Полезная информация


Table of Contents

New and Changed Information
Important Notes

New and Changed Information

The following sections list the new features supported in Cisco IOS Release 12.0.

New Software Features in Release 12.0(1)

The following new features are supported in Cisco IOS Release 12.0.

AAA Authorization & Accounting Feature

In earlier Cisco IOS releases, only named authentication method lists were supported under Cisco's Authentication, Authorization, and Accounting (AAA) network security services. Now, AAA has been extended to support both authorization and accounting named method lists. Named method lists for authorization and accounting function the same way as those for authentication. Named method lists for AAA authorization and accounting allow you to define different methods for authorization and accounting and apply those methods on a per-interface or per-line basis.

AAA Scalability

The Authentication, Authorization and Accounting (AAA) Scalability feature enables you to configure and monitor the number of background processes allocated by the PPP manager in a network access server (NAS) to deal with AAA authentication and authorization requests. In previous Cisco IOS releases, only one background process was allocated to handle all AAA requests for PPP. This meant that parallelism in AAA servers could not be fully exploited. The AAA Scalability feature enables you to configure the number of processes used to handle AAA requests for PPP, thus increasing the number of users that can be simultaneously authenticated or authorized.

The AAA Scalability feature provides an increase in the number of parallel authentication and authorization requests the NAS can forward to the AAA server.

AAA Support for MS-CHAP

Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) is the Microsoft version of CHAP and is an extension to RFC 1994. Like the standard version of CHAP, MS-CHAP is used for PPP authentication; in this case, authentication occurs between a PC using Microsoft Windows NT or Microsoft Windows 95 and a Cisco router or access server acting as a network access server (NAS).

MS-CHAP differs from the standard CHAP as follows:

Depending on the security protocols you have implemented, PPP authentication using MS-CHAP can be used with or without Authentication, Authorization and Accounting (AAA) security services. If you have enabled AAA, PPP authentication using MS-CHAP can be used in conjunction with both TACACS+ and RADIUS. Two new vendor-specific RADIUS attributes (IETF Attribute 26) were added to enable RADIUS to support MS-CHAP.

Additional Vendor-Proprietary RADIUS Attributes

Remote Authentication Dial-In User Server (RADIUS) is an access server authentication, authorization, and accounting protocol originally developed by Livingston, Inc. Although an Internet Engineering Task Force (IETF) draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the network access server and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way. In this release, Cisco IOS software introduces support for additional vendor-proprietary RADIUS attributes.

For a complete list of supported IETF and vendor-proprietary RADIUS attributes, refer to the "RADIUS Attributes" appendix in the Cisco IOS Release 11.3 Security Configuration Guide.

Users who have implemented security solutions using a vendor-proprietary implementation of RADIUS can now integrate Cisco access routers into their networks more easily.

Airline Product Set (ALPS)

The Airline Product Set (ALPS) feature is a tunneling mechanism that transports airline protocol data across a Cisco router-based TCP/IP network to an X.25-attached mainframe. This feature provides connectivity between agent set control units (ASCUs) and a mainframe host that runs the airline reservation system database.

The basic ALPS topology is composed of three major components that provides the end-to-end transportation of airline protocol traffic across the network: the Airline Control (ALC) protocol, the TCP-based transport protocol, and the AX.25/EMTOX access to the mainframe.

The ALPS feature is integrated in the Cisco IOS software and allows airlines to replace their existing hardware and software with Cisco routers. For customers who already use Cisco routers, this feature allows them to consolidate networking overhead and functionality.

Always-On/Dynamic ISDN

Always On/Dynamic ISDN (AO/DI) is an on-demand service that is designed to optimize the use of an existing Integrated Services Digital Network (ISDN) signaling channel (D channel) to transport X.25 traffic. The X.25 D channel call is placed from the subscriber to the packet data service provider. The use of PPP allows protocols to be encapsulated within the X.25 logical circuit carried by the D channel. The bearer channels (B channels) use the Multilink protocol without the standard Q.922 and X.25 encapsulations, and invoke additional bandwidth as needed. Optionally, the Bandwidth Allocation Control Protocol (BACP) and the Bandwidth Allocation Protocol (BAP) can be used to negotiate bandwidth allocation as required.

AO/DI takes full advantage of existing packet handlers at the central office by using an existing D channel to transport the X.25 traffic. The link associated with the X.25 D channel packet connection is used as the primary link of the Multilink bundle. The D channel is a connectionless, packet-oriented link between the Customer Premise Equipment (CPE) and the central office. Since the D channel is always available, it is possible to in turn offer "always available" services. On-demand functionality is achieved by using the B channels to temporarily boost data throughput and are disconnected after use.

ATM E.164 Auto Conversion

The ATM E164 Auto Conversion feature allows a Cisco router to set up ATM switched virtual circuit (SVC) connections based on E.164 addresses.

E.164 is an International Telecommunications Union (ITU) specification for the ISDN international telephone numbering plan, which has traditionally only been used in telephone networks. The Asynchronous Transfer Mode (ATM) Forum has defined three different 20-byte ATM End System Address (AESA) formats, along with the native E.164 format, for use in ATM networks. One of these 20-byte formats is the embedded E.164 AESA (E164_AESA) format. The ATM E164 Auto Conversion feature allows networks that operate based on ATM addressing formats to internetwork with networks based on E.164 addressing formats.

The ATM E164 Auto Conversion feature requires components from addressing, routing, and signaling to perform properly.

Automated Double Authentication

The automated double authentication feature enhances the existing double authentication feature.

Previously, with the existing double authentication feature, a second level of user authentication is achieved when the user Telnets to the network access server or router and enters a username and password. Now, with automated double authentication, the user does not have to Telnet anywhere but instead responds to a dialog box that requests a username and password or PIN. For information about the existing double authentication feature, refer to the "Configuring Authentication" chapter of the Cisco IOS Release 11.3 Security Configuration Guide.

This feature has all the security benefits of double authentication, but provides a simpler, more user-friendly interface for remote users. Users are no longer required to Telnet to a remote device; they can simply respond to on-screen dialogs.

The remote user hosts must be running a companion client application. As of the first publication of this document, the only client application software available is the Glacier Bay application server software for PCs.

Automatic Protection Switching of Packet-over-SONET Circuits

The automatic protection switching (APS) feature is supported on Cisco 7500 series routers. This feature allows switch over of packet-over-SONET (POS) circuits and is often required when connecting SONET equipment to telco equipment. APS refers to the mechanism of bringing a "protect" POS interface into the SONET network as the "working" POS interface on a circuit from the intervening SONET equipment.

The protection mechanism used for this feature is "1+1, Bidirectional, nonrevertive" as described in the Bellcore publication TR-TSY-000253, SONET Transport Systems; Common Generic Criteria, Section 5.3. In the 1+1 architecture, there is one working interface (circuit) and one protect interface, and the same payload from the transmitting end is sent to both the receiving ends. The receiving end decides which interface to use. The line overhead (LOH) bytes (K1 and K2) in the SONET frame indicate both status and action.

The protect interface is configured with the IP address of the router that has the working interface. The APS Protect Group Protocol, which runs on top of UDP, provides communication between the process controlling the working interface and the process controlling the protect interface.

Using this protocol, POS interfaces can be switched due to a router failure, degradation or loss of channel signal, or manual intervention. In bidirectional mode, the receive and transmit channels are switched as a pair. In unidirectional mode, the transmit and receive channels are switched independently. For example, if the receive channel on the working interface has a loss of channel signal, both the receive and transmit channels are switched.

In addition to the new Cisco IOS commands added for the APS feature, the POS interface configuration commands pos threshold and pos report have been added to support user configuration of the bit error rate (BER) thresholds and reporting of SONET alarms.

Bridging Code Rework

In Cisco IOS Release 12.0, the bridging code has been reworked to modularize the dependencies between IOS vLAN, the L2 path, and the IEEE 802.1d Spanning Tree.

Certification Authority Interoperability

Certification Authority (CA) interoperability is provided in support of the IP Security (IPSec) standard. CA interoperability permits Cisco IOS devices and CAs to communicate so that your Cisco  IOS device can obtain and use digital certificates from the CA. Although IPSec can be implemented in your network without the use of a CA, using a CA provides manageability and scalability for IPSec. Without CA interoperability, Cisco IOS devices could not use CAs when deploying IPSec. CAs provide a manageable, scalable solution for IPSec networks.

CIP Core Dump Support

A class of global configuration commands exist in the Cisco IOS software that allow you to output a core dump from a router or a processor card in the router when the Cisco IOS software halts unexpectedly. These are the exception global configuration commands. The exception commands were hidden from the user configuration interface until Cisco IOS Software Release 11.2(8).

The exception slot global configuration command lets you configure a CIP to output a core dump when the Cisco IOS software running on the CIP halts unexpectedly.

The exception slot command uses FTP to transfer data from the CIP to a host system.

Note The output obtained by the exception command can be interpreted by a qualified Cisco technical support person.

Cisco AS5300 Additional Functionality

The following additional software support is provided for the Cisco AS5300 access server:

Cisco Database Connection

The Cisco Database Connection feature enables Cisco routers to implement IBM's distributed relational database architecture (DRDA) level 3 over TCP/IP. The Cisco router with Database Connection exists in the TCP/IP network, and clients use the Database Connection IP address and port on the router to connect to the IBM host system that exists in the SNA network.

When Database Connection is configured on a router, client-based Open Database Connectivity (ODBC) applications can connect to IBM's family of IBM D2 relational databases which include:

The router with Database Connection converts DRDA packets over TCP/IP to DRDA packets over APPC (LU 6.2) and then routes them to DB2 databases. Database Connection runs as a TCP/IP daemon on the router, accepting DRDA client connections over TCP/IP. When a client connects to the database on an IBM mainframe host, Database Connection allocates an APPC conversation over SNA to an IBM server, and acts as a gateway between DRDA over TCP/IP and DRDA over APPC.

When configured on a router, the Database Connection feature enables desktop applications to access data in remote databases located on IBM hosts. Database Connection receives database access messages from the client over a TCP/IP link. Database Connection converts the messages to SNA and transmits them to the host using APPC services provided by the Cisco IOS APPN software.

The Database Connection feature offers the following benefits:

Cisco Express Forwarding

Cisco Express Forwarding (CEF) is advanced Layer 3 IP switching technology. CEF optimizes network performance and scalability for networks with large and dynamic traffic patterns, such as the Internet, on networks characterized by intensive Web-based applications, or interactive sessions.

Although you can use CEF in any part of a network, it is designed for high-performance, highly resilient Layer 3 IP backbone switching.

CEF offers these benefits:

Cisco IOS File System

The Cisco IOS File System (IFS) feature provides a single interface to all file systems the router uses, including:

IFS provides the following benefits:

Depending on the current configuration of the file prompt command and the type of command you entered, the router may prompt you for confirmation, even if you have provided all the information in the command. In these cases, the default value will be the value entered in the command. Press Return to confirm the values.
The file path (directory and filename) is specified relative to the directory used for file transfers. For example, on UNIX file servers, TFTP pathnames start in the /tftpboot directory, and rcp and FTP paths start in the home directory associated with the username.

CLAW IP Packing

Cisco IOS implements the Common Link Access to Workstation (CLAW) Channel Protocol to transport data between the mainframe and the Cisco CIP in TCP/IP environments. The CLAW packing feature is an enhancement to the CLAW protocol support which enables the transport of multiple IP packets in a single channel operation.

The CLAW packing feature significantly increases throughput performance between a mainframe and a Cisco CIP.

Currently, IBM's TCPIP stack does not support the CLAW packing feature. However, the original implementation of the CLAW IP datagram support will continue to work with IBM's stack, even concurrently with the CLAW packing feature.

Committed Access Rate

The Committed Access Rate (CAR) feature performs the following functions:

CAR can be used to rate-limit traffic based on certain matching criteria, such as incoming interface, IP precedence, QoS group, or IP access list criteria. CAR provides configurable actions, such as transmit, drop, set precedence, when traffic conforms to or exceeds the rate limit.

Conditionally Triggered Debugging

The Conditionally Triggered Debugging feature limits debugging messages based on their related interface or subinterface. When this feature is enabled, the router generates debugging messages for packets entering or leaving the router on a specified interface. However, the router does not generate debugging output for packets entering or leaving through a different interface. This feature allows you to focus debugging output on the problematic interface or interfaces.

You can specify the interfaces explicitly. For example, you may only want to see debugging messages for one interface or subinterface. You can also turn on debugging for all interfaces that meet specified conditions, such as a particular username, calling party number, or called party number. If you specify multiple conditions, the interface must meet at least one of the conditions.

This feature controls the output from the following protocol-specific debug commands:

While this feature limits the output of the above commands, it does not automatically enable the generation of debugging output from these commands. Debugging messages are generated only if the protocol-specific debug command is enabled.

This feature is useful on dial access servers, which have a large number of ports. Normally, the router will generate debugging messages for every interface, resulting in a large number of messages. The large number of messages consumes system resources. For example, if the messages are displayed on the console, the router must take the time to send every message to the console. Similarly, if you are sending messages to a syslog server, the large number of generated output consumes network resources.

In addition, the large number of messages can make it difficult to find the specific information you need. Messages may scroll by on the console too quickly, or the logging buffer may wrap around before you are able to examine the contents of the buffer.

By limiting the debugging messages, you can receive messages related to only the ports you want to troubleshoot. This limiting decreases the number of generated messages, thus consuming fewer resources and making it easier for you to find the information you want.

Context-Based Access Control Feature

The Cisco IOS Firewall feature set combines existing Cisco IOS firewall technology and the new context-based access control (CBAC) feature. When you configure the Cisco IOS Firewall feature set on your Cisco router, you turn your router into an effective, robust firewall.

The Cisco IOS Firewall feature set is designed to prevent unauthorized external individuals from gaining access to your internal network, and to block attacks on your network, while at the same time allowing authorized users to access network resources.

You can use the Cisco IOS Firewall feature set to configure your Cisco IOS router as:

The Cisco IOS Firewall feature set provides the following benefits:

Dialer Watch

Dialer Watch is a backup feature that integrates dial backup with routing capabilities. Prior dial backup implementations used the following conditions to trigger backup:

Distributed Cisco Express Forwarding Netflow

The dCEF NetFlow feature allows the VIP and VIP2 to NetFlow switch packets and perform NetFlow data export similar to CEF Flow switching on the RSP. Each VIP maintains its own independent flow cache and can generate its own export packets containing statistics on expired flows. Use the show ip cache flow command to display per-protocol statistic summaries for packets switch by the RSP and VIP. The show ip cache flow command shows only flow details for RSP switched flows.

Distributed Weighted Fair Queuing

Flow-based weighted fair queuing (WFQ) controls the ratio of transmission bandwidth allocation among different traffic flows during periods of congestion. Class-based WFQ allocates transmission bandwidth among different traffic flows or QoS groups during periods of congestion.

The Distributed Weighted Fair Queuing (DWFQ) feature uses the VIP rather than the RSP to perform the queuing; therefore, it requires a Cisco 7500 series router or Cisco 7000 series router with RSP7000.

Flow-based WFQ provides the following benefits:

Distributed Weighted Random Early Detection

Random Early Detection (RED) is a congestion avoidance mechanism that takes advantage of TCP's congestion control mechanism. By randomly dropping packets prior to periods of high congestion, RED tells the packet source to decrease its transmission rate. Assuming the packet source is using TCP, it will decrease its transmission rate until all the packets reach their destination, indicating that the congestion is cleared.

Weighted RED (WRED) generally drops packets selectively based on IP precedence. Packets with a higher IP precedence are less likely to be dropped than packets with a lower precedence. Thus, higher priority traffic is delivered with a higher probability than lower priority traffic.

However, you can also configure WRED to ignore IP precedence when making drop decisions so that non-weighted RED behavior is achieved.

WRED is useful on any output interface where you expect to have congestion. However, WRED is usually used in the core routers of a network, rather than the edge. Edge routers assign IP precedences to packets as they enter the network. WRED uses these precedences to determine how it treats different types of traffic.

The Distributed WRED (DWRED) feature uses the VIP rather than the RSP to perform the queuing; therefore, it requires a Cisco 7500 series router or Cisco 7000 series router with RSP7000.

DRP Server Agent Enhancements

The DRP Server Agent enhancements are as follows:

E1 R2 Country Support and Modem Management Enhancements

R2 signaling is an international signaling standard that is common to channelized E1 networks. However, there is no single signaling standard for R2. The ITU-T Q.400-Q.490 recommendation defines R2, but a number of countries and geographic regions implement R2 in entirely different ways. Cisco Systems addresses this challenge by supporting many localized implementations of R2 signaling in its Cisco IOS software.

Cisco System's E1 R2 signaling default is ITU, which supports the following countries: Denmark, Finland, Germany, Russia (ITU variant), Hong Kong (ITU variant), and South Africa (ITU variant). The expression "ITU variant" means there are multiple R2 signaling types in the specified country, but Cisco supports the ITU variant.

Cisco Systems also supports specific local variants of E1 R2 signaling in the following regions, countries, and corporations:

  • Argentina

  • Malaysia

  • Australia

  • New Zealand

  • Brazil

  • Paraguay

  • China

  • Peru

  • Columbia

  • Philippines

  • Costa Rica

  • Saudi Arabia

  • East Europe (includes Croatia, Russia, and Slovak Republic)

  • Singapore

  • Ecuador ITU

  • South Africa (Panaftel variant)

  • Ecuador LME

  • Telmex corporation (Mexico)

  • Greece

  • Telnor corporation (Mexico)

  • Guatemala

  • Thailand

  • Hong Kong (uses the China variant)

  • Uruguay

  • Indonesia

  • Venezuela

  • Israel

  • Vietnam

  • Korea

Note Only MICA modems support R2 functionality. Microcom modems do not support R2.

Benefits include:

Encryption over Frame Relay

You can now use any type of encapsulation with IP encryption, except as follows: If you have a second-generation Versatile Interface Processor (VIP2) with a serial interface, encryption will not work for traffic on the serial interface unless you use the Point-to-Point Protocol (PPP), High-Level Data Link Control (HDLC) protocol, or Frame Relay protocol. For example, you cannot use encryption if you have X.25 or SMDS configured for the serial interface of a VIP2.

Enhanced ATM VC Configuration and Management

The Enhanced ATM VC Configuration and Management feature set includes new and enhanced capabilities that allow you to create and manage ATM PVCs and SVCs with more ease and improved integrity. This feature set includes the following five subfeatures:

Use the Enhanced ATM VC Configuration and Management feature set to simplify and expedite PVC and SVC configurations and improve the management of PVC and SVC integrity. The benefits of this feature set include:

Expanded IP Access Lists

This feature expands the extended IP access list range as follows:

Fast EtherChannel

The Fast EtherChannel feature allows multiple Fast Ethernet point-to-point links to be bundled into one logical link to provide bidirectional bandwidth of up to 800  Mbps. Fast EtherChannel can be configured between Cisco  7500 series routers and Cisco  7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000  Series Chassis Interface (RSP7000CI) or between a Cisco  7500 series router or a Cisco  7000 series router with the RSP7000 and RSP700CI and a Catalyst  5000 switch.

FDDI Frames Per Token Limit

This feature allows an interface to transmit multiple frames per token, instead of only a single frame at a time. Users can specify the maximum number of frames to be transmitted with each token capture. Throughput is significantly increased, which benefits customers with heavy or very bursty traffic.

FEIP2-DSW Second-Generation Fast Ethernet Interface Processors

The FEIP2-DSW second-generation Fast Ethernet Interface Processor is a replacement for the FEIP2-2TX and FEIP2-2FX, which are available on Cisco 7500 series routers, and on Cisco  7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000  Series Chassis Interface (RSP7000CI).

Second-Generation Fast Ethernet Interface Processors---The second-generation Fast Ethernet Interface Processors (FEIP2-2TX and FEIP2-2FX) are available on Cisco 7500 series routers, and on Cisco  7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000  Series Chassis Interface (RSP7000CI).

Frame Relay-ATM Interworking on the Cisco MC3810

The Cisco MC3810 supports the FRF.5 Frame Relay-ATM Interworking function, which enables Frame Relay voice or data traffic to be encapsulated in ATM cells. You can transport Frame Relay traffic over an ATM cloud via a virtual interface within the Cisco MC3810. Using the encapsulation process, you can migrate from Frame Relay to ATM, or you can tunnel Frame Relay traffic across an ATM backbone to a second Cisco MC3810 or other Frame Relay device, and then extract the ATM traffic back to Frame Relay. The Frame Relay traffic is encapsulated in the ATM data cells.

HSRP MAC Refresh Interval

When Hot Standby Router Protocol (HSRP) runs over FDDI, you can change the interval at which a packet is sent to refresh the MAC cache on learning bridges or switches. HSRP hello packets use the burned-in address instead of the MAC virtual address. Refresh packets keep the switch's or learning bridge's MAC cache current.

You can change the refresh interval on FDDI rings to a longer or shorter interval, thereby using bandwidth more efficiently. You can prevent the sending of any MAC refresh packets if you don't need them (if you have FDDI but do not have a learning bridge or switch).

Note This feature applies to HSRP running over FDDI only. You do not need to configure the MAC refresh interval if you have the standby use-bia command configured.

Internet Key Exchange Protocol

The Internet Key Exchange (IKE) Protocol is a key management protocol standard which is used in conjunction with the IPSec standard. IPSec is an IP security feature that provides robust authentication and encryption of IP packets.

IPSec can be configured without IKE, but IKE enhances IPSec by providing additional features, flexibility, and ease of configuration for the IPSec standard.

IKE is a hybrid protocol that implements the Oakley key exchange and Skeme key exchange inside the ISAKMP framework. (ISAKMP, Oakley, and Skeme are security protocols implemented by IKE.)

IP Directed Broadcast Changes

By default, IP directed broadcasts are no longer forwarded; they are dropped. However, you can enable IP directed broadcasts, and optionally specify an access list. Prior to Cisco IOS Release 12.0, IP directed broadcasts were forwarded by default. By dropping IP directed broadcasts, routers are less susceptible to denial-of-service attacks.

IP Host Backup Feature

The IP Host Backup feature permits a mainframe operating system to be moved from one mainframe to another without requiring a change to the router configuration at the time of the move.

Multiple mainframes can be connected to a single Channel Interface Processor (CIP) by means of an ESCON director. Often, these mainframes run using the Multiple Image Facility (MIF), which permits the physical machine to be divided into multiple logical partitions (LPARs). By defining an unused partition on another mainframe, a user can move the operating system from a failed mainframe or mainframe partition to the unused partition. By having multiple paths to each device, the move is accomplished without changing the mainframe software. This function also permits moving an IP stack between multiple operating system images.

On the CIP, each IP connection is treated as a physical device. The CIP does not support multiple paths to a single IP connection (or device). Prior to IP Host Backup, the router configuration had to be changed whenever the mainframe operating system was moved from one mainframe or LPAR to another.

Note IP Host Backup does not provide single system image or automatic failover to a waiting backup application. Host operator action on the mainframe is required in these instances.

IPSec Network Security

IPSec is a framework of open standards developed by the Internet Engineering Task Force (IETF).

IPSec provides security for transmission of sensitive information over unprotected networks such as the Internet. IPSec acts at the network layer, protecting and authenticating IP packets between participating IPSec devices ("peers") such as Cisco routers.

IPSec provides the following network security services:

With IPSec, data can be transmitted across a public network without fear of observation, modification, or spoofing. This enables applications such as virtual private networks (VPNs), extranets, and remote user access.

IPSec services are similar to those provided by Cisco Encryption Technology, a proprietary security solution introduced in Cisco IOS Software Release 11.2; however, IPSec provides a more robust security solution, and is standards-based.

IPX Infrastructure Enhancements

IPX infrastructure enhancements include a new trace route capability for IPX to troubleshoot typical network connectivity problems. IPX infrastructure enhancements also include improvements to the following two features:

IPX infrastructure enhancements offer the following benefits:

The following restrictions apply to the IPX infrastructures enhancements:

MAC Address and Precedence Accounting

The MAC address accounting feature provides accounting information for IP traffic based on the source and destination MAC address on LAN interfaces. For example, with this feature you can determine how much traffic is destined for various peers at the network access points. This feature is currently supported on Ethernet and FDDI interfaces. The precedence accounting feature provides accounting information for IP traffic based on the precedence on any interface. This feature calculates the total packet and byte counts for an interface that receives or sends IP packets and sorts the results based on IP precedence. This feature is supported on all interfaces and subinterfaces and supports CEF, dCEF, flow, and optimum switching.

Modem Pooling for the Cisco AS5200

Cisco IOS Release 12.0 provides the modem pooling feature to the Cisco AS5200 access server. Modem pooling allows service providers to define, select, and use separate pools of modems within a single access server or router to provide different dial-in services. Modem allocation is based on the dialed number identification service (DNIS) and a predetermined number of modem ports based on DNIS.

There are a number of applications for using the call set up information, including DNIS/ANI, processing incoming call requests with CallerID, and selecting services to setup "automatically" for specified calls. These uses generally fall into two categories, those requiring allocation of a specific number of modems for a specific service, and those requiring allocation of specific physical modems.

Some wholesale service providers need to allocate a minimum (guaranteed) number of ports per customer and provide some level of extra (overflow) ports. Some service providers use different dial-in numbers for different wholesale customer service offerings. This is one way of differentiating between services or customers for port allocation.

MPPC---MS PPP Compression

Microsoft Point-to-Point Compression (MPPC) is a scheme used to compress Point-to-Point Protocol (PPP) packets between Cisco and Microsoft client devices. The MPPC algorithm is designed to optimize bandwidth utilization in order to support multiple simultaneous connections.

The MPPC algorithm uses a Lempel-Ziv (LZ) based algorithm with a continuous history buffer, called a dictionary.

MS Callback

The MS Callback feature provides client-server callback services for Microsoft Windows 95 and Microsoft Windows NT clients. MS Callback supports the Microsoft Callback Control Protocol (MSCB). MSCB is Microsoft's proprietary protocol that is used by Windows 95 and Windows NT clients. MS Callback supports negotiated PPP Link Control Protocol (LCP) extensions initiated and agreed upon by the Microsoft client. MS Callback is added to existing PPP Callback functionality. Therefore, if you configure your Cisco access server to perform PPP Callback using Cisco IOS Release 12.0(1) or later, MS Callback is automatically available.

Multicast Distributed Switching

Prior to multicast distributed switching (MDS), IP multicast traffic was always switched at the Route Processor (RP) in the Route Switch Processor (RSP)-based platforms. With this release, IP multicast traffic can be distributed switched on RSP-based platforms with VIPs. Furthermore, MDS is the only multicast switching method on the Cisco 12000 Gigabit Switch Router (GSR).

Switching multicast traffic at the RP had disadvantages:

In the case of RSP, packets received on non-VIP IPs are switched by the RP. MDS can work in conjunction with Cisco Express Forwarding (CEF), unicast distributed fast switching (DFS), or flow switching. The multicast switching load is kept off the RP, improving the performance of the router.

Multihop Virtual Private Dialup Network (VPDN)

Multihop Virtual Private Dialup Network (VPDN) allows packets of the same file that are received by two different Home Gateways from a remote client to be recombined successfully in the first Home Gateway contacted.

Multihop VPDN solves the problem of packets generated from the same file being unable to traverse two VPDNs in route to the first router contacted. Typically, packets from the same file can be received by two different Home Gateways when the file is big enough that it requires multiple calls to be made to send the entire file.

Multilayer Switching

Multilayer Switching (MLS) provides high-performance Layer 3 switching for the Catalyst 5000 series LAN switches. MLS switches IP data packets between subnets using advanced application specific integrated circuit (ASIC) switching hardware. Standard routing protocols, such as Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Routing Information Protocol (RIP), and Intermediate System-to-Intermediate System (IS-IS), are used for route determination.

The Route Switch Module (RSM) performs route processing and central configuration and control for the Catalyst 5000 series switch. Routing services can also be provided by an externally attached router.

MLS also provides traffic statistics as part of its switching function. These statistics are used for identifying traffic characteristics for administration, planning, and troubleshooting. MLS uses NetFlow Data Export (NDE) to export the flow statistics.

Multiple ISDN Switch Types

The Multiple ISDN Switch Types feature allows you to configure more than one ISDN switch type per router. You can apply an ISDN switch type on a per interface basis, thus extending the existing global ISDN switch-type command to the interface level. This allows Basic Rate Interfaces (BRI) and Primary Rate Interfaces (PRI) to run simultaneously on platforms that support both interface types.

Multiprotocol over ATM

MPOA enables the fast routing of internetwork-layer packets across a nonbroadcast multi-access (NBMA) network. MPOA replaces multi-hop routing with point-to-point routing using a direct virtual channel connection (VCC) between ingress and egress edge devices or hosts. An ingress edge device or host is defined as the point at which an inbound flow enters the MPOA system; an egress edge device or host is defined as the point at which an outbound flow exits the MPOA system.

The following components are required for an MPOA network:

An MPC identifies packets sent to an MPS, establishes a shortcut VCC to the egress MPC, and then routes these packets directly over the shortcut VCC. An MPC can be a router or a Catalyst 5000 series ATM module. An MPS can be a router or a Catalyst 5000 series Route Switch Module/Versatile Interface Processor 2 (RSM/VIP2) with an ATM interface.

Note Since the RSM/VIP2 can also be used as a router, all references to router in this document refer to both a router and the RSM/VIP2 with an ATM interface.

MPOA provides the following benefits:

For MPOA to work properly, a LANE client must have an ELAN ID for all ELANs represented by the LANE client.

Named Method Lists for AAA Authentication and Accounting

In earlier Cisco IOS releases, only named authentication method lists were supported under Cisco's Authentication, Authorization, and Accounting (AAA) network security services. With Cisco IOS Release 11.3(3)T, AAA was extended to support both authorization and accounting named method lists. Named method lists for authorization and accounting function the same way as those for authentication.

Named method lists for AAA authorization and accounting allow you to define different methods for authorization and accounting and apply those methods on a per-interface or per-line basis.

National ISDN Switch Type

National ISDN Switch Types for Basic Rate and Primary Rate Interfaces introduces changes to ISDN switch types for Primary Rate Interfaces (PRI) and Basic Rate Interfaces (BRI) as follows:

Note The command parser will still accept the following switch types: basic-nwnet3, vn2, and basic-net3; however, when viewing the NVRAM configuration using either the show running configuration or write terminal command, the basic-net3 or vn3 switch types are displayed respectively.

National ISDN Switch Types for Basic Rate and Primary Rate Interfaces provides the following benefits:

NetFlow Switching Enhancements

The new ip flow-cache active-timeout configuration command lets you specify the timeout period for the NetFlow cache.

New and Changed Show Commands for the Cisco 2600 Series Routers

This release introduces new and changed show commands for the Cisco 2600 series routers.

The Cisco 2600 series routers is a new family of cost-effective, modular access routers designed to enable customers to easily adopt future technologies and scale to accommodate network expansion, thereby protecting technology investments. The Cisco 2600 series is a key component of Cisco's data/voice/video integration strategy, enabling corporate customers to consolidate data, voice, and video traffic to reduce costs, deploy new business applications, and improve network performance.

NFAS with D-channel Backup

The DMS100 and NI2 switch types have been added to the existing Non-Facility Associated Signaling (NFAS) with D Channel Backup feature. ISDN NFAS allows a single D channel to control multiple PRI interfaces. A backup D channel can be configured for use when the primary NFAS D channel fails. Once the channelized T1controllers are configured for ISDN PRI, only the NFAS primary D channel must be configured; its configuration is distributed to all the members of the associated NFAS group.

NHRP Enhancements

There are two enhancements to Next Hop Resolution Protocol (NHRP) when it is running with BGP over ATM media:

A third enhancement can be applied to NHRP on any platform:

Cisco's implementation of NHRP now supports IETF's draft version 11 of "NBMA Next Hop Resolution Protocol (NHRP)."

NPE-200 Network Processing Engine

This release of the Cisco IOS software introduces the NPE-200 for Cisco  7200 series routers. The network processing engine maintains and executes the system management functions for Cisco 7200 series routers. The network processing engine also shares the system memory and environmental monitoring function with the I/O controller. The NPE-200 has an R5000 microprocessor that operates at an internal clock speed of 200 MHz, 4 MB of SRAM, and erasable programmable read-only memory (EPROM) for storing sufficient code for booting the Cisco IOS software.

OSPF LSA Group Pacing

The OSPF LSA group pacing feature allows the router to group together OSPF link state advertisements (LSAs) and pace the refreshing, checksumming, and aging functions. The group pacing results in more efficient use of the router.

Prior to the LSA group pacing feature, the Cisco IOS software would perform refreshing on a single timer, and checksumming and aging on another timer. In the case of refreshing, for example, the software would scan the whole database every 30 minutes, refreshing every LSA the router generated, no matter how old it was.

This problem is now solved by each LSA having its own timer. Again using the example of refreshing, each LSA gets refreshed when it is 30 minutes old, independent of other LSAs. So CPU is used only when necessary. However, LSAs being refreshed at frequent, random intervals would require many packets for the few refreshed LSAs the router must send out. That would be inefficient use of bandwidth. Therefore, the router delays the LSA refresh function for an interval of time instead of performing it when the individual timers are reached. The accumulated LSAs constitute a group, which is then refreshed and sent out in one packet or more. Thus, the refresh packets are paced, as are the checksumming and aging. The pacing interval is configurable; it defaults to 4 minutes, which is randomized to further avoid synchronization.

The router groups together OSPF LSAs and paces the refreshing, checksumming, and aging functions so that sudden hits on CPU usage and network resources are avoided. This feature is most beneficial to large OSPF networks.

OSPF Point to Multipoint

OSPF has two new features related to point-to-multipoint networks. One feature applies to broadcast networks; the other feature applies to nonbroadcast networks.

Before this feature, some OSPF point-to-multipoint protocol traffic was treated as multicast traffic. Therefore, the neighbor command was not needed for point-to-multipoint interfaces because multicast took care of the traffic. Hellos, updates and acknowledgments were sent using multicast. In particular, multicast hellos discovered all neighbors dynamically. However, some customers were using point-to-multipoint on nonbroadcast media (such as classic IP over ATM), so their routers could not dynamically discover their neighbors. This feature allows the neighbor command to be used on point-to-multipoint interfaces.

On any point-to-multipoint interface (broadcast or not), the Cisco IOS software assumed the cost to each neighbor was equal. The cost was configured with the ip ospf cost command. In reality, the bandwidth to each neighbor is different, so the cost should be different. With this feature, you can configure a separate cost to each neighbor. This feature applies to point-to-multipoint interfaces only.

-This feature allows you to configure neighbors on point-to-multipoint interfaces and assign a cost to each neighbor. These capabilities allow the router to dynamically discover neighbors over nonbroadcast media and to prefer some routes over others by assigning different costs to neighbors.


This release provides baseline platform support for a new processor, the MPC860 PowerQUICC. It is used by the Cisco MC3810 and Cisco 2600 routers.

Protocol-Independent Multicast (PIM) Version 2

Protocol-Independent Multicast (PIM) Version 2 includes the following improvements over PIM Version 1:

POS Command Enhancement

The new interface command pos scramble-atm enables SONET payload scrambling on a POS interface. SONET payload scrambling applies a self-synchronous scrambler (x^43+1) to the Synchronous Payload Envelope (SPE) of the interface to ensure sufficient bit transition density.

Quality of Service Policy Propagation via Border Gateway Protocol

The Quality of Service (QoS) policy propagation via Border Gateway Protocol (BGP) feature allows you to classify packets based on access lists, BGP community lists, and BGP autonomous system (AS) paths. The supported classification policies include Internet Protocol (IP) precedence setting and the ability to tag the packet with a QoS class identifier internal to the router (available in a future maintenance release of the software). After a packet has been classified, you can use other QoS features such as Committed Access Rate (CAR) and Weighted Random Early Detection (WRED) to specify and enforce business policies to fit your business model.

The QoS policy propagation via BGP feature has the following enhancements:

BGP policy propagation provides the following benefits:

R1 Modified Signaling for the Cisco AS5200 and AS5300 Access Servers

Enabling R1 modified signaling allows a Cisco AS5200 or Cisco AS5300 universal access server to talk to central office trunks that also use R1 modified signaling. R1 signaling is an international signaling standard that is common to channelized T1/E1 networks; however, Cisco only has made this feature available in Taiwan. You can configure a channelized T1/E1 interface to support different types of R1 modified signaling, which is used in older analog telephone networks.

This type of signaling is not the same as ITU R1 signaling; it is R1 signaling modified for Taiwan specifically.

Note In the future, R1 Modified Signaling will be supported by the Cisco AS5800 access server, and will be available in Turkey as well as Taiwan.

Cisco now supports native R1 signaling on both E1 and T1 interfaces. This version of software supports R1 signaling customized for Taiwan only. This feature allows enterprises and service providers to fully interoperate with the installed Taiwanese telecommunications standards, providing interoperability in addition to the vast array of Cisco's IOS troubleshooting and diagnostic capability. This will provide customers with a seamless, single-box, solution for their Taiwan signaling requirements.

RIF Pass-through in DLSw+

By default, DLSw+ terminates the RIF for Token Ring, terminates the LLC for all media types and forwards data only across a WAN with DLSw+ and TCP/IP headers. The RIF is a field in source-route bridged frames that indicates the SRB path the frame should take when traversing a Token Ring network. In the case of an explorer packet, the RIF is a field of the source-route bridged frame that indicates the SRB path that the SRB explorer has traversed so far. The RIF is limited to seven hop counts by the IBM standards. Because DLSw+ terminates the RIF at the virtual ring, the network's scalability increases because the hop count of the packet starts over, and the packet can traverse seven additional hops. Also, RIF termination simplifies network design because ring numbers no longer have to be unique throughout an entire enterprise.

RJ-45 Interface Support

Cisco 7200 series routers support a new I/O-controller with an RJ-45 interface. The optional Fast Ethernet port is configurable for use at 100 Mbps full-duplex or half-duplex operation (half duplex is the default). The Fast Ethernet port is equipped with either a single MII receptacle or an MII receptacle and an RJ-45 receptacle.

To support this new feature, the media-type interface command has been modified. The media-type interface command now supports two options:

When using the I/O controller that is equipped with an MII receptacle and an RJ-45 receptacle, only one receptacle can be configured for use at a time.

SNMP Inform Request

The SNMP Inform Requests feature allows routers to send inform requests to SNMP managers.

Routers can send notifications to SNMP managers when particular events occur. For example, an agent router might send a message to a manager when the agent router experiences an error condition.

SNMP notifications can be sent as traps or inform requests. Traps are unreliable because the receiver does not send any acknowledgment when it receives a trap. However, an SNMP manager that receives an inform request acknowledges the message with an SNMP response PDU. If the manager does not receive an inform request, it does not send a response. If the sender never receives a response, the inform request can be sent again. Thus, informs are more likely to reach their intended destination.

Because they are more reliable, informs consume more resources in the router and in the network. Unlike a trap, which is discarded as soon as it is sent, an inform request must be held in memory until a response is received or the request times out. Also, traps are sent only once, while an inform may be retried several times. The retries increase traffic and contribute to a higher overhead on the network. Thus, traps and inform requests provide a trade-off between reliability and resources.

SNMP Manager Feature

The SNMP Manager feature allows a router to serve as an SNMP manager. As an SNMP manager, the router can send SNMP requests to agents and receive SNMP responses and notifications from agents. When the SNMP manager process is enabled, the router can query other SNMP agents and process incoming SNMP traps.

Security Considerations

Most network security policies assume that routers will be accepting SNMP requests, sending SNMP responses, and sending SNMP notifications. With the SNMP manager functionality enabled, the router may also be sending SNMP requests, receiving SNMP responses, and receiving SNMP notifications. Your security policy implementation may need to be updated prior to enabling this feature.

SNMP requests are typically sent to UDP port 161. SNMP responses are typically sent from UDP port 161. SNMP notifications are typically sent to UDP port 162.

SNMP Sessions

Sessions are created when the SNMP manager in the router sends SNMP requests, such as inform requests, to a host or receives SNMP notifications from a host. One session is created for each destination host. If there is no further communication between the router and host within the session timeout period, the session will be deleted.

The router tracks statistics, such as the average round-trip time required to reach the host, for each session. Using the statistics for a session, the SNMP manager in the router can set reasonable timeout periods for future requests, such as informs, for that host. If the session is deleted, all statistics are lost. If another session with the same host is later created, the request timeout value for replies will return to the default value.

Sessions consume memory. A reasonable session timeout value should be large enough that regularly used sessions are not prematurely deleted, yet small enough such that irregularly used, or one-shot sessions, are purged expeditiously.

Standard IP Access List Logging

The Cisco IOS software can now provide logging messages about packets permitted or denied by a standard IP access list. That is, any packet that matches the access list will cause an informational logging message about the packet to be sent to the console. The level of messages logged to the console is controlled by the logging console command. This capability was previously only available in extended IP access lists.

The first packet that triggers the access list causes a logging message right away, and subsequent packets are collected over 5-minute intervals before they are displayed or logged. The logging message includes the access list number, whether the packet was permitted or denied, the source IP address of the packet, and the number of packets from that source permitted or denied in the prior 5-minute interval.

You can monitor how many packets are being permitted or denied by a particular access list, including the source address of each packet.

System Controller FTP Server

The FTP Server feature configures a router to act as an FTP server. FTP clients can copy files to and from certain directories on the router. In addition, the router can perform many other standard FTP server functions.

When the router receives a request for an FTP connection, the FTP server process is started. The FTP server prompts for a username and password. After you supply a valid username and password, you can enter various commands.

The FTP server allows you to retrieve files, such as syslog files, from the disk file system on the router. Not all FTP commands are supported by this FTP server implementation.

System Controller Health Monitor

The Health Monitor feature monitors key performance attributes of the shelves managed by the system controller. The Health Monitor feature continually polls its managed shelves to obtain the information stored in the Health Monitor MIB. Management stations collect information for all the shelves from the system controller rather than by polling each shelf individually.

In addition, you can configure specific performance thresholds for all managed shelves through simple commands on the system controller. The system controller uses SNMP to automatically configure the following on each managed shelf:

When threshold traps are received by the system controller, they are converted to Health Monitor traps and sent to trap destinations configured in the system controller.

The Health Monitor feature provides the following benefits:

System Controller Performance Data Collection

The Performance Data Collection feature allows a system controller to collect and store SNMP MIB data from its managed router and dial shelves. The system controller then serves as a central point for network management data collection.

The system controller collects the raw data from the managed shelves periodically, saves the data, and provides a single access point for a central network management application. The data can then be uploaded to a network management station using FTP or TFTP.

Performance data is stored on a disk local to the system controller. A new file is created each time the system controller collects data from a shelf.

The Performance Data Collection feature provides the following benefits:

System Controller Shelf Discovery and Autoconfiguration

The Shelf Discovery and Autoconfiguration feature allows a system controller to automatically discover new shelves and properly configure them to interact with the system controller. The system controller communicates with its managed shelves through the Shelf Discovery Protocol (SDP), which runs on top of UDP.

The Shelf Discovery and Autoconfiguration feature provides the following benefits:

System Controller Syslog Server

The Syslog Disk Logging feature allows you to collect, store, and retrieve all managed shelf syslog messages through the system controller. The system controller receives syslog messages from managed shelves and stores these messages in subfiles on its disk.

In addition, this feature provides an enhanced method of viewing messages in the logging history table. Messages can be displayed based on host IP address, time received, and order received.

The Syslog Disk Logging feature provides the following benefits:

System Controller Virtual Console

The Virtual Console feature allows you to access dial and router shelves connected to a system controller. During a system controller session, you can connect to a router or dial shelf at the same privilege level as the current system controller session.

By entering one command, you can Telnet directly to a shelf, provide a username and password, and then go to the same privilege level as the system controller.

The Virtual Console feature allows you to connect to all managed shelves through one session and switch between sessions easily. You do not have to reenable privileged EXEC mode every time you switch to another shelf session. This feature is useful when you need to do quick tasks on different managed shelves.

Tag Switching

Tag Switching combines the performance and capabilities of Layer 2 (data link layer) switching with the proven scalability of Layer 3 (network layer) routing. It enables service providers to meet challenges brought about by explosive growth, and provides the opportunity for differentiated services without sacrificing existing infrastructure. The Tag Switching architecture is flexible, allowing data to be transferred over any combination of Layer 2 technologies. Support is offered for all Layer 3 protocols, and scaling is possible beyond anything offered in today's networks.

Tag Switching can efficiently enable the delivery of IP services over an ATM switched network. It supports the creation of different routes between a source and a destination on a purely router-based Internet backbone. Service providers who use Tag Switching can save money and increase revenue and productivity.

Token Ring ISL Feature

The Token Ring Inter-Switch Link (TRISL) feature is a Cisco protocol for interconnecting multiple routers and switches and maintaining VLAN information as traffic goes between routers and switches. The TRISL feature provides a method to transport native Token Ring frames from multiple VLANs across a 100 MB Fast Ethernet link.

Cisco 7500 series, or Cisco 7200 series routers installed with any one of the following port adapters support the transmission of Token Ring frames from multiple VLANs across a 100 Mbps Fast Ethernet link:

The 2-port Fast Ethernet/ISL port adapters support frame sizes up to 17800 bytes, and the 1-port Fast Ethernet port adapters support a frame size of 1500 bytes.

TRISL provides a bridging technology between switches and routers that will transport traffic from both types of LANs.

The TRISL feature provides the following new functions for routers and switches:

TRISL uses a Fast Ethernet interface to provide connectivity between routers and switches or between switches and extends the VLAN capabilities of a switch by tagging the standard Token Ring frame with the necessary VLAN information.

For detailed information on how Token Ring switching is implemented on switches, refer to the Catalyst Token Ring Switching Implementation Guide.

Video Support on the Cisco MC3810

The Cisco MC3810 supports video traffic within a data stream in two ways:

Note Only V.35 cable is supported for video traffic over serial port 0 or 1.

VIP Enhancements

New privileged EXEC commands provide more information about the Versatile Interface Processor (VIP). The command show controllers logging displays logging information about a VIP. The command show controllers tech-support displays general information about a VIP when reporting a problem. The command show controllers align shows NULL pointer dereferences and misaligned accesses for a VIP.

Voice over ATM on the Cisco MC3810

Voice over ATM enables a Cisco MC3810 to carry live voice traffic (for example, telephone calls and faxes) over an ATM network. The Cisco MC3810 supports compressed Voice over ATM on virtual interface ATM 0 only. Voice over ATM uses AAL5 encapsulation, which is designed to accommodate bursty traffic.

Note The Cisco MC3810 does not support ATM SVCs.

Note When using ATM on the Cisco MC3810, the channel group, TDM group, and Channel Associated Signaling (CAS) functionality is not available on the Multiflex Trunk (MFT) because ATM uses all T1/E1 time slots.

Voice over Frame Relay on the Cisco MC3810

Voice over Frame Relay enables a Cisco MC3810 concentrator to carry live voice traffic (for example, telephone calls and faxes) over a Frame Relay network. Voice over Frame Relay on the Cisco MC3810 is supported on serial ports 0 or 1, and on the T1/E1 trunk.

Note The Cisco MC3810 does not support Frame Relay SVCs.

Voice over HDLC on the Cisco MC3810

Voice over HDLC enables a Cisco MC3810 concentrator to carry live voice traffic (for example, telephone calls and faxes) back-to-back to a second Cisco MC3810. Voice over HDLC on the Cisco MC3810 is supported on serial ports 0 or 1, and the T1/E1 trunk.

Voice over IP

Voice over IP enables a Cisco router to carry live voice traffic (for example, telephone calls and faxes) over an IP network.

VPDN MIB Feature

The Virtual Private Dialup Network (VPDN) Management Information Base (MIB) feature is intended to support all the tables and objects defined in the Cisco VPDN Management MIB for VPDN user sessions. VPDN system-wide information is available. This includes active VPDN tunnels, active user sessions in active VPDN tunnels, and failure history information, per username.

The VPDN MIB feature provides generic logging output for VPDN information, such as Layer 2 Forwarding Protocol (L2F). The syslog messages are generated to inform authentication or authorization errors, resource issues, and time-out events.

The VPDN MIB feature offers a mechanism to track failures of user calls in a VPDN system allowing SNMP retrieval of user call failure information, on a per user basis. The VPDN Syslog Facility feature offers real-time access to VPDN fault information.

Web Cache Control Protocol

The Web Cache Control Protocol feature transparently redirects HTTP requests from the intended server to a Cisco Cache Engine. When the Cisco Cache Engine receives the request, it attempts to service the request from its own cache. If the requested information is not present, the Cisco Cache Engine then makes a request to the web server to get the required information. After receiving the required information from the web server, the Cisco Cache Engine passes the information back to the client and possibly caches it to fill future requests.

xDSL Bridging

The x Digital Subscriber Line bridge support feature enables you to configure a router for intelligent bridge flooding for x digital subscriber line and other bridge applications.

New Hardware Features in Release 12.0(1)

The following new features are supported in Cisco IOS Release 12.0.

1-Port ATM-25 Network Module for the Cisco 3600 Series

The 1-port asynchronous transfer mode (ATM-25) network module provides full 25.6-Mbps connectivity to an external asynchronous digital subscriber line (ADSL) modem or ATM switch for Cisco Series 3600 routers. This network module provides ATM traffic shaping for use with ADSL uplink speeds and protocol support for both permanent virtual circuit (PVC) and switched virtual circuits (SVC) environments. This network module provides full support for multiprotocol encapsulation over ATM Adaptive Layer 5 (RFC 1483), classic IP over ATM encapsulation (RFC 1577), and ATM User Network interface signaling.

1-Port HSSI Network Module

The Cisco 3600 series 1-port high-speed serial interface (HSSI) network module provides full-duplex connectivity at Synchronous Optical Network (SONET) OC-1/STS-1 (51.840 Mhz), T3 (44.736 MHz), and E3 (34.368 MHz) rates in conformance with the EIA/TIA-612 and EIA/TIA-613 specifications. The actual rate of the interface depends on the external data service unit (DSU) and the type of service to which it is connected. This 1-port HSSI network module can reach speeds of up to 52 Mbps in unidirectional traffic with 1,548-byte packets and 4,250 packets per second.

The 1-port HSSI network module provides the following benefits:

Channel Port Adapter

The Channel Port Adapter (CPA) expands the value of Cisco's Channel Interface Processor (CIP) solution. The CIP continues to be the industry's premier high-performance mainframe channel connect solution. The CPA extends the CIP architecture to customers requiring mid-range mainframe channel connectivity.

Note The Cisco Mainframe Channel Connection (CMCC) product family includes the CIP on the Cisco 7500 series routers and the CPA on the Cisco 7200 series routers.

The CPA is a standard single-width port adapter supporting ESCON or parallel (also known as bus and tag) channel interfaces to IBM and IBM-compatible mainframes.

The CPA comes with a default of 16 MB of RAM. Customers may upgrade to 32 MB of RAM before the CPA is shipped from Cisco or as a field upgrade after the CPA has been installed.

The only difference between channel software applications (IP Datagram, Cisco SNA, TCP/IP Offload, TN3270 Server, and CMPC) running on the CIP and the CPA is performance. The CIP will typically have higher performance and capacity than the CPA because the CIP has more memory (128 MB of RAM compared to 32 MB for the CPA) and a faster internal bus.

Each CPA provides a single channel interface for Cisco 7200 series routers. In some situations, this eliminates the need for a separate front-end processor. The ESCON CPA contains a single ESCON I/O connector.

Note The Cisco 7200 series router supports online insertion and removal (OIR), which allows you to install or remove port adapters while the system is operating.

The key benefits of the Cisco CPA in a Cisco 7200 series router are as follows:

The CPA is a high-speed port adapter. (A Fast Ethernet port adapter is an example of another type of high-speed port adapter.) A single Cisco 7200 series router can support up to three high-speed port adapters.

Cisco 12000 Series Gigabit Switch Routers

The Cisco 12000 series Gigabit Switch Routers (GSR) are a new product class that perform Internet routing and switching at gigabit speeds. The Cisco 12012 and Cisco 12008 meet the demand for Internet bandwidth and bring scalability and high-performance services to IP-based networks. Designed to meet current and future Internet traffic requirements, the Cisco 12000 series initially supports IP backbone links at OC-3/STM-1 (155 Mbps) and OC-12/STM-4 (622 Mbps)---facilities up to four times faster than those used today.

The Cisco 12000 series is built around a high-speed switching fabric that provides nonblocking bandwidth to support high-performance IP-based LANs and WANs. The switching fabric is scalable from 15 to 60 Gbps on the Cisco 12012 and from 10 to 40 Gbps on the Cisco 12008. Both the Cisco 120012 and Cisco 12008 support IP over SONET/SDH and ATM interfaces.

The Cisco 12012 has 12 user-configurable slots, and the Cisco 12008 has 8 user-configurable slots. These slots contain line cards and Gigabit Route Processor (GRP). Network interfaces reside on line cards that provide connection between the router's switch fabric and the external networks.

Cisco 7200

The Cisco 7202 is part of the Cisco 7200 series routers, which consists of the 2-slot Cisco 7202, 4-slot Cisco 7204, and the 6-slot Cisco 7206. The Cisco 7202 supports multiprotocol, multimedia routing and bridging with a wide variety of protocols and any combination of Ethernet, Fast Ethernet, Token Ring, Fiber Distributed Data Interface (FDDI), Asynchronous Transfer Mode (ATM), Integrated Services Digital Network (ISDN), and serial media.

Network interfaces reside on port adapters that provide the connection between the router's Peripheral Component Interconnect (PCI) buses and external networks. The Cisco 7202 has two slots (slot 1 and slot 2) for the port adapters, one slot for an Input/Output (I/O) controller, and one slot for a network processing engine. You can place the port adapters in either of the two available slots.

Note The Cisco 7202 does not support a mixture of AC- and DC-input power.

The Cisco 7202 provides the following features:

Cisco uBR7246 Universal Broadband Router Features

Cisco uBR7246 universal broadband features enable the Cisco uBR7246 universal broadband router to communicate with a hybrid fiber coax (HFC) cable network via a Cisco MC11 cable modem card. Cisco MC11 cable modem cards allow you to connect cable modems on the HFC network to a Cisco uBR7246 in a Community Antenna Television (CATV) headend facility. The modem card provides the interface between the Cisco uBR7246 protocol control information (PCI) bus and the radio frequency (RF) signal on the HFC network.

The MC11 cable modem cards consist of the following components:

E1-G.703/G.704 Serial Port Adapter

The E1-G.703/G.704 serial port adapters (PA-4E1G-120 and PA-4E1G-75) are available on Cisco 7500 series routers, Cisco 7200 series routers, and on Cisco 7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000  Series Chassis Interface (RSP7000CI).

JT2 6.3-MHz Serial Port Adapter

The JT2 6.3-MHz serial port adapter (PA-2JT2) is available on Cisco 7500 series routers, and on Cisco 7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000 Series Chassis Interface (RSP7000CI).

PA-12E/2FE Ethernet Switch 10BaseT and 100BaseTX Port Adapters

The PA-12E/2FE Ethernet switch 10BaseT and 100BaseTX port adapters are available on Cisco 7200 series routers. The PA-12E/2FE port adapter provides up to twelve 10-Mbps and two 10/100-Mbps switched Ethernet (10BaseT) and Fast Ethernet (100BaseTX) interfaces for an aggregate bandwidth of 435 Mbps, full-duplex.

PA-4R-D TR Port Adapter

The Dedicated Token Ring port adapter (PA-4R-DTR) is available on Cisco 7500 series routers, Cisco 7200 series routers, and Cisco 7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000 Series Chassis Interface (RSP7000CI).

The PA-4R-DTR provides up to four IBM Token Ring or IEEE 802.5 Token Ring interfaces. Each Token Ring interface can be set for 4 Mbps or 16 Mbps half-duplex or full-duplex operation and can operate as a standard Token Ring station o as a concentrator port. The default for all interfaces is Token Ring station mode with half-duplex 16-Mbps operation. The PA-4R-DTR connects over Type 1 lobe or Type 3 lobe cables, with each interface providing an RJ-45 receptacle.

PA-A2 ATM-CES Port Adapter and Enhancement

The PA-A2 ATM-CES port adapters (PA-A2-4T1C-OC3SM, PA-A2-4T1C-T3ATM, PA-A2-4E1XC-OC3SM, PA-A2-4E1XC-E3ATM, PA-A2-4E1YC-OC3SM, and PA-A2-4E1YC-E3ATM) are available on Cisco 7200 series routers.

The ATM-CES port adapters now support the following new features:

In addition, all traffic shaping features available with the atm pvc interface command (peak average burst) are supported, and you can now configure the number of transmit channels for the interface with the atm  tx-channels interface configuration command.

PA-A3-T3, PA-A3-E3, PA-A3-OC3MM, PA-A3-OC3SMI, PA-A3-OC3SMI Port Adapters

The enhanced ATM port adapter is a new generation of single-wide, single-port ATM port adapters available on Cisco 7200 series routers, Cisco 7500 series routers, and Cisco 7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000 Series Chassis Interface (RSP7000CI).

The PA-A3 port adapters include five hardware versions that support the following standards-based physical interfaces:

The PA-A3 port adapters support all Cisco IOS features and ATM-specific features available in Release 11.1(18)CC except for the available bit rate (ABR) permanent virtual circuit (PVC) and LAN emulation (LANE) features. ABR and LANE will be supported in a future maintenance release of Cisco IOS Release 11.1 CC.

The enhanced ATM port adapter supports the following features:

For more information on the PA-A3 port adapters, refer to the PA-A3 Enhanced ATM Port Adapter Installation and Configuration publication that accompanies the hardware.

PA-CT3/4T1 Channelized T3 Dual-Wide Port Adapter

The channelized T3 dual-wide port adapter (PA-CT3/4T1) is now available on Cisco 7200 series routers.

PA-E3 and PA-2E3 Serial Port Adapters

The PA-E3 and PA-2E3 serial port adapters are available on Cisco 7200 series routers, on Cisco  7500 series routers, and on Cisco 7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000  Series Chassis Interface (RSP7000CI). For information on interoperability guidelines for E3 serial port adapter DSUs, refer to the E3 Serial Port Adapter Installation and Configuration publication that ships with the product.

PA-H and PA-2H Revision B High-Speed Serial Interface Port Adapters

The PA-H Rev. B HSSI port adapter is available on Cisco  7200 series routers, on Cisco  7500 series routers, and on Cisco 7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000 Series Chassis Interface (RSP7000CI). Although the PA-H was introduced in Cisco Release 11.1(6)CA, the minimum Cisco IOS Release required by the PA-H is Release 11.1(12)CA or later, or 11.2(7)P or later. For more information on the PA-H and PA-2H port adapters, refer to the Field Notice: HSSI Port Adapters publication.

PA-T3 and PA-2T3 Serial Port Adapter

The PA-T3 and PA-2T3 serial port adapters are available on Cisco 7200 series routers, on Cisco  7500 series routers, and on Cisco 7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000  Series Chassis Interface (RSP7000CI). For information on interoperability guidelines for T3 serial port adapter DSUs, refer to the T3 Serial Port Adapter Installation and Configuration publication that ships with the product.

Switched 56K Digital Dial-in Over Channelized T1 and Robbed Bit Signaling

Internet service providers can provide switched 56-kbps access to their customers using a Cisco AS5300 or Cisco AS5200.

Switched 56K digital dial-in enables many services for ISPs. When using traditional ISDN PRI, the access server uses the bearer capability to determine the type of service. However when providing switched 56K over a CT1 RBS connection, the DS0s in the access server can be configured to provide either modem or 56-kbps data service. The dial-in user can access a 56-kbps data connection using either an ISDN BRI connection or a 2- or 4-wire switched 56-kbps connection. The telco to which the access server connects must configure its switches to route 56-kbps data calls and voice (modem) calls to the appropriate DS0.

Likewise, an enterprise can provide switched 56-kbps digital dial-in services to its full time telecommuters or small remote offices using ISDN PRI or a CT1 RBS connection.

Additional benefits:

T1 CAS Support for the Cisco 3640 Digital Modem Network Module

The Digital Modem Network Module for the Cisco 3640 router is a high-density digital network module containing 6, 12, 18, 24, or 30 digital (MICA) modems. These modems, along with the T1 (or E1) port module, provide a direct digital connection to an Integrated Services Digital Network (ISDN) Primary Rate Interface (PRI) channel. The T1 CAS feature enables these network modules to support voice call transmission using channelized T1 lines (CT1) with channel associated signaling (CAS).

CAS is a form of signaling used on a T1 line. With CAS, a signaling element is dedicated to each channel in the T1 frame.

This type of signaling is sometimes called Robbed Bit Signaling (RBS) because a bit is taken out (or robbed) from the user's data stream to provide signaling information to and from the switch. The T1 CAS feature enables the modems on the Digital Network Modem Module to receive and transmit incoming and outgoing call signaling (such as on-hook and off-hook) through each T1 controller that is configured for a channelized T1 line.

Depending on the modem license you purchase with your Cisco 3640, the modems on the Digital Modem Network Module are either manageable or not manageable by Cisco IOS software commands. If the license you purchase includes this modem management capability, you can use the modem management commands to gather call and performance statistics at any time, even if there is an active call on the modem.

The Digital Modem Network Module for the Cisco 3640 provides the following benefits:

T1 CSU WIC for the Cisco 3600 and Cisco 1600 Series

The Cisco T1 data service unit/channel service unit (DSU/CSU) WAN interface card is an integrated, managed, T1 or fractional T1 WAN interface card. It provides nonchannelized data rates of 1 to 24 X 64 kbps or 1 to 24 X 56-kbps and follows ANSI T1.403 and AT&T Publication 62411 standards.

The Cisco DSU/CSU WAN T1 interface management features include the following:


The VIP2-50 is available on Cisco 7500 series routers, and on Cisco 7000 series routers with the 7000 Series Route Switch Processor (RSP7000) and 7000 Series Chassis Interface (RSP7000CI).

Important Notes

This section contains important information about the use of your Cisco IOS Release 12.0 software.

Deprecated MIBs

Because the older Cisco Management Information Bases (MIBs) do not scale well across Cisco products, they will be replaced in a future release. As an initial step toward this, the OLD-CISCO-* MIBS are being deprecated now. This has no immediate impact on any existing IOS product or NMS application. If you are an application developer, you need to be aware that the following MIBS are going away. You will need to update your applications accordingly.

Deprecated MIB







In Development














(Compilation of other OLD* MIBS)









Posted: Fri Jan 29 12:48:07 PST 1999
Copyright 1989-1999©Cisco Systems Inc.