIN_FAILED does not show username in [user: ] |
|
Appnav Passthrough Counter goes to infinite |
|
WATCHDOG timeout crash during IPSEC phase 2 |
|
Map does not get updated with socket change on local address change |
|
DS: Download should print alerts in case of unresolved variables |
|
R0/0: ASR1002-X kernel: bullseye_i2c_master_xfer Error Repeats Every Hour |
|
IKEv2 fragmentation not working with aes-gcm encryption - hmac failure |
|
Memory leak under LLDP Protocol process |
|
Excess BGP Traps Generated after upgrade |
|
IP Tunnels: Overlapping Loopback Interface Causes Incorrect Forwarding Decision with AppNav and PfR |
|
Unknown unicast packet need be filtered before to BDI |
|
Orthrus: FP 100 crashed when sending traffic around 55 MPPS with pkts size 64 byte |
|
Router loses RSA keys upon boot with private-config encryption and config archive enabled |
|
Memory leak occurs on DHCP client |
|
crash over CCSIP_SPI_CONTROL process due to null pointer / segmentation fault |
|
OSPF GIR BASE: not all repair paths calculated for AS ext routes when routes rxed with maxmetric |
|
CME SIP sip-ua do not send registration request when vrf forwarding is enabled. |
|
BGP RR changes tunnel parameters for bgp evpn route type 3 |
|
Route-map not checked when packet is flowing from OUT to IN with Static NAT |
|
SIP Date header format not in GMT Format |
|
router reloaded when doing show BGP RT filter routes |
|
CTS Pac download fails with ISE reachability through loopback interface over vrf |
|
DS: Increase the size of command and prompt strings |
|
RTCP/RTP based Media Inactivity timers for MGCP GW do not work in newer releases |
|
Excessive Reflector Tracelogs |
|
Stub is not leaking the network as expected |
|
NHRP redirect overriding routing table |
|
Crash when issuing no dspfarm profile x stuck on DOWN_PENDING state. |
|
CUBE automatically considers re-INVITE with a=silenceSupp:off - - - - as fax call |
|
OSPF SR: When SRGB range is changed, mapping server entries do not get re-installed. |
|
IOS crash in SOCK TCP Test Server process |
|
Crash in SDP Passthru when T.38 as 1st mline in mid-call SDP |
|
rotate nginx access/error log files |
|
False indication of RTP port leak on ISR4K & Neptune |
|
Malformed GETVPN message %GDOI-4-COOP_KS_UNAUTH |
|
GETVPN // Primary KS sending rekey first to GMs and then to Secondary KS via scheduled rekey. |
|
OSPF SR: When loopback isconfigured with prefix suppression, EPL should be withdrawn |
|
MIB counter for IPsec tunnels does not decrement under high tunnel scale and churn |
|
When NSSA ASBR is reloaded, ECMP to ext routes not installed in other routers. |
|
IOSXE_INFRA-6-PROCPATH_CLIENT_HOG: IOS shim client ‘fman stats bipc’ has taken 278 msec |
|
OSPF SSPF: when seg area is disabled and enabled, mapping server EPL entries not re-generated. |
|
Hub MC continues to send EIGRP SAF hellos after adjacency removed |
|
Crash in VOIP media loop detection |
|
IOS-XE router crash from memory corruption during CCB cleanup |
|
‘ipsm Tunnel Entry’ and ‘Crypto IKMP’ memory leak due to IKE tunnel entry not deleted |
|
After reloading the ELC40 linecards are not coming up online |
|
OSPF; process ospf segmentation fault when shut and no shut is performed in active RP. |
|
OSPF BGP LS: After fail over, error msg seen: %LSLIB-4-EOD: Producer OSPF-0x0 did not send EOD |
|
Corrupted NOTIFY leads to %CRYPTO-4-IKMP_BAD_MESSAGE, stale ISAKMP SA and traffic failure |
|
ISR receives a control packet (CDP) with a CMD tag it should process it, not drop it |
|
GETVPN: show crypto gdoi ks member summary missing last octet in IP address |
|
MPLSoFlexVPN: Hub does not forward resolution req when default route is advertised to spokes |
|
Toggling the switchport then default the interface, load-interval config reapplied |
|
EPAs failed to boot in IOS, with multiple ASR1000-MIP100 installed. |
|
IOS-XE routers: Memory leak observed on process ivr: peer_item_t in AFW_application_process |
|
Night-Service fails if it overlaps with FAC codes |
|
Snort control plane connectivity with Mgmt-intf is broken |
|
Pass load balancing information in IP header to container |
|
Media recording on IOS-XE does not work if a refer is received immediately after the call is answered |
|
ISAKMP Fails When Multiple HSRP tunnel/SVTI Interfaces Configured |
|
Crash after TCP session timeout |
|
Cisco IOS XE Software Diagnostic Shell Path Traversal Vulnerability |
|
when shutting interface with no isis adjacency, local micro-loop avoidance blocks FRR recalculation |
|
OSPF SRTE: prefix information is not provided to SRTE when it is learnt via mapping server. |
|
packet drop seen intermittently if 40G traffic sent via cts interface |
|
Default route redistributed into RIP from EIGRP is not removed from RIP database |
|
ISIS l1-l2 redistribution prefix doesnt get redistributed till clear isis rib redistribution is done |
|
DHCPNAK is not sent in roaming scenario. |
|
%SNMP-3-RESPONSE_DELAYED: processing GetNext of cafSessionEntry.2 seen on catalyst switch |
|
CDP Protocol can run device out of memory |
|
Getting "HA Module DSP_MSP reported CALL_MODIFY RECREATE failure" in CUBE HA. |
|
Error and pending objects when mma policy flap with egress monitor for multi-VRF case |
|
Increase of dampening penalty on route refresh |
|
Syslog: Logging host is truncating lines causing debug output to be cutoff in the middle of a msg |
|
Cube crashes intermittently multiple times within every two days. |
|
VRF deletion status <being deleted> after removing the RD |
|
HIGH CPU observation on FMAN RP ESS EVENT TRACING |
|
ISIS SR: When seg mpls is shut globally, ISIS SID entries not withdrawn from the entire network. |
|
OSPF SR: When loopback is defined as /24 address, EPL should not be sent for the prefix. |
|
ASR1K BGP scanner crash when change VRF and BGP configuration |
|
ISIS SRTE: Explicit SRTE keeps flapping when ISIS is not the winning route in the RIB |
|
OSPF SSPF: With SRTE tunnel, constrained bind of SID0 uses invalid old repair path in some cases |
|
Missing LSP sending after configuration change |
|
ASR1009-X FAN SN in show inventory display incorrectly after replace the FAN and do RP switchover |
|
OSPF SSPF: mapping-server strict SID is processed by images which are not strict spf capable |
|
“CLID restrict” on outbound leg is setting “Privacy=Full” on inbound leg |
|
OSPFv2 Encoding for local-id in LLS needs to be fixed |
|
BGP sets the wrong Local Preference for routes validated by RPKI server |
|
CUBE does not acknowledge Session-Expires header in UPDATE |
|
CUBE Router crashed - Critical software exception, Process = CCH323_CT |
|
IOS-XE : PAT entry using the same port which is configured for static NAT |
|
load-balance advanced moving traffic to fallback path when primary path are not over utilized |
|
OSPF SSPF/TILFA: TILFA ECMP tunnels are not created when the last segment is adjacency sid. |
|
ISRv/QOS - service-policy defined in bootstrap config may not be applied |
|
Multicast IPSLA UDP Jitter throws Socket open error if vrf interface is configured on responder |
|
WSMA: Server responds with HTTP 404 on wsma-exec with http transport profile |
|
EIGRP network statement reappearing after reboot |
|
EIGRP Name mode Summary route is not being apply on Virtual-Access on HUB |
|
IOSd crash while applying dial peer configuration |
|
Crash when receiving EVPN NLRI with incorrect NLRI length field value |
|
SDA-IPV6::SISF traceback @ar_relay_create_entry - L2 Binding tbl entry insertion failed |
|
CME: BLF monitor function fails intermittently with TCP connection |
|
ISG: IETF-Disc-Cause = 0 if DHCP SIP disconnect |
|
CVLA crash on memory merge scan task |
|
OSPF SSPF: ECMP combination of SRTE tunnels and MPLS-TE tunnels does not work properly sometimes. |
|
ISIS SR: When the SRGB range is increased, the local SIDs which are in new range are re-installed. |
|
Crash due to race condition caused by IOS radioactive trace code |
|
AAA Attrbute list leak in Polaris 16.6.2 |
|
LISP: Overlapping prefix causes “probe-down” for map-cache entry |
|
QFP crashed to while sending oversubscribe traffic |
|
OSPF Hello timer 10sec is not applied in network type non-broadcast |
|
Update IOS XE OSPFv2 ELL private TLVs to IANA codepoints |
|
Preempt timer does not work due to old HSRP Hello packet get just after interface up |
|
SIP40 in slot 5 of ASR1013 when inserted ESP-200 in F1 by replacing ESP-40, showed ESI lock failure |
|
Memory leak for CCSIP_TCP_SOCKET and CCSIP_UDP_SOCKET on CUBE |
|
ISIS SR: When seg mpls is shut under ISIS, sid entries not cleared in the local router. |
|
EIGRP SAF Adjacency does not form with /31 mask |
|
ESP crashes with high scale QoS configuration |
|
ASR1002HX FP Crash post LNS path switchover |
|
Kernel crash in ASR1002-HX during LNS path switchover |
|
CME should send out a refer with notify_clear when night-service is manually disabled |
|
ISIS BGP LS: When distribute link state changed from level 1 to level 2, entries not given to BGP LS |
|
Sporadic Crashes Due to IPsec (during ISAKMP AAA interaction) |
|
"ERR: Unable to connect to domain socket tamc_tams_socket" seen continuously |
|
OSPF SSPF/SRTE: when we have ABR with multiple interfaces to backbone area, SPF keeps running. |
|
iwan router crash while updating pmi policy |
|
Output “sh sip-ua connections tcp tls detail” shows that CUBE has stuck connection ids. |
|
[168] OSPF process crash on P router when “router ospf” is unconfigured on another PE or P router |
|
FP reload with IMGR deregister interface |
|
RP Unexpected reboot when using conditional debugging with CCSIP debug |
|
TCAM critical limit shows incorrect value of 55 %. |
|
VRRP doesnt work over Port-channel L3 interface |
|
EIGRP offset-list still active if ACL used in offset-list is removed before offset-list |
|
ESP crash when flapping interface with l2tp tunnels that have qos applied to the tunnels. |
|
CPUHOG on QoS statistics collection for DMVPN. QoS crash with DMVPN/NHRP. |
|
cpp-mcplo-ucode crash when layer 2 switching packet |
|
DMVPN: Crypto session stuck into UP-IDLE status after reconfiguring tunnel |
|
Router crashes after interface flap where sessions get moved from one interface to another |
|
OSPFv3 cost calculation not correct in some specific topology |
|
NULL remote_hostname from LAC |
|
System reload when clearing cts pac |
|
There is junk entry in route-import table on branch when shutdown/no shutdown WAN interface |
|
ASR1001-HX log alarm “Install interface_10g license to unshut the port” |
|
Noisy debugs in “periodic” tracelog |
|
FP crash @cpp_qm_create_queue while adding fair-queue |
|
IKEv2 - Crash with segmentation fault when debugs crypto ikev2 are enabled |
|
uIDB leaks at the DMVPN hub if the route to remote NBMA is not learned |
|
CUBE Unsolicited NOTIFY returns 481 Subscription does not exist |
|
Redundancy Mode None does not Sync |
|
ASR1K - ECMP load-balance w/ DPI L2TP Tunnel visibility and QoS may generate ucode crash |
|
Command “show aaa servers” reloads the switch |
|
IOSd crash when enabling dot1q in a port-channel sub-interface |
|
CME: GUI user page does not load correctly. It is showing “View Window” |
|
Explicit SRTE tunnels are not come up when a prefix is redistributed between levels |
|
CPP crash stuck thread detected multikey_hash_replace_int |
|
RR does not send VPNv4 routes to peer |
|
Call Park with standard FAC fails if phones extensions overlap with FAC codes |
|
Chunk corruption crash related to PNP or Guestshell |
|
Polaris Routers - Memory leak under process RECMSPAPP in IOSd |
|
IOS-XE Voice NIM/PVDM Service-Engine Admin Down leads to one-way audio |
|
Local LAN-only prefix present in master route-import table but not present in site prefix DB |
|
VAI Leaks with IKEv1 DVTI |
|
performance-monitor does not report classification after tunnel shutdown |
|
ISR4k Crashed due to CPUHOG Net background. |
|
downloaded policies hit by traffics were all gone after the second SSO |
|
High CPU utlization with presence feature when reset is issued under voice register global |
|
Redistributing connected route with AIGP attribute is being continuously readvertised |
|
ASR1k reloaded after IPv4 RR stress test |
|
CCSIP_SPI_CONTROL holding memory increasing |
|
ASR1004 started relaying clients DHCP Discover messages to DHCP Server with the wrong IP address |
|
tacacs-server is missing keyword “key” in argument/option available |
|
Erroneous fan failure indication on some units - Speed Racer (ASR1001-HX) |
|
LACP Rate defaults to fast with no way to change it to normal |
|
AAA-Proxy errors in dmiauthd tracelogs |
|
Options Keepalive not triggered on applying profile to dial-peer |
|
iBGP dynamic peer using TTL 1 |
|
SIP Out-of-Dialog OPTIONS Ping Group Shows Dial-Peers Marked as None |
|
cpp_cp_svr crashes, causing reload |
|
Router with SIP traffic crashes at ccsip_free_kpml_info |
|
ZBF not able to identify the WAAS optimized flow and drops ACK |
|
[ECA-SIT] IOSd crash seen on xTR with baseline @ sisf_macdb_get_vlanid |
|
ISIS SRTE: SRTE tunnel not created due to R-flag set |
|
ISAKMP Notification messages carry unnecessary data |
|
Memory leak due to asnl |
|
Subsystem stopped: ios-emul-oper-db due to bgp table issue |
|
config issue after remove Standby RP and insert it into active slot |
|
OSPF SSPF: EPL not sent for secondary addresses on loopback interfaces. |
|
dialpeer matching for inbound SIP profile fails with VRFs |
|
ip dhcp excluded-address deletion issues via netconf |
|
Crash processing MMA punt records |
|
ASR1009-X/RP2:power supplies are seen as ASR1000X-FAN and Insufficient number of power supplies (0) |
|
Router cpp_cp_svr process crashes at cpp_qm_event_parent_event_create |
|
FMFP-3-OBJ_DWNLD_TO_DP_FAILED error after modifying QoS policy |
|
Virtual-service guest IP accepts broadcast address |
|
Abnormal output for show pnp tech-support |
|
BQS pending deferred is stuck |
|
FP cpp_cp_svr crash @cpp_bqs_srt_yoda_place_child |
|
Loss TCA is not generated for traffic with DSCP0 when 0-SLA enabled |
|
EPA-10X10GE or EPA-18X1GE - Memory leak with input mac-address accounting |
|
DTMF fails when mid-call renegotiation changes DTMF method |
|
Cube sends reinvite with annexb=yes even when it receives annexb=no |
|
Router crash due to PuntInject Keepalive Process - kmalloc failures |
|
Netconf IP-SLA udp-jitter case missing leaf codec |
|
PFRv3 RC FIA is not enabeld on interfaces with one of sub-interface with xconnect config |
|
ASR1000X-AC-1100W PEM status displayed as "Unknown" in CCO-16.06.02 on 6X chassis |
|
ASR1006-X EPA card input errors |
|
IOS-XE - FTP closing connection as NAT device does not process the 230 reply message |
|
RP crash @policymap_associated_to_multiple_instances |
|
“%LISP-4-LOCAL_EID_RLOC_INCONSISTENCY” should be suppressed in SDA context |
|
MIP100 get struck in disconnecting state on FP reload |
|
Unexpected metric value for route redistribution from BGP to OSPF |
|
ASR1k “add-route” does not work with “ip nat outside static” statement under VRF |
|
Interface on ASR1001-X will become down/down after shut/no shut |
|
Router crashes when DMVPN tunnel moves accoss ports |
|
16.8.1: dot1x Clients stops responding ( ping to clinet IP fails) after SSO |
|
Repeatedly Tracebacks seen: %INFRA-3-INVALID_GPM_ACCESS: Invalid GPM Load |
|
VRF aware CUBE fails to send OOD OPTIONS pings |
|
Incorrect BDI configuration state shown by NETCONF on interface creation |
|
IPv6 VRRP Master is using using vlan BIA MAC while sending Neighbor advertisements (NA) |
|
H.245 messages are not translated by NAT outside when H.323 video call is initiated from Out-2-In |
|
Persistent Telnet and SSH crashes when configured in 16.6.2 |
|
802.1x authentications are failing if there was interface template config applied before |
|
PFRv3 route-control is inconsistently set to “Disabled” on BR devices |
|
All router mcast is removed by “no ipv6 mld router” in specific timing |
|
CDP packets not getting encapsulated over multipoint GRE tunnel |
|
IS-IS unnecessarily updates RIB when in metric-style narrow |
|
Ensure load-balance internet TCs do not match “class DEFAULT” if configured |
|
Evaluate NTP February 2018 Vulnerabilities. |
|
ASR 1001-X Te0/0/1 link fails when AOC transceivers are used |
|
Incorrect “Hop count” obsearbed in IPv6 EIGRP |
|
Memory leaks seen at PKI_name_list_add(0xa139cc0)+0x3e |
|
Unexpected Reset, Crypto IKMP Segmentation fault with IPSec AAA Configuration |
|
MATM RP Shim Process memory leak @aaa_attr_list_alloc make_a_sublist_max |
|
CPUHog and crash on DNS-SRV-1 process |
|
Several OID from CISCO-CLASS-BASED-QOS-MIB stop working when performing upgrade to Denali-16.3.x |
|
Crash when running “mpls tunnel protection” command |
|
vif interface counters do not increment with multicast service reflection on IOS-XE |
|
Remove stack 1+1 CLI for WS-C3850-48XS |
|
Protocol type for GRE header does not work consistently with“cts sgt inline” enable over auto-tunnel |
|
OSPF SSPF: tilfa ALGORITHM fails to compute repair path, reports incorrect reason of too many labels |
|
NMR TTL is wrongly considering eid-record of 0.0.0.0/0 for its calculation |
|
link local multicast packets are received when the SVI is in down state |
|
ICMP Redirect send even if destination and source address are in different networks |
|
Rapid TDL memory leak in SMD process leads to crash of active switch in stack for ipv6 clients |
|
Device-tracking entry stuck in TENTATIVE for certain Mac Pro hosts configured with static IP |
|
OSPF TILFA: tilfa ALGORITHM preference rules does not pick repair path with lowest number of labels |
|
ASR1001-x crash due to wrong packet size |
|
Crash due appnav SYN-ACK packets without a flow |
|
ZBFW HA: active router stuck in cold standby state after shut no shut the wan interface |
|
IPv6 address not assigned or delayed when RA Guard is enabled |
|
On IOSXE neighbor command under pseudowire interface is rejected |
|
TBAR issues on KS after running “clear crypto gdoi ks coop role” |
|
Reverse-tunnel routes under PMIPv6 MAG config not using configured distance metric |
|
ASR1001 has crashed with cgm_avlmgr_find_node |
|
mac-move does not work on IBNS 2.0 unless you disable it then enable it back |
|
CPP Microcode Crash during sRTP Call Encryption |
|
Evaluation of IOS-XE and IOS for OpenSSL CVE-2018-0739 and CVE-2018-0733 |
|
CPP crash on L2TP router |
|
H225 gatekeeper request dropping under “ALG PARSER” with ZBF |
|
OSPF SSPF: With SRTE tunnel scale, SRTE SID0 constraint Label Bind fails with LABEL_BROKER error msg |
|
Initial Trustpool installation not successful before PKI is ready |
|
Type 7 password parsed incorrectly in dot1x credentials causing auth failure |
|
Recommit of CSCvg77924 - FRR feature not working in ESP100 & ESP200 |
|
Reverse-route configuration is unsupported under gdoi crypto map |
|
Packet throughput drops down when enable tunnel visibility with single tcp flow(>1MPPS) |
|
Provide Passthrough Reason in IOS-XE for AppNav |
|
ASR1K crash with Last reload reason: Critical process fman_fp_image fault on fp_0_0 (rc=134) |
|
Web redirect clients do not get redirected, Create IO ctx, too many intercepted connections |
|
“VoIP dial-Peer is Up” incorrectly log prints at every up interval when server-group is configured |
|
UNIX-EXT-SIGNAL: Segmentation fault(11), Process = ACCT Periodic Proc |
|
IOS: Crypto Ruleset fails to get deleted |
|
Voice VRF with No Bind OPTIONS Ping response not sent |
|
Crash during Generic Call Filter Module cleanup |
|
BGP attribute map for aggre address can not set attribute |
|
RADIUS client on network fails to solicit PAC key from CTS even though the device has a valid PAC |
|
DNS Debug seen without enabling any debug |
|
ASR1K - exhausted IP Session Handles - %IDMGR-3-INVALID_ID: bad id in id_get (Out of IDs!) (id: 0x0) |
|
%PMIPV6-5-TUNNELDELETE: |
|
OSPF SSPF: When sid 0 is removed, wrong implicit-null label used for inter-area prefix. |
|
Crash when doing SNMP walk and applying QOS over a GRE tunnel |
|
default channel operation state changing from I/O to D/O failed when zero-sla enabled |
|
Telnet Sessions Hang/Become unavailable at execution of “show run” |
|
ACEs after an object-group reference not being processed in software if ACL has more than 13 ACEs |
|
dynamic vlan assignment causes all sisf entires under the port to be deleted |
|
The OID - adslAtucCurrOutputPwr returns incorrect output. |
|
Memory leak@CENT-BR-0 when change the path label frequently |
|
“dtmf-interworking rtp-nte” command breaking software MTP. |
|
“ip rsvp bandwidth” max value llimitation to 10GE |
Caveats in Cisco IOS XE Everest Release 16.6.3
Open Caveats—Cisco IOS XE Everest 16.6.3
All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
R0/0: ASR1002-X kernel: bullseye_i2c_master_xfer Error Repeats Every Hour |
|
Skywalker: Failed to create, Pseudowire interface |
|
Excess BGP Traps Generated just after upgrade |
|
OSPF SRTE: Invalid primary paths and metric seen with SRTE autoroute announce with metric option |
|
IP TUNNELS: Overlapping Loopback Interface Causes Incorrect Forwarding Decision with AppNav and PfR |
|
IOSd crashed when dialer disconnect the ISDN call |
|
e2e ping is failed after configuring profiles qos-de and aaaauth1 |
|
NDSSO vrf ha table to be populated correctly |
|
Crash when it tries to write over a TTY session |
|
router reloaded when doing show BGP RT filter routes |
|
ESP Crash with FP Switchover |
|
Excessive "Reflector" Tracelogs |
|
Voice Gateway crash due to memory corruption while finding DN index during redirect |
|
Crash in SDP Passthru when T.38 as 1st mline in mid-call SDP |
|
GETVPN // Primary KS sending rekey first to GM's and then to Secondary KS via scheduled rekey. |
|
MIB counter for IPSec tunnels does not decrement under high tunnel scale and churn |
|
Broadcast counters issue on ISR4400 |
|
IOS-XE router crash from memory corruption during CCB cleanup |
|
OSPF; process ospf segmentation fault when shut and no shut is performed in active RP. |
|
MPLSoFlexVPN: Hub doesn't forward resolution req when default route is advertised to spokes |
|
ASR1K not dropping frames with unknown MAC when EVC + Sub-interface is configured |
|
CTS PAC download fails with VRF config on non-managenent interface |
|
asr1k: Gec 5 tuple feautre not working in IOS-XE releases post 16.4.1 |
|
BE4K Registration failed for REGISTER matching wrong voip dial-peer |
|
BE4K VRF failed to associate if binding is used in tenant |
|
IOS-XE Router crashed unexpectedly with critical process fault, fman_fp_image, fp_0_0, rc=134 |
|
BE4000 one way audio seen line to trunk side call with VRF enabled |
|
%SNMP-3-RESPONSE_DELAYED: processing GetNext of cafSessionEntry.2 seen on catalyst switch |
|
ISR 4000 discards private RSA key after upgrade and reload with WAAS module |
|
HIGH CPU observation on FMAN RP ESS EVENT TRACING |
|
ASR1K BGP scanner crash when change VRF and BGP configuration |
|
ASR1009-X FAN SN in show inventory display incorrectly after replace the FAN and do RP switchover |
|
PFR: Overlapping Loopback Interface Causes Incorrect Forwarding Decision with AppNav and PfR |
|
3850 standby switch reloads due to configuration-mismatch after use "exception crashinfo" command |
|
crash with "debug platform condition ipv4 access-list " |
|
CUBE Router crashed - Critical software exception, Process = CCH323_CT |
|
Crash when downloading configuration from APIC-EM server |
|
WSMA: Server responds with HTTP 404 on wsma-exec with http transport profile |
|
PLATFORM_INFRA-5-IOS_INTR_OVER_LIMIT error with traceback |
|
IOSd crash while applying dial peer configuration |
|
Continuous crash in "/kernel/mki/src/free" after upgrade to version 15.5(3)S6 |
|
"HTTP CORE" Process Crashes When Parsing PNP Transport Config |
|
SIP40 in slot 5 of ASR1013 when inserted ESP-200 in F1 by replacing ESP-40, showed ESI lock failure |
|
Memory leak for CCSIP_TCP_SOCKET and CCSIP_UDP_SOCKET on CUBE |
|
PfRv3: Crash while Printing the Same TCA Message |
|
Crash after crypto map removal |
|
ESP crashes with high scale QoS configuration |
|
Sporadic Crashes Due to IPSec (during ISAKMP AAA interaction) |
|
Nexthop is wrong in route-import table on branch when delete WAN interface and reconfigure it |
|
iwan router crash while updating pmi policy |
|
Memory Leak due to nbar config |
|
FP crash with scaled IKE sessions. |
|
RP Crash @ gcfm_check_percall_status |
|
TCAM critical limit shows incorrect value of 55 %. |
|
ESP crash when flapping interface with l2tp tunnels that have qos applied to the tunnels. |
|
CPUHOG on QoS statistics collection for DMVPN. QoS crash with DMVPN/NHRP. |
|
cpp-mcplo-ucode crash when layer 2 switching packet |
|
Router crashes after interface flap where sessions get moved from one interface to another |
|
Byte counters for physical port-channel interface and port-channel subinterface don't match |
|
NULL remote_hostname from LAC |
|
ASR1001-HX log alarm "Install interface_10g license to unshut the port" |
|
Memory leak in some SBC functions |
|
FP crash @cpp_qm_create_queue while adding fair-queue |
|
ISR4k router crashes during status check on WAAS Express |
|
ASR1K - ECMP load-balance w/ DPI L2TP Tunnel visibility and QoS may generate ucode crash |
|
ASR1002-HX/Polaris 16.5: Traceback seen for full VMI when lcp AVPs pushed by RADIUS |
|
ARP for the gateway on ASR1k for Mgmt-intf g0 is not generated on Dataplane after it times out |
|
Performance monitor related field (like SSRC) is not collected. |
|
CPP crash stuck thread detected multikey_hash_replace_int |
|
traffic is dropped when goes over tunnel |
|
ucode core due to stuck thread detected - DoubleExceptionVector |
|
Polaris Routers - Memory leak under process RECMSPAPP in IOSd |
Resolved Caveats—Cisco IOS XE Everest 16.6.3
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Resolved Bug Search.
Caveat ID Number |
Description |
---|---|
Memory leak seen while creating vlans using Tclsh |
|
Unable to verify files on stby-bootflash: filesystem. |
|
upgrade rom-monitor filename flash: returns "Invalid File" |
|
"dot1x auth-fail eapol" is always seen in "show run all" |
|
VPDN not switching traffic to new path after link failover or routing protocol convergence |
|
tcp_getbuffer memory leak - refcount not reduced when packet dropped |
|
Crash after IWAN does a recalculation in the RIB |
|
SCEP enrollment failing with HTTP/1.1 500 Internal Error |
|
Standby RP3 fails to boot on soft start |
|
Enhancement: Un-controlled TC in DISCARDED state is dropped instead of RIB-routed |
|
IPsec/IKEv2 Installation Sometimes Fails With Simultaneous Negotiations |
|
CME/BE4000 Intermittently Crash when making configuration changes |
|
%UTIL-6-RANDOM: A pseudo-random number was generated twice in succession |
|
Configured Speed/Duplex are not supported on Mgmt Eth port |
|
BGP crashes at bgp_ha_sso_enable_ssomode |
|
System Boot Hung without EULA Acceptance |
|
920 : Mid Point LSP creation failure after reload with latest polaris Image |
|
Crash in CISCO-SLB-EXT-MIB code |
|
CUBE crashed on executing "show sip-ua calls called-number'' |
|
In-dialog options ping received post ACK (call completion) cause cube to change codec and no audio |
|
IKE_INIT is sent before PPPoE dialer obtains its IP address |
|
voiprtp_register_transport_port_manager_and_reserve: Alloc ports failed, min: 8000, max: 48199 248 |
|
iwan router crash while updating pmi policy |
|
QFP exmem memory leak in cpp_fm_sce_result_chunk |
|
router crash after EEM-wanfailover script triggered |
|
CUBE can't handle mid-call re-invite when midcall-signalling passthrough mediachange is configured |
|
Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability |
|
IOS-XE DMVPN Per-tunnel QoS not working on CSR1k without AX license |
|
GETVPN: TBAR sync "timer is not running" after KS upgrade causing anti-reply drops and GM outages |
|
Traceback: Stack master crash at dot1x authentication |
|
Router crash during T38 fax bitrate negotiation |
|
Cisco IOS and IOS XE Software IOS daemon Cross-Site Scripting Vulnerability |
|
ESP crashed - double_exception_has_occured - malformed PIM packet over GRE tunnel & ERR_DTL_INV_ADDR |
|
Crash when printing IPSEC anti-replay error |
|
Router crash on polling cEigrpPeerEntry |
|
ASR1K RP2 crash due to CPUHOG occourred by arp input process infinite loop |
|
show gtp parameters causes RP to crash |
|
Mid-call failure because all available Crypto is not Offered in SDP |
|
RE-INVITE and OPTIONS Glare not handled by CUBE |
|
router crashed after triggers with debug |
|
[RIB route watch] detect stale pointer from client to avoid system crash with corrupted memory |
|
Re-calculate PKI SHADOW timer after NTP synchronization |
|
IWAN EIGRP SAF - seq number mismatch after branch reload |
|
KS merge fails for groups with TBAR due to PST update failure on primary KS |
|
OPTIONS not replied by CUBE over TCP without interface bind |
|
Crash at cc_detect_mute_call |
|
DMVPN session get stuck in NHRP and UP-NO-IKE state without active IKEv2 session until rekey |
|
Copying file larger than 2GB to FTP destination fails with "Invalid argument" (revisit CSCug41449) |
|
ASR1k ESP may crash after a switchover if IPsec configured |
|
Polaris: Crash observed while client association with key-wrap enabled in controller. |
|
After upgrade of IOS, SSH passwords longer than 25 characters do not work |
|
QFP Memory leak in 'cpp_cp_svr' with 'CPP List Hdr Chunk' |
|
ISR4K - XE 16.3.4 - SIP-TDM GW - FLEXDSPRM-3-TDM_CONNECT errors and crash |
|
Crash when crypto map applied to several tunnel interfaces |
|
EAPTLS:- Session manger crashing with MKA/EAPTLS session bring up with newly installed certificates. |
|
In HA system, with secure storage, the private-config is being encrypted multiple times |
|
Te0/0/0 or Te0/0/1 shows up/up without cable |
|
IOS-XE MOS scores always show 4.x even with massive packet loss. |
|
Voice-port command compand-type is remove during a reboot |
|
Device crashes due to crypto pki functions |
|
CME/BE4000 crash occurs when call is made to invalid SNR destination |
|
both ESP100 crashed when the ATM interface input QOS configure is applied |
|
ISR4K - IOSd crash with SIGABRT with CCVPM_HTSP |
|
4431 QFP crashes by a LLC packet received in a Serial Interface |
|
crash seen on clearing "ip nat translation" while also doing show "ip nat translation" |
|
ASR1K -LNS ESP crash after failing/flapping TeGig interfaces |
|
Received EVPN route type 2 ignored by ASR1K RR |
|
cpp_cp_svr 100% CPU due to dumping 'TX idle timer expire (channel 111055)" |
|
Traceback: OCSP creates a large number of lists and triggers a memory problem |
|
quiet mode exit does not re-apply "vrf-also" to config. |
|
3rd Party SIP Phones not registering from CME 11.6 |
|
Multiple crashes on ASR1k at iWAG GTP PDP director event dispatcher |
|
ASR920 / ASR1k: PING MIB not returning results / Counter 32 = 0 |
|
Yoda based platform : Crash on cpp_qm_obj_destroy with reason as LocalSoft on Polaris Release |
|
Device IP address AV pair replaced with 192.168.1.5 |
|
"no cdp enable" is rewritten to "no cdp tlv app" after reload. |
|
hub BR gets crashed after issue "show domain iwan border channels" following with border shutdown |
|
ASR1K - LNS node de-aggregation w/ POLARIS image |
|
PKI: All SCEP requests fail with "Failed to send the request. There is another request in progress" |
|
Polaris 16.3.5: Crash at auth_mgr_show_dc_details |
|
CFD: pnp config upgrade failed when IFS returns size 0 for all TFTP files |
|
qos/cce AOM pending batch ack due to BQS pending config |
|
Traceback: Crash on WAAS menu prompt for WAN Interface |
|
Crash in IP SLAs Responder process when removing 'ip sla responder' from config during TWAMP session |
|
ESP crashed - cpp_cp failed in cpp_qm_event_proc_defer_parent_event |
|
Crypto Traceback: Router crash at 'Crypto Support' segmentation fault |
|
AToM: MSPW VC Down with Reason as No VC Remote Label Binding Received on RP SSO |
|
IOSd crash due to segfault in show_snmp |
|
Mgig stack keeps crashing while configuring with Radius commands |
|
IOS-XE GM router might crash after the rekey method is changed from unicast to multicast |
|
Device IP address AV pair replaced with 192.168.1.5 |
|
Cannot add static route through dynamic NEMO tunnel interface |
|
ISR 4k SCCP Process Does Not Wait for All PVDM Modules to Come Up Before Registering |
|
Router Crashes on command show ip dhcp vrf <vrf name > binding remembered |
|
"ip access-list resequence" causing crash on CBR-8 |
|
PKI: Device crash during crl download with multiple CDP URI |
|
Suite-B Not Supported with ESP-200 on ASR1000-X Platform |
|
Evaluation of all for CPU Side-Channel Information Disclosure Vulnerabil |
|
Output Qos policy is removed from Dialer interface after reloading the device if input policy exists |
|
CLI 'aaa common-criteria' not available on IPBASEK9 license |
|
show platform software adjacency oce <ID> crashing router |
Caveats in Cisco IOS XE Everest Release 16.6.2
Open Caveats—Cisco IOS XE Everest 16.6.2
All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
Caveat ID Number |
Description |
---|---|
Unable to verify files on stby-bootflash: filesystem. |
|
Crash observed while sending 40K 4Kb packet size html session with ETA configured on ESP 100 |
|
R0/0: kernel: bullseye_i2c_master_xfer Error Repeats Every Hour |
|
SPA modules on ASR1002-x show "missing" under show platform |
|
Member link of Port channel gets removed on doing a SSO on the peer end |
|
OSPF SRTE: Invalid primary paths and metric seen with SRTE autoroute announce with metric option |
|
Crash after IWAN does a recalculation in the RIB |
|
IOSd crashed when dialer disconnect the ISDN call |
|
Enhancement: Un-controlled TC in DISCARDED state is dropped instead of RIB-routed |
|
e2e ping is failed after configuring profiles qos-de and aaaauth1 |
|
CME/BE4000 Intermittently Crash when making configuration changes |
|
%UTIL-6-RANDOM: A pseudo-random number was generated twice in succession |
|
Configured Speed/Duplex are not supported on Mgmt Eth port |
|
NDSSO vrf ha table to be populated correctly |
|
Crash in ADSL SNMP code |
|
920 : Mid Point LSP creation failure after reload with latest polaris Image |
|
In-dialog options ping received post ACK (call completion) cause cube to change codec and no audio |
|
[1661]- Switch number is missing in stack merged logs. |
|
Overlord: GLC-TE SFP module cannot up after OIR during traffic |
|
iwan router crash while updating pmi policy |
|
ESP Crash with FP Switchover |
|
CUBE can't handle mid-call re-invite when midcall-signalling passthrough mediachange is configured |
|
[UniScale]isr4431 crashes while verifying IPv6 CEF scalability |
|
Traceback: Stack master crash at dot1x authentication |
|
Packet-tracer error message % Error: Failed to collect packet info |
|
ISR4K 4400 fail to boot up on 3.13.8S 3.12.3s 3.11.4s 3.10.9s (4300 fail to boot up on 3.13.8S) |
|
ASR CUBE 1K reloaded with reason: RG-application reload on voice-b2bha RG |
|
Crash when printing IPSEC anti-replay error |
|
Crash in SDP Passthru when T.38 as 1st mline in mid-call SDP |
|
Router crash due to memory corruption in PKI |
|
mSATA SSD inventory is missing after module stop/start/reload |
|
Router crash on polling cEigrpPeerEntry |
|
NIM-SSD: Inventory of disk0 and disk1 are interchanged on Polaris 16.x |
|
IWAN Performance degredation on PI32 images |
|
Watchdog crash during file copy operation |
|
Flexible NetFlow crash |
|
ASR1k Regarding ifHCInBroadcastPkts value decreasing |
|
Mid-call failure because all available Crypto is not Offered in SDP |
|
[Amur-MR8] SM-X reload after configuring channel-group 18 on an interface |
|