Cisco OL-4015-08 Manual do Utilizador descarregar pdf (Página 596)

100

101

948

Cross-Platform Release Notes for Cisco IOS Release 12.0S

OL-1617-14 Rev. Q0

Caveats

Resolved Caveats—Cisco IOS Release 12.0(30)S1

These attacks, which only affect sessions terminating or originating on a device itself, can be of

three types:

1. Attacks that use ICMP “hard” error messages.

2. Attacks that use ICMP “fragmentation needed and Don’t Fragment (DF) bit set” messages, also

known as Path Maximum Transmission Unit Discovery (PMTUD) attacks.

3. Attacks that use ICMP “source quench” messages.

Successful attacks may cause connection resets or reduction of throughput in existing connections,

depending on the attack type.

Multiple Cisco products are affected by the attacks described in this Internet draft.

Cisco has made free software available to address these vulnerabilities. In some cases there are

workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml.

The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security

Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple

vendors whose products are potentially affected.

• CSCef61721

Symptoms: CEF may not be updated correctly with a route change.

Conditions: This symptom is observed when IPv6 BGP is configured and when a route changes from

iBGP to eBGP or the other way around.

Workaround: Repopulate CEF with the correct forwarding information by entering the clear ipv6

route ipv6-address command.

• CSCef63272

Symptoms: A recursive static default route may not have an outgoing MPLS label, causing all

packets to be dropped.

Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(9) but

may also occur in other releases.

Workaround: Add a nonrecursive static route to the BGP next-hop.

• CSCef67840

Symptoms: When the CEF table consistency checker is configured to perform a passive scan check

of tables of the line cards, the CEF table consistency checker may report false inconsistencies, which

you can view in the output of the show ip cef ip-address command. The false inconsistencies may

occur because of a race condition.

Conditions: This symptom is observed on a Cisco 12000 series that runs Cisco IOS

Release 12.0(27)S1.

If an inconsistency is reported for a recursive loadbalanced route for which the output interfaces for

the next-hop IP address differ between the RP and line card, you can ignore this inconsistency

because this information is not used during the forwarding process.

Workaround: Disable the CEF table consistency checker so that no passive scan check is performed

of tables of the line cards.

• CSCef70566

Symptoms: After you have configured an ACL on a router to deny a traffic stream, traffic is shaped

unexpectedly.

1 2 ... 591 592 593 594 595 596 597 598 599 600 601 ... 677 678

Comentários a estes Manuais

Sem comentários

Cisco OL-4015-08 Manual do Utilizador Página 596

Comentários a estes Manuais

Manuais e produtos relacionados com Redes Cisco OL-4015-08