Cisco Cisco IOS Software Release 12.2(4)B
29
Release Notes for Cisco 6400 for Cisco IOS Release 12.2(4)B3
OL-1650-03
Important Notes
Table 5
Differences Between CIsco IOS Release 12.2(2)B and Cisco IOS Release 12.2(4)B3
Cisco IOS Release 12.2(2)B
Cisco IOS Release 12.2(4)B3
Cisco Express Forwarding (CEF) Configuration Support
You must enable CEF before Service Selection Gateway
(SSG) can be enabled.
(SSG) can be enabled.
You must enable CEF on the router before you can enable SSG
functionality. If CEF is not enabled and you attempt to configure
SSG, the following error message is displayed:
functionality. If CEF is not enabled and you attempt to configure
SSG, the following error message is displayed:
SSG : Please enable ip cef first
You can enable CEF in global configuration mode using the
following command:
following command:
Router(config)# ip cef
However, if required, you can disable CEF at the individual
interface level without affecting SSG.
interface level without affecting SSG.
Data Packet Forwarding
When a data packet is received from a user, SSG checks
in the default network and open garden networks. If the
check fails, the packet is checked and forwarded to the
connected services of the user.
in the default network and open garden networks. If the
check fails, the packet is checked and forwarded to the
connected services of the user.
When a data packet is received from a user, SSG attempts to
forward the packet by doing a longest match in the connected
services of the user. If the packet is not destined for the connected
services, SSG attempts to forward the packet to the configured
default network or open garden networks.
forward the packet by doing a longest match in the connected
services of the user. If the packet is not destined for the connected
services, SSG attempts to forward the packet to the configured
default network or open garden networks.
If the user is connected to an Internet service, SSG checks if the
destination IP address of the packet falls in the default network or
open garden networks. If so, the packet is forwarded to the
respective destination; otherwise, the packet is forwarded to the
Internet service.
destination IP address of the packet falls in the default network or
open garden networks. If so, the packet is forwarded to the
respective destination; otherwise, the packet is forwarded to the
Internet service.
Data Packet Processing Overhead
When SSG is enabled, there is an extra packet processing
overhead for packets from non-SSG interfaces. Every
packet from a non-SSG interface is intercepted and
minimally processed by SSG. This introduces an extra
latency for packets from non-SSG interfaces.
overhead for packets from non-SSG interfaces. Every
packet from a non-SSG interface is intercepted and
minimally processed by SSG. This introduces an extra
latency for packets from non-SSG interfaces.
There is no extra packet processing latency for packets from
non-SSG configured interfaces. Only packets from configured
SSG interfaces are intercepted and processed by SSG.
non-SSG configured interfaces. Only packets from configured
SSG interfaces are intercepted and processed by SSG.
DNS Packet Processing in Open Garden Configuration
Domain Name System (DNS) domain lookup is done first
in the domains configured in the open garden services. If
a match is not found, then DNS domain lookup is done in
the connected services of the user.
in the domains configured in the open garden services. If
a match is not found, then DNS domain lookup is done in
the connected services of the user.
DNS domain lookup is done first in the connected services of the
user. If a match is not found, then DNS domain lookup is done in
the domains configured in the open garden services.
user. If a match is not found, then DNS domain lookup is done in
the domains configured in the open garden services.
DNS Packet Accounting
DNS packets from a client are not accounted in the host
or connection. This may cause erroneous accounting
statistics at the host or connection level.
or connection. This may cause erroneous accounting
statistics at the host or connection level.
DNS packets are treated and accounted as any other data packets.
Host Timestamp Update
The timestamp in the host object is updated only when a
packet from the client is forwarded to a connected service.
If a host is accessing the Cisco Subscriber Edge Services
Manager (SESM) and an idle timeout is configured, the
host may get logged off.
packet from the client is forwarded to a connected service.
If a host is accessing the Cisco Subscriber Edge Services
Manager (SESM) and an idle timeout is configured, the
host may get logged off.
The timestamp is updated for any packet from the client,
preventing an erroneous logoff. The only exception is if the
packet is destined for the SSG router itself, in which case the
timestamp is not updated.
preventing an erroneous logoff. The only exception is if the
packet is destined for the SSG router itself, in which case the
timestamp is not updated.