Примечания к выпуску для Cisco Cisco ONS 15454 SDH Multiservice Provisioning Platform (MSPP)
9
Release Notes for Cisco ONS 15454 SDH Release 4.1.5
OL-6411-01
Caveats
VC4, VC4, VC4, VC4
When configuring scenario 3, the VC4-2c must be provisioned before either of the VC4 circuits.
Multicard EtherSwitch
When deleting and recreating Ethernet circuits that have different sizes, you must delete all VC4 circuits
provisioned to the EtherSwitch before you create the new circuit scenario. (See the preceding
“Single-card EtherSwitch” section on page 6 for details on the proper order of circuit creation.) Enable
front ports so that the VLANs for the ports are carried by the largest circuit first. A safe approach is to
enable the front port before you create any circuits and then retain the front port VLAN assignment
afterwards. If you break the rules when creating a circuit, or if you have to delete circuits and recreate
them again, delete all circuits and start over with the largest first.
provisioned to the EtherSwitch before you create the new circuit scenario. (See the preceding
“Single-card EtherSwitch” section on page 6 for details on the proper order of circuit creation.) Enable
front ports so that the VLANs for the ports are carried by the largest circuit first. A safe approach is to
enable the front port before you create any circuits and then retain the front port VLAN assignment
afterwards. If you break the rules when creating a circuit, or if you have to delete circuits and recreate
them again, delete all circuits and start over with the largest first.
ML-Series
DDTS # CSCed78149, TCP/IP Host-Mode Services
A document that describes how the Internet Control Message Protocol (ICMP) could be used to
perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol
(TCP) has been made publicly available. This document has been published through the Internet
Engineering Task Force (IETF) Internet Draft process, and is entitled “ICMP Attacks Against TCP”
(draft-gont-tcpm-icmp-attacks-03.txt).
perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol
(TCP) has been made publicly available. This document has been published through the Internet
Engineering Task Force (IETF) Internet Draft process, and is entitled “ICMP Attacks Against TCP”
(draft-gont-tcpm-icmp-attacks-03.txt).
These attacks, which only affect sessions terminating or originating on a device itself, can be of
three types:
three types:
1. Attacks that use ICMP “hard” error messages
2. Attacks that use ICMP “fragmentation needed and Don’t Fragment (DF) bit set” messages, also
known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP “source quench” messages
2. Attacks that use ICMP “fragmentation needed and Don’t Fragment (DF) bit set” messages, also
known as Path Maximum Transmission Unit Discovery (PMTUD) attacks
3. Attacks that use ICMP “source quench” messages
Successful attacks may cause connection resets or reduction of throughput in existing connections,
depending on the attack type.
depending on the attack type.
Multiple Cisco products are affected by the attacks described in this Internet draft.
Cisco has made free software available to address these vulnerabilities. In some cases there are
workarounds available to mitigate the effects of the vulnerability.
workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security
Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple
vendors whose products are potentially affected. Its posting can be found at:
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple
vendors whose products are potentially affected. Its posting can be found at:
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
DDTS # CSCeb56287
When an ML-series circuit's state is provisioned from In-Service (IS) to Out-of-Service (OOS), and then
back to IS, data traffic does not recover. To avoid this issue, prior to changing the state from IS, set the
POS port to shut down on the CLI. After the state is changed back to IS from OOS, set the POS port to
“no shutdown.” This issue will be resolved in Release 4.6.
back to IS, data traffic does not recover. To avoid this issue, prior to changing the state from IS, set the
POS port to shut down on the CLI. After the state is changed back to IS from OOS, set the POS port to
“no shutdown.” This issue will be resolved in Release 4.6.